Re: SBS 2003 and Replication Errors with Remote DC
- From: "Ken Sheppard" <ksheppard31@xxxxxxxxxxx>
- Date: Sat, 12 Apr 2008 15:55:00 -0400
I have setup the primary DNS on the alpha server to point DNS to my SBS server. Should I also point my forwarders on alpha to sbs or keep it pointing to my ISP DNS?
Ken
"kj [SBS MVP]" <KevinJ.SBS@xxxxxxxxxxxxxxxxxx> wrote in message news:eu9SmBNnIHA.3532@xxxxxxxxxxxxxxxxxxxxxxx
Ken Sheppard wrote:KJ, thanks for your reply. Here's the dcdiag output that you
requested. I just promoted the remote DC last week, so I still have time to solve
the replication issues.
Thanks.
Ken
Event String: All domain controllers in the following site
that can replicate the directory partition over this
transport are currently unavailable.
Site:
CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Or, one or more domaincontrollers with this directory partition are
unable to replicate the directory partition
information. This is probably due to inaccessible
domain controllers.
I havesetup DNS on the remote office and created a new site, subnets,
DNS should be setup as AD integrated and replicated. You should need to do nothing more than install DNS and that should be done before dcpromo.
DNS servers:
192.168.1.2 (<name unavailable>) [Valid]
192.168.16.2 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was
found The Active Directory zone on this DC/DNS
server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Invalid]
So, either fixup the alpha site dns or point it to use the SBS dns server and allow replication to complete (including the DNS forest and domain zones) before pointing it back to using itself for DNS.
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine alpha, is a DC.
* Connecting to directory service on server alpha.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 3 DC(s). Testing 3 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SBS
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SBS passed test Connectivity
Testing server: Default-First-Site-Name\BDC
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... BDC passed test Connectivity
Testing server: Alpharetta\ALPHA
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... ALPHA passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SBS
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
Site
CN=NTDS Site
Settings,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
was skipped because it never had an ISTG running in it.
......................... SBS passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=homrich-berg,DC=local. * Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... SBS passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... SBS passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SBS.
* Security Permissions Check for
DC=ForestDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=homrich-berg,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=homrich-berg,DC=local
(Domain,Version 2)
......................... SBS passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\SBS\netlogon
Verified share \\SBS\sysvol
......................... SBS passed test NetLogons
Starting test: Advertising
The DC SBS is advertising itself as a DC and having a DS.
The DC SBS is advertising as an LDAP server
The DC SBS is advertising as having a writeable directory
The DC SBS is advertising as a Key Distribution Center
The DC SBS is advertising as a time server
The DS SBS is advertising as a GC.
......................... SBS passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
......................... SBS passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4606 to 1073741823
* sbs.homrich-berg.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3606 to 4105
* rIDPreviousAllocationPool is 3606 to 4105
* rIDNextRID: 3781
......................... SBS passed test RidManager
Starting test: MachineAccount
Checking machine account for DC SBS on DC SBS.
* SPN found :LDAP/sbs.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/sbs.homrich-berg.local
* SPN found :LDAP/SBS
* SPN found :LDAP/sbs.homrich-berg.local/HB
* SPN foundLDAP/deb39f46-0dc8-4e38-b87e-ec5594766894._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/deb39f46-0dc8-4e38-b87e-ec5594766894/homrich-berg.local* SPN found :HOST/sbs.homrich-berg.local/homrich-berg.local
* SPN found :HOST/sbs.homrich-berg.local
* SPN found :HOST/SBS
* SPN found :HOST/sbs.homrich-berg.local/HB
* SPN found :GC/sbs.homrich-berg.local/homrich-berg.local
......................... SBS passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SBS passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... SBS passed test
OutboundSecureChannels Starting test: ObjectsReplicated
SBS is in domain DC=homrich-berg,DC=local
Checking for CN=SBS,OU=Domain
Controllers,DC=homrich-berg,DC=local in domain DC=homrich-berg,DC=local on 3 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
in domain CN=Configuration,DC=homrich-berg,DC=local on 3 servers
Object is up-to-date on all servers.
