Active Directory Certificate Services
Hello,
I have an issue with CRL and delta CRL which I cannot publish
the errors are:
1. Active Directory Certificate services could not publish a Delta CRL for key 0 to the following location: ldap:///...
operation aborted 0x80004004 (-2147467260)
and another event id 74
please help
thanks
Mashhour
Hi,
I suggest you start troubleshoot this issue from these guides below:
Event ID 66 — AD CS Certificate Revocation List (CRL) Publishing
http://technet.microsoft.com/en-us/library/cc726342(v=WS.10).aspx
Event ID 74 — AD CS Certificate Revocation List (CRL) Publishing
http://technet.microsoft.com/en-us/library/cc726336(v=WS.10).aspx
Please make sure that CA has Write permissions on the location mentioned in the Event message, and ensure that there is no network connectivity issue between CA and Domain Controller.
Best Regards,
Amy
Similar Messages
-
Hi,
We have some problems with our Root CA. I can se a lot of failed requests. with the event id 22: in the logs. The description is: Active Directory Certificate Services could not process request 3686 due to an error: The revocation function was unable to
check revocation because the revocation server was offline. 0x80092013 (-2146885613). The request was for CN=xxxxx.ourdomain.com. Additional information: Error Verifying Request Signature or Signing Certificate
A couple of months ago we decomissioned one of our old 2003 DCs and it looks like this server might have had something to do with the CA structure but I am not sure whether this was in use or not since I could find the role but I wasn't able to see any existing
configuration.
Let's say that this server was previously responsible for the certificates and was the server that should have revoked the old certs, what can I do know to try and correct the problem?
Thank you for your help
//Crishello,
let me recap first:
you see these errors on a ROOT CA. so it seems like the ROOT CA is also operating as an ISSUING CA. Some clients try to issue a new certificate from the ROOT CA and this fails with your error mentioned.
do you say that you had a PREVIOUS CA which you decomissioned, and you now have a brand NEW CA, that was built as a clean install? When you decommissioned the PREVIOUS CA, that was your design decision to don't bother with the current certificates that it
issued and which are still valid, right?
The error says, that the REQUEST signature cannot be validated. REQUESTs are signed either by itself (self-signed) or if they are renewal requests, they would be signed with the previous certificate which the client tries to renew. The self-signed REQUESTs
do not contain CRL paths at all.
So this implies to me as these requests that are failing are renewal requests. Renewal requests would contain CRL paths of the previous certificates that are nearing their expiration.
As there are many such REQUEST and failures, it probably means that the clients use AUTOENROLLMENT, which tries to renew their current, but shortly expiring, certificates during (by default) their last 6 weeks of lifetime.
As you decommissioned your PREVIOUS CA, it does not issue CRL anymore and the current certificates cannot be checked for validity.
Thus, if the renewal tries to renew them by using the NEW CA, your NEW CA cannot validate CRL of the PREVIOUS CA and will not issue new certificates.
But it would not issue new certificates anyway even if it was able to verify the PREVIOUS CA's CRL, as it seems your NEW CA is completely brand new, without being restored from the PREVIOUS CA's database. Right?
So simply don't bother :-) As long as it was your design to decommission the PREVIOUS CA without bothering with its already issued certificates.
The current certificates which autoenrollment tries to renew cannot be checked for validity. They will also slowly expire over the next 6 weeks or so. After that, autoenrollment will ask your NEW CA to issue a brand new certificate without trying to renew.
Just a clean self-signed REQUEST.
That will succeed.
You can also verify this by trying to issue a certificate on an affected machine manually from Certificates MMC.
ondrej. -
Hi,
I need to create local digital signatures for my users. How can I do that using W2k8 Active Directory Certificate Services? We are gonna sign Office 2010 documents.
What company offers cheap digital signatures solutions?
Thanks in advancedConsider the following:
if you use your local CA server to issue digital signature certificates, there is no cost, because you are eligible to issue so many certificates as you need. However, documents signed by these certificates will be considered trusted only within your AD
forest and other machines that explicitly trust your local CA. Any external client will not trust your signatures.
