2003 server is having GC issues after joined to a domain
a 2000 server original dc. put in 2003. has been moved on including fsmo roles. created gc on 2003. if shutdown 2000 server cannot join computers domain. did dcdiag , there couple errors. 1 there no gc detected. have checked dns , srv records there. here dcdiag , ipconfigs of both servers. suggestions appreciated. thing have found haven't tried deleting replication entries. if not able put 2000server online (which has working gc).
domain controller diagnosis
performing initial setup:
* verifying local machine 2003server, dc.
* connecting directory service on server 2003server.
* collecting site info.
* identifying servers.
* identifying nc cross-refs.
* found 2 dc(s). testing 1 of them.
done gathering initial info.
doing initial required tests
testing server: default-first-site-name\2003server
starting test: connectivity
* active directory ldap services check
* active directory rpc services check
......................... 2003server passed test connectivity
doing primary tests
testing server: default-first-site-name\2003server
starting test: replications
* replications check
* replication latency check
* replication site latency check
......................... 2003server passed test replications
test omitted user request: topology
test omitted user request: cutoffservers
starting test: ncsecdesc
* security permissions check nc's on dc 2003server.
* security permissions check for
dc=forestdnszones,dc=domain,dc=local
(ndnc,version 2)
* security permissions check for
dc=domaindnszones,dc=domain,dc=local
(ndnc,version 2)
* security permissions check for
cn=schema,cn=configuration,dc=domain,dc=local
(schema,version 2)
* security permissions check for
cn=configuration,dc=domain,dc=local
(configuration,version 2)
* security permissions check for
dc=domain,dc=local
(domain,version 2)
......................... 2003server passed test ncsecdesc
starting test: netlogons
* network logons privileges check
unable connect netlogon share! (\\2003server\netlogon)
[2003server] net use or lsapolicy operation failed error 1203, no network provider accepted given network path..
......................... 2003server failed test netlogons
starting test: advertising
warning: dsgetdcname returned information \\2000server.domain.local, when trying reach 2003server.
server not responding or not considered suitable.
dc 2003server advertising dc , having ds.
dc 2003server advertising ldap server
dc 2003server advertising having writeable directory
dc 2003server advertising key distribution center
dc 2003server advertising time server
warning: 2003server not advertising global catalog.
check server finished gc promotion.
check event log on server enough source replicas gc available.
......................... 2003server failed test advertising
starting test: knowsofroleholders
role schema owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role domain owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role pdc owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role rid owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role infrastructure update owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
......................... 2003server passed test knowsofroleholders
starting test: ridmanager
* available rid pool domain 2606 1073741823
* 2003server.domain.local rid master
* dsbind rid master successful
* ridallocationpool 2106 2605
* ridpreviousallocationpool 2106 2605
* ridnextrid: 2109
......................... 2003server passed test ridmanager
starting test: machineaccount
checking machine account dc 2003server on dc 2003server.
* spn found :ldap/2003server.domain.local/domain.local
* spn found :ldap/2003server.domain.local
* spn found :ldap/2003server
* spn found :ldap/2003server.domain.local/lightningelectr
* spn found :ldap/747dfc6c-aedf-4743-9a96-efbb1e77288d._msdcs.domain.local
* spn found :e3514235-4b06-11d1-ab04-00c04fc2dcd2/747dfc6c-aedf-4743-9a96-efbb1e77288d/domain.local
* spn found :host/2003server.domain.local/domain.local
* spn found :host/2003server.domain.local
* spn found :host/2003server
* spn found :host/2003server.domain.local/lightningelectr
* spn found :gc/2003server.domain.local/domain.local
......................... 2003server passed test machineaccount
starting test: services
* checking service: dnscache
* checking service: ntfrs
* checking service: ismserv
* checking service: kdc
* checking service: samss
* checking service: lanmanserver
* checking service: lanmanworkstation
* checking service: rpcss
* checking service: w32time
* checking service: netlogon
......................... 2003server passed test services
test omitted user request: outboundsecurechannels
starting test: objectsreplicated
2003server in domain dc=domain,dc=local
checking cn=2003server,ou=domain controllers,dc=domain,dc=local in domain dc=domain,dc=local on 1 servers
object up-to-date on servers.
checking cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local in domain cn=configuration,dc=domain,dc=local on 1 servers
object up-to-date on servers.
......................... 2003server passed test objectsreplicated
starting test: frssysvol
* file replication service sysvol ready test
registry lookup failed determine state of sysvol. the error returned 0 (the operation completed successfully.). check frs event log see if sysvol has been shared.