......................... SBS passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... SBS passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... SBS passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x8000061E
Time Generated: 04/12/2008 10:34:34
Event String: All domain controllers in the following site
that can replicate the directory partition over this
transport are currently unavailable.
Site:
CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Directory partition:
DC=homrich-berg,DC=local
Transport:
CN=IP,CN=Inter-Site
Transports,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
An Error Event occured. EventID: 0xC000051F
Time Generated: 04/12/2008 10:34:34
Event String: The Knowledge Consistency Checker (KCC) has
detected problems with the following directory
partition.
Directory partition:
DC=homrich-berg,DC=local
There is insufficient site connectivity
information in Active Directory Sites and
Services for the KCC to create a spanning tree
replication topology. Or, one or more domain
controllers with this directory partition are
unable to replicate the directory partition
information. This is probably due to inaccessible
domain controllers.
User Action
Use Active Directory Sites and Services to
perform one of the following actions:
- Publish sufficient site connectivity
information so that the KCC can determine a route
by which this directory partition can reach this
site. This is the preferred option.
- Add a Connection object to a domain controller
that contains the directory partition in this
site from a domain controller that contains the
same directory partition in another site.
If neither of the Active Directory Sites and
Services tasks correct this condition, see
previous events logged by the KCC that identify
the inaccessible domain controllers.
An Warning Event occured. EventID: 0x80000749
Time Generated: 04/12/2008 10:34:34
Event String: The Knowledge Consistency Checker (KCC) was
unable to form a complete spanning tree network
topology. As a result, the following list of
sites cannot be reached from the local site.
Sites:
CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
An Warning Event occured. EventID: 0x8000061E
Time Generated: 04/12/2008 10:34:34
Event String: All domain controllers in the following site
that can replicate the directory partition over this
transport are currently unavailable.
Site:
CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Directory partition:
CN=Configuration,DC=homrich-berg,DC=local
Transport:
CN=IP,CN=Inter-Site
Transports,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
An Error Event occured. EventID: 0xC000051F
Time Generated: 04/12/2008 10:34:34
Event String: The Knowledge Consistency Checker (KCC) has
detected problems with the following directory
partition.
Directory partition:
CN=Configuration,DC=homrich-berg,DC=local
There is insufficient site connectivity
information in Active Directory Sites and
Services for the KCC to create a spanning tree
replication topology. Or, one or more domain
controllers with this directory partition are
unable to replicate the directory partition
information. This is probably due to inaccessible
domain controllers.
User Action
Use Active Directory Sites and Services to
perform one of the following actions:
- Publish sufficient site connectivity
information so that the KCC can determine a route
by which this directory partition can reach this
site. This is the preferred option.
- Add a Connection object to a domain controller
that contains the directory partition in this
site from a domain controller that contains the
same directory partition in another site.
If neither of the Active Directory Sites and
Services tasks correct this condition, see
previous events logged by the KCC that identify
the inaccessible domain controllers.
An Warning Event occured. EventID: 0x80000749
Time Generated: 04/12/2008 10:34:34
Event String: The Knowledge Consistency Checker (KCC) was
unable to form a complete spanning tree network
topology. As a result, the following list of
sites cannot be reached from the local site.
Sites:
CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/12/2008 10:34:55
Event String: The attempt to establish a replication link
for the following writable directory partition
failed.
Directory partition:
DC=homrich-berg,DC=local
Source domain controller:
CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Source domain controller address:
bc3a5606-08db-44ab-916b-e4775c58a550._msdcs.homrich-berg.local
Intersite transport (if any):
CN=IP,CN=Inter-Site
Transports,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.
User Action
Verify if the source domain controller is
accessible or network connectivity is available.