If you want to make your signature trusted outside your network (say, in worldwide), you need to pruchase a certificate from trusted commercial CA (VeriSign, GoDaddy, GlobalSign, StartCom, etc) according to respective vendor price list. In that case you
don't need to have your local CA server, because it is not used. All certificate management is performed by the external CA. A most common scenario is to purchase signing certificate for particular departament principals (head managers) or few certificates
for a whole company (all documents are revised by a responsible person or persons who holds signing certificate and sign them after review).
so, it is not clear from your post what exactly you need.
My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Windows PKI reference:
on TechNet wiki -
Hi,
I am trying to install certificate services on a windows 2008 server (R2 ENT SP1) with a PCIe nCipher HSM module installed on it. The version of nCipher SW is = 11.30. It is a RootCA, and I am trying to use a key that is already stored in the HSM (I
have done this before with a PCI HSM (older HW version)). I select “Use existing private key” and “Select an existing private key on this computer” on the wizard, then i change the CSP to nCipher and click on "search" the key I am looking for
appears and I select that one. I repeat, I have done this before and it works with a PCI HSM module.
The installation is finished before being prompted to insert the operator cards, and it ends with two errors:
<Error>: Active Directory Certificate Services setup failed with the following error: Overlapped I/O operation is in progress. 0x800703e5 (WIN32: 997)
And:
<Error>: Active Directory Certificate Services setup failed with the following error: The group or resource is not in the correct state to perform the requested operation.
0x8007139f (WIN32: 5023)
The servermanager.log says:
1856: 2014-07-23 18:27:48.195 [CAManager] Sync: Validity period units: Years
1856: 2014-07-23 18:27:48.928 [Provider] Error (Id=0) System.Runtime.InteropServices.COMException (0x800703E5): CCertSrvSetup::Install: Overlapped I/O operation is in progress. 0x800703e5 (WIN32: 997)
at Microsoft.CertificateServices.Setup.Interop.CCertSrvSetupClass.Install()
at Microsoft.Windows.ServerManager.CertificateServer.CertificateServerRoleProvider.Configure(InstallableFeatureInformation featureInfo, DiscoveryResult discoveryResult, ChangeTracker changeTracker)
1856: 2014-07-23 18:27:48.928 [Provider] CAErrorID: 0, CAErrorString: 'Active Directory Certificate Services setup failed with the following error: Overlapped I/O operation is in progress.
0x800703e5 (WIN32: 997)'
1856: 2014-07-23 18:27:48.928 [Provider] Adding error message.
1856: 2014-07-23 18:27:48.928 [Provider] [STAT] For 'Certification Authority':
And:
1856: 2014-07-23 18:27:49.053 [CAWebProxyManager] Sync: Initializing defaults
1856: 2014-07-23 18:27:49.162 [Provider] Error (Id=0) System.Runtime.InteropServices.COMException (0x8007139F): CCertSrvSetup::Install: The group or resource is not in the correct state to perform the requested operation. 0x8007139f (WIN32: 5023)
at Microsoft.CertificateServices.Setup.Interop.CCertSrvSetupClass.Install()
at Microsoft.Windows.ServerManager.CertificateServer.CertificateServerRoleProvider.Configure(InstallableFeatureInformation featureInfo, DiscoveryResult discoveryResult, ChangeTracker changeTracker)
1856: 2014-07-23 18:27:49.162 [Provider] CAErrorID: 0, CAErrorString: 'Active Directory Certificate Services setup failed with the following error: The group or resource is not in the correct
state to perform the requested operation. 0x8007139f (WIN32: 5023)'
1856: 2014-07-23 18:27:49.162 [Provider] Adding error message.
Has anyone experienced this before? Am I missing something here?
Any help will be very appreciated
Thanks in advance
Best regards
Alejandro Lozano VillanuevaHi, thanks for your support.
I have been playing around a bit with some ncipher commands and found this:
C:\Program Files (x86)\nCipher\nfast\bin>cspcheck.exe
cspcheck: fatal error: File key_mscapi_container-1c44b9424a23f6cddc91e8a065241a0
9aa719e4f (key #1): 0 modules contain the counter (NVRAM file ID 021c44b9424a23f
6cddc91)
cspcheck: information: 2 containers and 2 keys found.
cspcheck: fatal error occurred.
If I perform the same command on the original server (the server with the original kmdata folder and with the running RootCA services):
E:\nfast\bin>cspcheck.exe
cspcheck: information: 2 containers and 2 keys found.
cspcheck: everything seems to be in order.