......................... 2003server passed test frssysvol
starting test: frsevent
* file replication service event log test
there warning or error events within last 24 hours after the sysvol has been shared. failing sysvol replication problems may cause group policy problems.
warning event occured. eventid: 0x800034c4
time generated: 08/15/2011 05:26:08
(event string not retrieved)
warning event occured. eventid: 0x800034c4
time generated: 08/15/2011 07:13:19
(event string not retrieved)
......................... 2003server failed test frsevent
starting test: kccevent
* kcc event log test
found no kcc errors in directory service event log in last 15 minutes.
......................... 2003server passed test kccevent
starting test: systemlog
* system event log test
found no errors in system event log in last 60 minutes.
......................... 2003server passed test systemlog
test omitted user request: verifyreplicas
starting test: verifyreferences
system object reference (serverreference) cn=2003server,ou=domain controllers,dc=domain,dc=local , backlink on cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local correct.
system object reference (frscomputerreferencebl) cn=2003server,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=domain,dc=local , backlink on cn=2003server,ou=domain controllers,dc=domain,dc=local correct.
system object reference (serverreferencebl) cn=2003server,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=domain,dc=local , backlink on cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local correct.
......................... 2003server passed test verifyreferences
test omitted user request: verifyenterprisereferences
test omitted user request: checksecurityerror
running partition tests on : forestdnszones
starting test: crossrefvalidation
......................... forestdnszones passed test crossrefvalidation
starting test: checksdrefdom
......................... forestdnszones passed test checksdrefdom
running partition tests on : domaindnszones
starting test: crossrefvalidation
......................... domaindnszones passed test crossrefvalidation
starting test: checksdrefdom
......................... domaindnszones passed test checksdrefdom
running partition tests on : schema
starting test: crossrefvalidation
......................... schema passed test crossrefvalidation
starting test: checksdrefdom
......................... schema passed test checksdrefdom
running partition tests on : configuration
starting test: crossrefvalidation
......................... configuration passed test crossrefvalidation
starting test: checksdrefdom
......................... configuration passed test checksdrefdom
running partition tests on : domain
starting test: crossrefvalidation
......................... domain passed test crossrefvalidation
starting test: checksdrefdom
......................... domain passed test checksdrefdom
running enterprise tests on : domain.local
starting test: intersite
skipping site default-first-site-name, site outside scope provided command line arguments provided.
......................... domain.local passed test intersite
starting test: fsmocheck
warning: dcgetdcname(gc_server_required) call failed, error 1355
global catalog server not located - gc's down.
pdc name: \\2003server.domain.local
locator flags: 0xe00003fd
time server name: \\2000server.domain.local
locator flags: 0xe00001f8
preferred time server name: \\2000server.domain.local
locator flags: 0xe00001f8
kdc name: \\2000server.domain.local
locator flags: 0xe00001f8
......................... domain.local failed test fsmocheck
test omitted user request: dns
test omitted user request: dns
windows ip configuration
host name . . . . . . . . . . . . : 2003server
primary dns suffix . . . . . . . : domain.local
node type . . . . . . . . . . . . : unknown
ip routing enabled. . . . . . . . : no
wins proxy enabled. . . . . . . . : no
dns suffix search list. . . . . . : domain.local
ethernet adapter local area connection:
connection-specific dns suffix . :
description . . . . . . . . . . . : intel(r) pro/1000 mt network connection
physical address. . . . . . . . . : 00-14-22-40-76-3d
dhcp enabled. . . . . . . . . . . : no
ip address. . . . . . . . . . . . : 192.168.0.2
subnet mask . . . . . . . . . . . : 255.255.255.0
default gateway . . . . . . . . . : 192.168.0.120
dns servers . . . . . . . . . . . : 192.168.0.2
windows 2000 ip configuration
host name . . . . . . . . . . . . : 2000server
primary dns suffix . . . . . . . : domain.local
node type . . . . . . . . . . . . : hybrid
ip routing enabled. . . . . . . . : yes
wins proxy enabled. . . . . . . . : no
dns suffix search list. . . . . . : domain.local
ethernet adapter local area connection 2:
connection-specific dns suffix . :
description . . . . . . . . . . . : intel(r) pro/1000 gt desktop adapter
physical address. . . . . . . . . : 00-0e-0c-b9-4f-28
dhcp enabled. . . . . . . . . . . : no
ip address. . . . . . . . . . . . : 192.168.0.1
subnet mask . . . . . . . . . . . : 255.255.255.0
default gateway . . . . . . . . . : 192.168.0.120
dns servers . . . . . . . . . . . : 192.168.0.1
domain controller diagnosis
performing initial setup:
* verifying local machine 2003server, dc.