Additional Data
Error value:
1722 The RPC server is unavailable.
......................... SBS failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... SBS passed test systemlog
Starting test: VerifyReplicas
......................... SBS passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=SBS,OU=Domain Controllers,DC=homrich-berg,DC=local and
backlink on
CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct. The system object reference
(frsComputerReferenceBL) CN=SBS,CN=Domain System Volume (SYSVOL
share),CN=File Replication Service,CN=System,DC=homrich-berg,DC=local
and backlink on CN=SBS,OU=Domain Controllers,DC=homrich-berg,DC=local
are correct.
The system object reference (serverReferenceBL)
CN=SBS,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
and backlink on
CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct.
......................... SBS passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various
important DN
references. Note, that these problems can be reported
because of latency in replication. So follow up to resolve
the following problems, only if the same problem is reported
on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object:
CN=ALPHA,OU=Domain Controllers,DC=homrich-berg,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[2] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: frsComputerReference
Value Object Description: "DC Account Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article: Q312862
[3] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: serverReference
Value Object Description: "DSA Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article Q312862
......................... SBS failed test
VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC BDC for domain homrich-berg.local in site
Default-First-Site-Name
Checking machine account for DC SBS on DC BDC.
* SPN found :LDAP/sbs.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/sbs.homrich-berg.local
* SPN found :LDAP/SBS
* SPN found :LDAP/sbs.homrich-berg.local/HB
* SPN found
LDAP/deb39f46-0dc8-4e38-b87e-ec5594766894._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/deb39f46-0dc8-4e38-b87e-ec5594766894/homrich-berg.local* SPN found :HOST/sbs.homrich-berg.local/homrich-berg.local
* SPN found :HOST/sbs.homrich-berg.local
* SPN found :HOST/SBS
* SPN found :HOST/sbs.homrich-berg.local/HB
* SPN found :GC/sbs.homrich-berg.local/homrich-berg.local
Checking for CN=SBS,OU=Domain
Controllers,DC=homrich-berg,DC=local in domain DC=homrich-berg,DC=local on 2 servers
Object is up-to-date on all servers.
[SBS] No security related replication errors were found on
this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... SBS passed test CheckSecurityError
Testing server: Default-First-Site-Name\BDC
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
Site
CN=NTDS Site
Settings,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
was skipped because it never had an ISTG running in it.
......................... BDC passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=homrich-berg,DC=local. * Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... BDC passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... BDC passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC BDC.
* Security Permissions Check for
DC=ForestDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=homrich-berg,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=homrich-berg,DC=local
(Domain,Version 2)
......................... BDC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\BDC\netlogon
Verified share \\BDC\sysvol
......................... BDC passed test NetLogons
Starting test: Advertising
The DC BDC is advertising itself as a DC and having a DS.
The DC BDC is advertising as an LDAP server
The DC BDC is advertising as having a writeable directory
The DC BDC is advertising as a Key Distribution Center
The DC BDC is advertising as a time server
The DS BDC is advertising as a GC.
......................... BDC passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
......................... BDC passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4606 to 1073741823
* sbs.homrich-berg.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 2606 to 3105
* rIDPreviousAllocationPool is 2606 to 3105
* rIDNextRID: 2698
......................... BDC passed test RidManager
Starting test: MachineAccount
Checking machine account for DC BDC on DC BDC.
* SPN found :LDAP/BDC.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/BDC.homrich-berg.local
* SPN found :LDAP/BDC
* SPN found :LDAP/BDC.homrich-berg.local/HB
* SPN foundLDAP/766fe7e3-d65c-44d3-9a9c-83f4c7ee4fc5._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/766fe7e3-d65c-44d3-9a9c-83f4c7ee4fc5/homrich-berg.local* SPN found :HOST/BDC.homrich-berg.local/homrich-berg.local
* SPN found :HOST/BDC.homrich-berg.local
* SPN found :HOST/BDC
* SPN found :HOST/BDC.homrich-berg.local/HB
* SPN found :GC/BDC.homrich-berg.local/homrich-berg.local
......................... BDC passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... BDC passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... BDC passed test
OutboundSecureChannels Starting test: ObjectsReplicated
BDC is in domain DC=homrich-berg,DC=local
Checking for CN=BDC,OU=Domain
Controllers,DC=homrich-berg,DC=local in domain DC=homrich-berg,DC=local on 3 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
in domain CN=Configuration,DC=homrich-berg,DC=local on 3 servers
Object is up-to-date on all servers.
