Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: "kj [SBS MVP]" <KevinJ.SBS@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 25 Aug 2009 23:02:46 -0700
Comments at the bottom of the quoted post.
DCHOBO wrote:
DCHOBO wrote:
kj [SBS MVP] wrote:does this assist ?
"... Run the Dcdiag command
line tool to test domain controller health."
Have you done this?
The Exchange error is indicating that Active Directory has become
unresponsive. Look there for the cause first. You should check the
dirctory services event log and the system event logs for errors and
warning in addition to running the dcdiag /c /v command. (post the
results).
DCHOBO wrote:
DCHOBO wrote:
Russ Grover [SBS-MVP] wrote:Hi again,
Clean up your Old DNS entriesOk, I deleted one entry I found which was basically an old
Russ
server's name to the new server's IP.
other then that, it looks clean.
Will see how it goes.
Following the same issues:
I had the error come up again yesterday, so it has been a while. But
same issue. Not sure how to resolve it... Error event logs
below, thanks;
Log Name: Application
Source: MSExchange ADAccess
Date: 18/08/2009 1:36:32 AM
Event ID: 2104
Task Category: Topology
Level: Error
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process STORE.EXE (PID=2100). None of the domain controllers in the
domain are responding. This event can occur if the domain
controllers in local or all domains become unreachable because of
network problems. Use the Ping or PathPing command-line tools to
test network connectivity to local domain controllers. Run the
Dcdiag command line tool to test domain controller health.
Log Name: Application
Source: MSExchange ADAccess
Date: 18/08/2009 1:36:32 AM
Event ID: 2121
Task Category: Topology
Level: Warning
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process STORE.EXE (PID=2100). Exchange Active Directory Provider
found SRV records for domain controllers in domain grdz.local.
The query was for the SRV record for
_ldap._tcp.dc._msdcs.grdz.local The following domain controllers
were identified by the query: alpha.grdz.local
Log Name: Application
Source: MSExchange Autodiscover
Date: 18/08/2009 1:37:23 AM
Event ID: 1
Task Category: Web
Level: Error
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Unhandled Exception "Could not find any available Domain
Controller." Stack Trace: at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType
connectionType, ADObjectId domain, String serverName, Int32 port,
NetworkCredential credential)
at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType
connectionType)
at
Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String
preferredServer, Boolean isWriteOperation, Boolean
isNotifyOperation, ADObjectId& rootId) at
Microsoft.Exchange.Data.Directory.ADNotificationListener.IssueNotificationRequests()
at
Microsoft.Exchange.Data.Directory.ADNotificationListener.ReissueNotificationRequests(Boolean
throwOnFailure)
at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.Rebuild(Boolean
force)
at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnectionFromPool(ConnectionPoolType
connectionPoolType, ADObjectId domain, String serverName, Int32
port, Boolean& serverConnectionPresentButDownOrDisconnected)
at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType
connectionType, ADObjectId domain, String serverName, Int32 port,
NetworkCredential credential)
at
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType
connectionType, NetworkCredential networkCredential, String
serverName, Int32 port)
at
Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String
preferredServer, Boolean isWriteOperation, Boolean
isNotifyOperation, ADObjectId& rootId) at
Microsoft.Exchange.Data.Directory.ADGenericReader.GetNextResultCollection(Type
controlType, DirectoryControl& responseControl)
at
Microsoft.Exchange.Data.Directory.ADPagedReader`1.GetNextResultCollection()
at
Microsoft.Exchange.Data.Directory.ADPagedReader`1.GetNextPage()
at
Microsoft.Exchange.Data.Directory.ADPagedReader`1.<GetEnumerator>d__0.MoveNext()
at
Microsoft.Exchange.Autodiscover.Providers.Outlook.OutlookAutoDiscoverProvider.SimpleConfigCache`2.Freshen(ADSystemConfigurationSession
session)
at
Microsoft.Exchange.Autodiscover.Providers.Outlook.OutlookAutoDiscoverProvider.UpdateCacheCallback(Object
stateInfo)
Log Name: Application
Source: MSExchange ADAccess
Date: 18/08/2009 1:37:32 AM
Event ID: 2102
Task Category: Topology
Level: Error
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process MAD.EXE (PID=2208). All Domain Controller Servers in use
are not responding:
ALPHA.grdz.local
Log Name: Application
Source: MSExchangeSA
Date: 18/08/2009 1:45:45 AM
Event ID: 9385