* connecting directory service on server 2003server.
* collecting site info.
* identifying servers.
* identifying nc cross-refs.
* found 2 dc(s). testing 1 of them.
done gathering initial info.
doing initial required tests
testing server: default-first-site-name\2003server
starting test: connectivity
* active directory ldap services check
* active directory rpc services check
......................... 2003server passed test connectivity
doing primary tests
testing server: default-first-site-name\2003server
starting test: replications
* replications check
* replication latency check
* replication site latency check
......................... 2003server passed test replications
test omitted user request: topology
test omitted user request: cutoffservers
starting test: ncsecdesc
* security permissions check nc's on dc 2003server.
* security permissions check for
dc=forestdnszones,dc=domain,dc=local
(ndnc,version 2)
* security permissions check for
dc=domaindnszones,dc=domain,dc=local
(ndnc,version 2)
* security permissions check for
cn=schema,cn=configuration,dc=domain,dc=local
(schema,version 2)
* security permissions check for
cn=configuration,dc=domain,dc=local
(configuration,version 2)
* security permissions check for
dc=domain,dc=local
(domain,version 2)
......................... 2003server passed test ncsecdesc
starting test: netlogons
* network logons privileges check
unable connect netlogon share! (\\2003server\netlogon)
[2003server] net use or lsapolicy operation failed error 1203, no network provider accepted given network path..
......................... 2003server failed test netlogons
starting test: advertising
warning: dsgetdcname returned information \\2000server.domain.local, when trying reach 2003server.
server not responding or not considered suitable.
dc 2003server advertising dc , having ds.
dc 2003server advertising ldap server
dc 2003server advertising having writeable directory
dc 2003server advertising key distribution center
dc 2003server advertising time server
warning: 2003server not advertising global catalog.
check server finished gc promotion.
check event log on server enough source replicas gc available.
......................... 2003server failed test advertising
starting test: knowsofroleholders
role schema owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role domain owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role pdc owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role rid owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
role infrastructure update owner = cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local
......................... 2003server passed test knowsofroleholders
starting test: ridmanager
* available rid pool domain 2606 1073741823
* 2003server.domain.local rid master
* dsbind rid master successful
* ridallocationpool 2106 2605
* ridpreviousallocationpool 2106 2605
* ridnextrid: 2109
......................... 2003server passed test ridmanager
starting test: machineaccount
checking machine account dc 2003server on dc 2003server.
* spn found :ldap/2003server.domain.local/domain.local
* spn found :ldap/2003server.domain.local
* spn found :ldap/2003server
* spn found :ldap/2003server.domain.local/lightningelectr
* spn found :ldap/747dfc6c-aedf-4743-9a96-efbb1e77288d._msdcs.domain.local
* spn found :e3514235-4b06-11d1-ab04-00c04fc2dcd2/747dfc6c-aedf-4743-9a96-efbb1e77288d/domain.local
* spn found :host/2003server.domain.local/domain.local
* spn found :host/2003server.domain.local
* spn found :host/2003server
* spn found :host/2003server.domain.local/lightningelectr
* spn found :gc/2003server.domain.local/domain.local
......................... 2003server passed test machineaccount
starting test: services
* checking service: dnscache
* checking service: ntfrs
* checking service: ismserv
* checking service: kdc
* checking service: samss
* checking service: lanmanserver
* checking service: lanmanworkstation
* checking service: rpcss
* checking service: w32time
* checking service: netlogon
......................... 2003server passed test services
test omitted user request: outboundsecurechannels
starting test: objectsreplicated
2003server in domain dc=domain,dc=local
checking cn=2003server,ou=domain controllers,dc=domain,dc=local in domain dc=domain,dc=local on 1 servers
object up-to-date on servers.
checking cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local in domain cn=configuration,dc=domain,dc=local on 1 servers
object up-to-date on servers.
......................... 2003server passed test objectsreplicated
starting test: frssysvol
* file replication service sysvol ready test
registry lookup failed determine state of sysvol. the error returned 0 (the operation completed successfully.). check frs event log see if sysvol has been shared.