......................... BDC passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... BDC passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... BDC passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the
last 15 minutes.
......................... BDC passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... BDC passed test systemlog
Starting test: VerifyReplicas
......................... BDC passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=BDC,OU=Domain Controllers,DC=homrich-berg,DC=local and
backlink on
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct. The system object reference
(frsComputerReferenceBL) CN=BDC,CN=Domain System Volume (SYSVOL
share),CN=File Replication Service,CN=System,DC=homrich-berg,DC=local
and backlink on CN=BDC,OU=Domain Controllers,DC=homrich-berg,DC=local
are correct.
The system object reference (serverReferenceBL)
CN=BDC,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
and backlink on
CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct.
......................... BDC passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various
important DN
references. Note, that these problems can be reported
because of latency in replication. So follow up to resolve
the following problems, only if the same problem is reported
on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object:
CN=ALPHA,OU=Domain Controllers,DC=homrich-berg,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[2] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: frsComputerReference
Value Object Description: "DC Account Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article: Q312862
[3] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: serverReference
Value Object Description: "DSA Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article Q312862
......................... BDC failed test
VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC BDC for domain homrich-berg.local in site
Default-First-Site-Name
Checking machine account for DC BDC on DC BDC.
* SPN found :LDAP/BDC.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/BDC.homrich-berg.local
* SPN found :LDAP/BDC
* SPN found :LDAP/BDC.homrich-berg.local/HB
* SPN found
LDAP/766fe7e3-d65c-44d3-9a9c-83f4c7ee4fc5._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/766fe7e3-d65c-44d3-9a9c-83f4c7ee4fc5/homrich-berg.local* SPN found :HOST/BDC.homrich-berg.local/homrich-berg.local
* SPN found :HOST/BDC.homrich-berg.local
* SPN found :HOST/BDC
* SPN found :HOST/BDC.homrich-berg.local/HB
* SPN found :GC/BDC.homrich-berg.local/homrich-berg.local
[BDC] No security related replication errors were found on
this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... BDC passed test CheckSecurityError
Testing server: Alpharetta\ALPHA
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
DC=homrich-berg,DC=local
Latency information for 1 entries in the vector were
ignored. 1 were retired Invocations. 0 were either:
read-only replicas and are not verifiably latent, or dc's no longer replicating
this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... ALPHA passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=homrich-berg,DC=local. * Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... ALPHA passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
DC=ForestDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=DomainDnsZones,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=homrich-berg,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... ALPHA passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC ALPHA.
* Security Permissions Check for
DC=ForestDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=homrich-berg,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=homrich-berg,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=homrich-berg,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=homrich-berg,DC=local
(Domain,Version 2)
......................... ALPHA passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\ALPHA\netlogon
Verified share \\ALPHA\sysvol
......................... ALPHA passed test NetLogons
Starting test: Advertising
The DC ALPHA is advertising itself as a DC and having a DS.
The DC ALPHA is advertising as an LDAP server
The DC ALPHA is advertising as having a writeable directory
The DC ALPHA is advertising as a Key Distribution Center
The DC ALPHA is advertising as a time server
The DS ALPHA is advertising as a GC.
......................... ALPHA passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=SBS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
......................... ALPHA passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4606 to 1073741823
* sbs.homrich-berg.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 4106 to 4605
* rIDPreviousAllocationPool is 4106 to 4605
* rIDNextRID: 4107
......................... ALPHA passed test RidManager
Starting test: MachineAccount
Checking machine account for DC ALPHA on DC ALPHA.