Strange?
Moreover, when I do a csptest.exe command (also on both servers, i find this)
On the new server:
C:\Program Files (x86)\nCipher\nfast\bin>csptest.exe
nCipher CSP test software
=========================
Found the nCipher domestic CSP named 'nCipher Enhanced Cryptographic Provider'
Provider name: nCipher Enhanced Cryptographic Provider
Version number: 1.48
User key containers:
Container 'csptest.exe' has no stored keys.
Container 'Administrator' has no stored keys.
Machine key containers:
Container '352dd28a-17cb-4c6f-b6e4-bf39bcf75db5' has a 2048-bit signature key.
Container 'ROOTCA' has no stored keys.
Container 'csptest.exe' has no stored keys.
While in the old server:
E:\nfast\bin>csptest.exe
nCipher CSP test software
=========================
Found the nCipher domestic CSP named 'nCipher Enhanced Cryptographic Provider'
Provider name: nCipher Enhanced Cryptographic Provider
Version number: 1.40
User key containers:
Container 'csptest.exe' has no stored keys.
Machine key containers:
Container '352dd28a-17cb-4c6f-b6e4-bf39bcf75db5' has a 2048-bit signature key.
Container 'ROOTCA' has a 2048-bit signature key.
Container 'csptest.exe' has no stored keys.
As you can see, the container called ROOTCA, which is the one that I use during the installation, says it has no stored keys. While on the old server, it says it contains a key. Why is this happening? I dont know, I am copying the complete
key management folder from one server to another and initialize the security world with that folder as I always do, and i dont have any errors during this procedure.
Do you know what could be the cause of this? or how can I fix this? Thanks a lot, best regards.
Alejandro Lozano Villanueva -
Event ID 91 Could not connect to the Active Directory. Active Directory Certificate Services
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event ID: 91
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: DC1.chickbuns.com
Description:
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-CertificationAuthority" Guid="{6A71D062-9AFE-4F35-AD08-52134F85DFB9}" EventSourceName="CertSvc" />
<EventID Qualifiers="49754">91</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-07T19:34:00.000000000Z" />
<EventRecordID>819</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>DC1.chickbuns.com</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="MSG_E_DS_RETRY">
</EventData>
</Event>
:\Users\Administrator>dcdiag /fix
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
Warning: DC1 is not advertising as a time server.
......................... DC1 failed test Advertising
Starting test: FrsEvent
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: Replications
......................... DC1 passed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
......................... DC1 passed test Services
Starting test: SystemLog
......................... DC1 passed test SystemLog
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: LocatorCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
......................... chickbuns.com failed test LocatorCheck
Starting test: Intersite
......................... chickbuns.com passed test Intersite.My test lab one sinle domain controller server 2008 R2 Sp1 and member exchange server is using,the event error 91 is generated as per the technet article http://technet.microsoft.com/en-us/library/cc774525(v=ws.10).aspx the domain
computer and domain users in public key services container is not listed ..
C:\Users\Administrator>netdom /query fsmo
Schema master DC1.chickbuns.com
Domain naming master DC1.chickbuns.com
PDC DC1.chickbuns.com
RID pool manager DC1.chickbuns.com
Infrastructure master DC1.chickbuns.com
The command completed successfully.
Command Line: "dcdiag.exe
/V /D /C /E"
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC1, is a Directory Server.
Home Server = DC1
* Connecting to directory service on server DC1.