......................... 2003server passed test frssysvol
starting test: frsevent
* file replication service event log test
there warning or error events within last 24 hours after the sysvol has been shared. failing sysvol replication problems may cause group policy problems.
warning event occured. eventid: 0x800034c4
time generated: 08/15/2011 05:26:08
(event string not retrieved)
warning event occured. eventid: 0x800034c4
time generated: 08/15/2011 07:13:19
(event string not retrieved)
......................... 2003server failed test frsevent
starting test: kccevent
* kcc event log test
found no kcc errors in directory service event log in last 15 minutes.
......................... 2003server passed test kccevent
starting test: systemlog
* system event log test
found no errors in system event log in last 60 minutes.
......................... 2003server passed test systemlog
test omitted user request: verifyreplicas
starting test: verifyreferences
system object reference (serverreference) cn=2003server,ou=domain controllers,dc=domain,dc=local , backlink on cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local correct.
system object reference (frscomputerreferencebl) cn=2003server,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=domain,dc=local , backlink on cn=2003server,ou=domain controllers,dc=domain,dc=local correct.
system object reference (serverreferencebl) cn=2003server,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=domain,dc=local , backlink on cn=ntds settings,cn=2003server,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain,dc=local correct.
......................... 2003server passed test verifyreferences
test omitted user request: verifyenterprisereferences
test omitted user request: checksecurityerror
running partition tests on : forestdnszones
starting test: crossrefvalidation
......................... forestdnszones passed test crossrefvalidation
starting test: checksdrefdom
......................... forestdnszones passed test checksdrefdom
running partition tests on : domaindnszones
starting test: crossrefvalidation
......................... domaindnszones passed test crossrefvalidation
starting test: checksdrefdom
......................... domaindnszones passed test checksdrefdom
running partition tests on : schema
starting test: crossrefvalidation
......................... schema passed test crossrefvalidation
starting test: checksdrefdom
......................... schema passed test checksdrefdom
running partition tests on : configuration
starting test: crossrefvalidation
......................... configuration passed test crossrefvalidation
starting test: checksdrefdom
......................... configuration passed test checksdrefdom
running partition tests on : domain
starting test: crossrefvalidation
......................... domain passed test crossrefvalidation
starting test: checksdrefdom
......................... domain passed test checksdrefdom
running enterprise tests on : domain.local
starting test: intersite
skipping site default-first-site-name, site outside scope provided command line arguments provided.
......................... domain.local passed test intersite
starting test: fsmocheck
warning: dcgetdcname(gc_server_required) call failed, error 1355
global catalog server not located - gc's down.
pdc name: \\2003server.domain.local
locator flags: 0xe00003fd
time server name: \\2000server.domain.local
locator flags: 0xe00001f8
preferred time server name: \\2000server.domain.local
locator flags: 0xe00001f8
kdc name: \\2000server.domain.local
locator flags: 0xe00001f8
......................... domain.local failed test fsmocheck
test omitted user request: dns
test omitted user request: dns
windows ip configuration
host name . . . . . . . . . . . . : 2003server
primary dns suffix . . . . . . . : domain.local
node type . . . . . . . . . . . . : unknown
ip routing enabled. . . . . . . . : no
wins proxy enabled. . . . . . . . : no
dns suffix search list. . . . . . : domain.local
ethernet adapter local area connection:
connection-specific dns suffix . :
description . . . . . . . . . . . : intel(r) pro/1000 mt network connection
physical address. . . . . . . . . : 00-14-22-40-76-3d
dhcp enabled. . . . . . . . . . . : no
ip address. . . . . . . . . . . . : 192.168.0.2
subnet mask . . . . . . . . . . . : 255.255.255.0
default gateway . . . . . . . . . : 192.168.0.120
dns servers . . . . . . . . . . . : 192.168.0.2
windows 2000 ip configuration
host name . . . . . . . . . . . . : 2000server
primary dns suffix . . . . . . . : domain.local
node type . . . . . . . . . . . . : hybrid
ip routing enabled. . . . . . . . : yes
wins proxy enabled. . . . . . . . : no
dns suffix search list. . . . . . : domain.local
ethernet adapter local area connection 2:
connection-specific dns suffix . :
description . . . . . . . . . . . : intel(r) pro/1000 gt desktop adapter
physical address. . . . . . . . . : 00-0e-0c-b9-4f-28
dhcp enabled. . . . . . . . . . . : no
ip address. . . . . . . . . . . . : 192.168.0.1
subnet mask . . . . . . . . . . . : 255.255.255.0
default gateway . . . . . . . . . : 192.168.0.120
dns servers . . . . . . . . . . . : 192.168.0.1
and cant force ownership of gc role?
Windows Server > Windows Server General Forum
Comments
Post a Comment