* SPN found :LDAP/alpha.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/alpha.homrich-berg.local
* SPN found :LDAP/ALPHA
* SPN found :LDAP/alpha.homrich-berg.local/HB
* SPN foundLDAP/bc3a5606-08db-44ab-916b-e4775c58a550._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/bc3a5606-08db-44ab-916b-e4775c58a550/homrich-berg.local* SPN found :HOST/alpha.homrich-berg.local/homrich-berg.local
* SPN found :HOST/alpha.homrich-berg.local
* SPN found :HOST/ALPHA
* SPN found :HOST/alpha.homrich-berg.local/HB
* SPN found :GC/alpha.homrich-berg.local/homrich-berg.local
......................... ALPHA passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... ALPHA passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... ALPHA passed test
OutboundSecureChannels Starting test: ObjectsReplicated
ALPHA is in domain DC=homrich-berg,DC=local
Checking for CN=ALPHA,OU=Domain
Controllers,DC=homrich-berg,DC=local in domain
DC=homrich-berg,DC=local on 3 servers
Authoritative attribute nTSecurityDescriptor on ALPHA
(writeable)
usnLocalChange = 16386
LastOriginatingDsa = ALPHA
usnOriginatingChange = 16386
timeLastOriginatingChange = 2008-04-08 16:35:54
VersionLastOriginatingChange = 2
Out-of-date attribute nTSecurityDescriptor on BDC
(writeable) usnLocalChange = 1872820
LastOriginatingDsa = BDC
usnOriginatingChange = 1872820
timeLastOriginatingChange = 2008-04-08 16:24:18
VersionLastOriginatingChange = 1
Out-of-date attribute nTSecurityDescriptor on SBS
(writeable) usnLocalChange = 8449225
LastOriginatingDsa = BDC
usnOriginatingChange = 1872820
timeLastOriginatingChange = 2008-04-08 16:24:18
VersionLastOriginatingChange = 1
Authoritative attribute servicePrincipalName on ALPHA
(writeable)
usnLocalChange = 16489
LastOriginatingDsa = ALPHA
usnOriginatingChange = 16489
timeLastOriginatingChange = 2008-04-08 17:20:53
VersionLastOriginatingChange = 8
Out-of-date attribute servicePrincipalName on BDC
(writeable) usnLocalChange = 1872842
LastOriginatingDsa = BDC
usnOriginatingChange = 1872842
timeLastOriginatingChange = 2008-04-08 16:25:46
VersionLastOriginatingChange = 2
Out-of-date attribute servicePrincipalName on SBS
(writeable) usnLocalChange = 8449246
LastOriginatingDsa = BDC
usnOriginatingChange = 1872842
timeLastOriginatingChange = 2008-04-08 16:25:46
VersionLastOriginatingChange = 2
Checking for CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
in domain CN=Configuration,DC=homrich-berg,DC=local on 3 servers
Authoritative attribute msDS-hasMasterNCs on ALPHA
(writeable) usnLocalChange = 16534
LastOriginatingDsa = ALPHA
usnOriginatingChange = 16534
timeLastOriginatingChange = 2008-04-08 17:23:19
VersionLastOriginatingChange = 11
Out-of-date attribute msDS-hasMasterNCs on BDC (writeable)
usnLocalChange = 1872841
LastOriginatingDsa = BDC
usnOriginatingChange = 1872841
timeLastOriginatingChange = 2008-04-08 16:25:46
VersionLastOriginatingChange = 1
Out-of-date attribute msDS-hasMasterNCs on SBS (writeable)
usnLocalChange = 8449250
LastOriginatingDsa = BDC
usnOriginatingChange = 1872841
timeLastOriginatingChange = 2008-04-08 16:25:46
VersionLastOriginatingChange = 1
......................... ALPHA failed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... ALPHA passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/11/2008 11:02:29
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/11/2008 17:17:32
(Event String could not be retrieved)
......................... ALPHA failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the
last 15 minutes.