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Microsoft Exchange System Attendant failed to read the membership
of the universal security group '/dc=local/dc=grdz/ou=Microsoft
Exchange Security Groups/cn=Exchange Servers'; the error code was
'8007203a'. The problem might be that the Microsoft Exchange
System Attendant does not have permission to read the membership
of the group. If this computer is not a member of the group
'/dc=local/dc=grdz/ou=Microsoft Exchange Security
Groups/cn=Exchange Servers', you should manually stop all
Microsoft Exchange services, run the task
'add-ExchangeServerGroupMember,' and then restart all Microsoft
Exchange services. Log Name: Application
Source: MSExchange ADAccess
Date: 18/08/2009 1:46:10 AM
Event ID: 2104
Task Category: Topology
Level: Error
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=668). None of the
domain controllers in the domain are responding. This event can
occur if the domain controllers in local or all domains become
unreachable because of network problems. Use the Ping or PathPing
command-line tools to test network connectivity to local domain
controllers. Run the Dcdiag command line tool to test domain
controller health. Log Name: Application
Source: MSExchange ADAccess
Date: 18/08/2009 1:46:10 AM
Event ID: 2121
Task Category: Topology
Level: Warning
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=668). Exchange Active
Directory Provider found SRV records for domain controllers in
domain grdz.local.
The query was for the SRV record for
_ldap._tcp.dc._msdcs.grdz.local The following domain controllers
were identified by the query: alpha.grdz.local
Common causes of this error include:
- Host (A) records fore each server are missing in DNS or contain
incorrect IP addresses.
- Domain controllers registered in DNS are not connected to the
network or are not running.
For information about correcting this problem, type in the
command line: hh tcpip.chm::/sag_DNS_tro_dcLocator_messageHa.htm
Log Name: Application
Source: MSExchangeFDS
Date: 18/08/2009 1:46:10 AM
Event ID: 1003
Task Category: General
Level: Warning
Keywords: Classic
User: N/A
Computer: ALPHA.grdz.local
Description:
Process MSExchangeFDS.exe (PID=4704). Temporarily unable to
connect to Active Directory to read configuration data for object
OAB (60). Will wait for %5 seconds and retry.
It looks different when the problem occurs, it doesn't even find a
DC to run dcdiag, but anyway, this is a dcdiag when it is running
normally. Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine ALPHA, is a Directory Server.
Home Server = ALPHA
* Connecting to directory service on server ALPHA.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling
ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=GRDZ,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site
Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling
ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=GRDZ,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ALPHA
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Determining IP6 connectivity
* Active Directory RPC Services Check
......................... ALPHA passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ALPHA
Starting test: Advertising
The DC ALPHA is advertising itself as a DC and having a DS.
The DC ALPHA is advertising as an LDAP server
The DC ALPHA is advertising as having a writeable directory
The DC ALPHA is advertising as a Key Distribution Center
The DC ALPHA is advertising as a time server
The DS ALPHA is advertising as a GC.
......................... ALPHA passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... ALPHA passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... ALPHA passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... ALPHA passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the
last 15 minutes.
......................... ALPHA passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
......................... ALPHA passed test
KnowsOfRoleHolders Starting test: MachineAccount
Checking machine account for DC ALPHA on DC ALPHA.
* SPN found :LDAP/ALPHA.GRDZ.local/GRDZ.local
* SPN found :LDAP/ALPHA.GRDZ.local
* SPN found :LDAP/ALPHA
* SPN found :LDAP/ALPHA.GRDZ.local/GRDZ
* SPN found
LDAP/c4ef1ab2-cd2c-4044-8577-63a604d3f5f3._msdcs.GRDZ.local* SPN found
E3514235-4B06-11D1-AB04-00C04FC2DCD2/c4ef1ab2-cd2c-4044-8577-63a604d3f5f3/GRDZ.local
* SPN found :HOST/ALPHA.GRDZ.local/GRDZ.local
* SPN found :HOST/ALPHA.GRDZ.local
* SPN found :HOST/ALPHA
* SPN found :HOST/ALPHA.GRDZ.local/GRDZ
* SPN found :GC/ALPHA.GRDZ.local/GRDZ.local
......................... ALPHA passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC ALPHA.