......................... ALPHA passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/12/2008 10:35:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/12/2008 10:35:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/12/2008 10:35:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/12/2008 10:35:36
(Event String could not be retrieved)
......................... ALPHA failed test systemlog
Starting test: VerifyReplicas
......................... ALPHA passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=ALPHA,OU=Domain Controllers,DC=homrich-berg,DC=local and
backlink
on
CN=ALPHA,CN=Servers,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct. The system object reference
(frsComputerReferenceBL) CN=ALPHA,CN=Domain System Volume
(SYSVOL share),CN=File Replication
Service,CN=System,DC=homrich-berg,DC=local and backlink on
CN=ALPHA,OU=Domain Controllers,DC=homrich-berg,DC=local are correct.
The system object reference (serverReferenceBL)
CN=ALPHA,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
and backlink on
CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Alpharetta,CN=Sites,CN=Configuration,DC=homrich-berg,DC=local
are correct.
......................... ALPHA passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various
important DN
references. Note, that these problems can be reported
because of latency in replication. So follow up to resolve
the following problems, only if the same problem is reported
on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: frsComputerReference
Value Object Description: "DC Account Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article: Q312862
[2] Problem: Missing Expected Value
Base Object:
CN=CDRP,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=homrich-berg,DC=local
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: serverReference
Value Object Description: "DSA Object"
Recommended Action: Check if this server is deleted, and
if so clean up this DCs SYSVOL FRS Member Object. Also
see Knowledge Base Article Q312862
......................... ALPHA failed test
VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC ALPHA for domain homrich-berg.local in site
Alpharetta Checking machine account for DC ALPHA on DC ALPHA.
* SPN found :LDAP/alpha.homrich-berg.local/homrich-berg.local
* SPN found :LDAP/alpha.homrich-berg.local
* SPN found :LDAP/ALPHA
* SPN found :LDAP/alpha.homrich-berg.local/HB
* SPN found
LDAP/bc3a5606-08db-44ab-916b-e4775c58a550._msdcs.homrich-berg.local* SPN foundE3514235-4B06-11D1-AB04-00C04FC2DCD2/bc3a5606-08db-44ab-916b-e4775c58a550/homrich-berg.local* SPN found :HOST/alpha.homrich-berg.local/homrich-berg.local
* SPN found :HOST/alpha.homrich-berg.local
* SPN found :HOST/ALPHA
* SPN found :HOST/alpha.homrich-berg.local/HB
* SPN found :GC/alpha.homrich-berg.local/homrich-berg.local
[ALPHA] No security related replication errors were found on
this DC! To target the connection to a specific source DC use
/ReplSource:<DC>. ......................... ALPHA passed test
CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : homrich-berg
Starting test: CrossRefValidation
......................... homrich-berg passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... homrich-berg passed test
CheckSDRefDom
Running enterprise tests on : homrich-berg.local
Starting test: Intersite
Doing intersite inbound replication test on site Alpharetta:
Locating & Contacting Intersite Topology Generator (ISTG)
... The ISTG for site Alpharetta is: ALPHA.
Checking for down bridgeheads ...
Bridghead Default-First-Site-Name\SBS is up and
replicating fine.
Bridghead Alpharetta\ALPHA is up and replicating fine.
Doing in depth site analysis ...
All expected sites and bridgeheads are replicating into
site Alpharetta.
Doing intersite inbound replication test on site
Default-First-Site-Name:
Locating & Contacting Intersite Topology Generator (ISTG)
... The ISTG for site Default-First-Site-Name is: SBS.
Checking for down bridgeheads ...
*Warning: Remote bridgehead Alpharetta\ALPHA is not
eligible as
a bridgehead due to too many failures. Replication may
be disrupted into the local site
Default-First-Site-Name. Bridghead
Default-First-Site-Name\SBS is up and replicating fine.