* Security Permissions Check for
DC=ForestDnsZones,DC=GRDZ,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=GRDZ,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=GRDZ,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=GRDZ,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=GRDZ,DC=local
(Domain,Version 3)
......................... ALPHA passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\ALPHA\netlogon
Verified share \\ALPHA\sysvol
[ALPHA] User credentials does not have permission to
perform this operation.
The account used for this test must have network logon
privileges for this machine's domain.
......................... ALPHA failed test NetLogons
Starting test: ObjectsReplicated
ALPHA is in domain DC=GRDZ,DC=local
Checking for CN=ALPHA,OU=Domain
Controllers,DC=GRDZ,DC=local in domain DC=GRDZ,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
in domain CN=Configuration,DC=GRDZ,DC=local on 1 servers
Object is up-to-date on all servers.
......................... ALPHA passed test
ObjectsReplicated Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
[Replications Check,ALPHA] DsReplicaGetInfo(PENDING_OPS,
NULL) failed,
error 0x2105 "Win32 Error 8453"
......................... ALPHA failed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 1614 to 1073741823
* ALPHA.GRDZ.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1114 to 1613
* rIDPreviousAllocationPool is 1114 to 1613
* rIDNextRID: 1276
......................... ALPHA passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
Could not open NTDS Service on ALPHA, error 0x5 "Win32
Error 5" * Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... ALPHA failed test Services
Starting test: SystemLog
* The System Event log test
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:19
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Warning Event occurred. EventID: 0x00000016
Time Generated: 07/31/2009 08:07:28
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
......................... ALPHA failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=ALPHA,OU=Domain Controllers,DC=GRDZ,DC=local and
backlink on
CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
are correct.
The system object reference (serverReferenceBL)
CN=ALPHA,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=GRDZ,DC=local
and backlink on
CN=NTDS
Settings,CN=ALPHA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=GRDZ,DC=local
are correct.
......................... ALPHA passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Running partition tests on : GRDZ
Starting test: CheckSDRefDom
......................... GRDZ passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... GRDZ passed test
CrossRefValidation Running enterprise tests on : GRDZ.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\ALPHA.GRDZ.local
Locator Flags: 0xe00013fd
PDC Name: \\ALPHA.GRDZ.local
Locator Flags: 0xe00013fd
Time Server Name: \\ALPHA.GRDZ.local
Locator Flags: 0xe00013fd
Preferred Time Server Name: \\ALPHA.GRDZ.local
Locator Flags: 0xe00013fd
KDC Name: \\ALPHA.GRDZ.local
Locator Flags: 0xe00013fd
......................... GRDZ.local passed test
LocatorCheck Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside
the scope
provided by the command line arguments provided.
......................... GRDZ.local passed test Intersite
============================
So, the following sections failed the tests;
......................... ALPHA failed test NetLogons
......................... ALPHA failed test SystemLog
......................... ALPHA failed test Services
Of these, the failed services (NTDS) would be the place I'd begin to look.
If the even log services is running (and working), then I'd expect to find
errors in the directory service event log and the system event logs. You
should also look at the DNS event logs.
* Network Logons Privileges Check
Verified share \\ALPHA\netlogon
Verified share \\ALPHA\sysvol
[ALPHA] User credentials does not have permission to
perform this operation.
The account used for this test must have network logon
privileges for this machine's domain.
......................... ALPHA failed test NetLogons
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
Could not open NTDS Service on ALPHA, error 0x5 "Win32
Error 5" * Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... ALPHA failed test Services
Starting test: SystemLog
* The System Event log test
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000457
Time Generated: 07/31/2009 08:07:19
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
An Warning Event occurred. EventID: 0x00000016
Time Generated: 07/31/2009 08:07:28
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be
retrieved, error
0x3afc)
......................... ALPHA failed test SystemLog
--
/kj
.
- References:
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: kj [SBS MVP]
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- From: DCHOBO
- Re: What are the best general things to do after a dirty shutdown (Server SBS)
- Prev by Date: Re: Server Infrastructure Licensing Error SBS2008
- Next by Date: Re: SBS 2003 Exchanger Server MAilbox Limits
- Previous by thread: Re: What are the best general things to do after a dirty shutdown (Server SBS)
- Next by thread: Re: What are the best general things to do after a dirty shutdown (Server SBS)
- Index(es):
Relevant Pages
|
Loading