Doing in depth site analysis ...
Remote site Alpharetta is replicating to the local site
Default-First-Site-Name the writeable NC ForestDnsZones
correctly.
Remote site Alpharetta is replicating to the local site
Default-First-Site-Name the writeable NC DomainDnsZones
correctly.
Remote site Alpharetta is replicating to the local site
Default-First-Site-Name the writeable NC Schema
correctly. Remote site Alpharetta is replicating to the
local site Default-First-Site-Name the writeable NC
Configuration correctly.
Remote site Alpharetta is replicating to the local site
Default-First-Site-Name the writeable NC homrich-berg
correctly.
......................... homrich-berg.local passed test
Intersite Starting test: FsmoCheck
GC Name: \\alpha.homrich-berg.local
Locator Flags: 0xe00001fc
PDC Name: \\sbs.homrich-berg.local
Locator Flags: 0xe000017d
Time Server Name: \\alpha.homrich-berg.local
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\alpha.homrich-berg.local
Locator Flags: 0xe00001fc
KDC Name: \\alpha.homrich-berg.local
Locator Flags: 0xe00001fc
......................... homrich-berg.local passed test
FsmoCheck Starting test: DNS
Test results for domain controllers:
DC: sbs.homrich-berg.local
Domain: homrich-berg.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Error: No WMI connectivity
[Error details: 0x800706ba (Type: HRESULT - Facility:
Win32, Description: The RPC server is unavailable.) - Connection to
WMI server failed]
DC: BDC.homrich-berg.local
Domain: homrich-berg.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Error: No WMI connectivity
[Error details: 0x800706ba (Type: HRESULT - Facility:
Win32, Description: The RPC server is unavailable.) - Connection to
WMI server failed]
DC: alpha.homrich-berg.local
Domain: homrich-berg.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard
Edition (Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Broadcom NetXtreme 57xx Gigabit
Controller:
MAC address is 00:11:43:B3:74:5D
IP address is static
IP address: 192.168.1.2
DNS servers:
192.168.1.2 (<name unavailable>) [Valid]
192.168.16.2 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was
found The Active Directory zone on this DC/DNS
server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Invalid]
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Invalid]
Name: b.root-servers.net. IP: 192.228.79.201
[Invalid] Name: c.root-servers.net. IP:
192.33.4.12 [Invalid] Name: d.root-servers.net.
IP: 128.8.10.90 [Invalid] Name:
e.root-servers.net. IP: 192.203.230.10 [Invalid]
Name: f.root-servers.net. IP: 192.5.5.241
[Invalid] Name: g.root-servers.net. IP:
192.112.36.4 [Invalid] Name: h.root-servers.net.
IP: 128.63.2.53 [Invalid] Name:
i.root-servers.net. IP: 192.36.148.17 [Invalid]
Name: j.root-servers.net. IP: 192.58.128.30
[Invalid] Name: k.root-servers.net. IP:
193.0.14.129 [Invalid] Name: l.root-servers.net. IP: 198.32.64.12
[Invalid] Name: m.root-servers.net. IP: 202.12.27.33 [Invalid]
TEST: Delegations (Del)
No delegations were found in this zone on this DNS
server
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone
homrich-berg.local. Test record _dcdiag_test_record
added successfully in zone homrich-berg.local.
Test record _dcdiag_test_record deleted successfully
in zone homrich-berg.local.
TEST: Records registration (RReg)
Network Adapter [00000007] Broadcom NetXtreme 57xx
Gigabit Controller:
Matching A record found at DNS server 192.168.1.2:
alpha.homrich-berg.local
Matching CNAME record found at DNS server
192.168.1.2:
bc3a5606-08db-44ab-916b-e4775c58a550._msdcs.homrich-berg.local
Matching DC SRV record found at DNS server
192.168.1.2:
_ldap._tcp.dc._msdcs.homrich-berg.local
Matching GC SRV record found at DNS server
192.168.1.2:
_ldap._tcp.gc._msdcs.homrich-berg.local
Summary of test results for DNS servers used by the above
domain controllers:
DNS server: 128.63.2.53 (h.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.112.36.4 (g.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4
[Error details: 9002 (Type: Win32 - Description: DNS
server failure.)]
DNS server: 192.168.1.1 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.168.1.1
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.203.230.10 (e.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.228.79.201 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.228.79.201
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.33.4.12 (c.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.36.148.17 (i.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.5.5.241 (f.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.58.128.30 (j.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30
[Error details: 9002 (Type: Win32 - Description: DNS
server failure.)]
DNS server: 193.0.14.129 (k.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 198.41.0.4 (a.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 202.12.27.33 (m.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33
[Error details: 9003 (Type: Win32 - Description: DNS
name does not exist.)]
DNS server: 192.168.1.2 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.
Name resolution is funtional. _ldap._tcp SRV record for
the forest root domain is registered
DNS server: 192.168.16.2 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.
Name resolution is funtional. _ldap._tcp SRV record for
the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: homrich-berg.local sbs PASS FAIL n/a
n/a n/a n/a n/a
BDC PASS FAIL n/a n/a n/a n/a n/a
alpha PASS PASS FAIL PASS PASS
PASS n/a
......................... homrich-berg.local failed test DNS
"kj [SBS MVP]" <KevinJ.SBS@xxxxxxxxxxxxxxxxxx> wrote in message
news:uYgZ5YFnIHA.484@xxxxxxxxxxxxxxxxxxxxxxx
shepcon wrote:I'm running SBS 2003 Premium w/SP1 (not R2). I have created a
remote branch office DC running Windows 2003 Standard. The sites
are linked with a hardware VPN alliance at the remote site back to
my SBS with ISA. The remote site is using 192.168.1.* and the SBS
is running the standard 192.168.16.*. When I promoted the remote
server using DC promo, everything went fine and I rebooted. I have
setup DNS on the remote office and created a new site, subnets,
intersite messaging and reverse DNS at the main site in SBS. I can
ping successfully in both directions.
The problem I'm having now is that it doesn't appear that
replication is occuring on the changes that I'm making to AD Users
and Computers in the branch office. DCPROMO did create the
<automatically generated> links between my three DCs (SBS and
another W2003 server in my main office and my remote W2003 server).
However, the branch office DC replicates with the additional DC in
my main office and not my SBS, which was set this way by DCPROMO. The standard DC shares were created by DCPROMO like SYSVOL and
NETLOGON. I'm currently getting NTDS KCC 1272 entries in my Event Viewer that
state "The following directory partition is no longer replicated
from the source domain controller..."
Any help at resolving these replication issues would be greatly
appreciated. I did use Marina Roos' documents on the branch office
server setups, which was quite helpful.
Thanks.
Ken
start with a dcdiag /c /e /v
post the complete output and we'll go from there.
urgency may also be an issue, how long has it not been replicating?
--
/kj
--
/kj
.
- Follow-Ups:
- Re: SBS 2003 and Replication Errors with Remote DC
- From: kj [SBS MVP]
- Re: SBS 2003 and Replication Errors with Remote DC
- References:
- SBS 2003 and Replication Errors with Remote DC
- From: shepcon
- Re: SBS 2003 and Replication Errors with Remote DC
- From: kj [SBS MVP]
- Re: SBS 2003 and Replication Errors with Remote DC
- From: Ken Sheppard
- Re: SBS 2003 and Replication Errors with Remote DC
- From: kj [SBS MVP]
- SBS 2003 and Replication Errors with Remote DC
- Prev by Date: RE: Legacy audio driver: which sound cards can support?
- Next by Date: Re: SBS 2003 and Replication Errors with Remote DC
- Previous by thread: Re: SBS 2003 and Replication Errors with Remote DC
- Next by thread: Re: SBS 2003 and Replication Errors with Remote DC
- Index(es):
Relevant Pages
|