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=1
pszRootDomain=chickbuns.com
pszNC=
pszRootDomainFQDN=DC=chickbuns,DC=com
pszConfigNc=CN=Configuration,DC=chickbuns,DC=com
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
fAdam=0
iSiteOptions=0
dwTombstoneLifeTimeDays=180
dwForestBehaviorVersion=3
HomeServer=0, DC1
SERVER: pServer[0].pszName=DC1
pServer[0].pszGuidDNSName (binding str)=771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
pServer[0].pszDNSName=DC1.chickbuns.com
pServer[0].pszLdapPort=(null)
pServer[0].pszSslPort=(null)
pServer[0].pszDn=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pServer[0].pszComputerAccountDn=CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
pServer[0].uuidObjectGuid=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].uuidInvocationId=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].iSite=0 (Default-First-Site-Name)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=ea9513a0 01cf0dd4
pServer[0].ftRemoteConnectTime=ea2bca80 01cf0dd4
pServer[0].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=ForestDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[1]=DC=DomainDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[4]=DC=chickbuns,DC=com
SITES: pSites[0].pszName=Default-First-Site-Name
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].pszISTG=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].iSiteOption=0
pSites[0].cServers=1
NC: pNCs[0].pszName=ForestDnsZones
pNCs[0].pszDn=DC=ForestDnsZones,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=5fc582f9-b435-49a1-aa54-41769fc24206,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.chickbuns.com
pNCs[0].aCrInfo[0].iSourceServer=0
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=DomainDnsZones
pNCs[1].pszDn=DC=DomainDnsZones,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=9e1c2cb8-b90b-4e9f-90dd-9903f935e4af,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.chickbuns.com
pNCs[1].aCrInfo[0].iSourceServer=0
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[2].aCrInfo[0].iSourceServer=0
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[3].aCrInfo[0].iSourceServer=0
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=chickbuns
pNCs[4].pszDn=DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=CHICKBUNS,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[4].aCrInfo[0].iSourceServer=0
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, chickbuns,
1 TARGETS: DC1,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC1 ... OK.
* Active Directory RPC Services Check
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
The DC DC1 is advertising itself as a DC and having a DS.
The DC DC1 is advertising as an LDAP server
The DC DC1 is advertising as having a writeable directory
The DC DC1 is advertising as a Key Distribution Center
The DC DC1 is advertising as a time server
The DS DC1 is advertising as a GC.
......................... DC1 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC1 for domain chickbuns.com in site Default-First-Site-Name
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
[DC1] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC1 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Domain Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role PDC Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Rid Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC1.
* Security Permissions Check for
DC=ForestDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=chickbuns,DC=com
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=chickbuns,DC=com
(Configuration,Version 3)
* Security Permissions Check for
DC=chickbuns,DC=com
(Domain,Version 3)
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC1\netlogon
Verified share \\DC1\sysvol
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
DC1 is in domain DC=chickbuns,DC=com
Checking for CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com in domain DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com in domain CN=Configuration,DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
......................... DC1 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... DC1 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
DC=ForestDnsZones,DC=chickbuns,DC=com has 1 cursors.
DC=DomainDnsZones,DC=chickbuns,DC=com has 1 cursors.
CN=Schema,CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
DC=chickbuns,DC=com has 1 cursors.
* Replication Latency Check
......................... DC1 passed test Replications
Starting test: RidManager
ridManagerReference = CN=RID Manager$,CN=System,DC=chickbuns,DC=com
* Available RID Pool for the Domain is 1600 to 1073741823
fSMORoleOwner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
* DC1.chickbuns.com is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN=RID Set,CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1103
......................... DC1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC1 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... DC1 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... DC1 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com and backlink on
CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on
CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (msDFSR-ComputerReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com are
correct.
......................... DC1 passed test VerifyReferences
Starting test: VerifyReplicas
......................... DC1 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC1 passed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: DNS
Test results for domain controllers:
DC: DC1.chickbuns.com
Domain: chickbuns.com
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS
Microsoft Windows Server 2008 R2 Enterprise (Service Pack level: 1.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:0C:29:DE:7F:EB
IP Address is static
IP address: 192.168.1.30
DNS servers:
192.168.1.30 (dc1.chickbuns.com.) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: chickbuns.com.
Delegated domain name: _msdcs.chickbuns.com.
DNS server: dc1.chickbuns.com. IP:192.168.1.30 [Valid]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone chickbuns.com
Test record dcdiag-test-record deleted successfully in zone chickbuns.com
TEST: Records registration (RReg)
Network Adapter
[00000007] Intel(R) PRO/1000 MT Network Connection:
Matching CNAME record found at DNS server 192.168.1.30:
771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
DC1.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.48c41195-2630-4461-aaef-ec2a63cd8bf3.domains._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._udp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kpasswd._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.gc._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_gc._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.pdc._msdcs.chickbuns.com
Total query time:0 min. 3 sec.. Total RPC connection
time:0 min. 0 sec.
Total WMI connection time:0 min. 6 sec. Total Netuse connection
time:0 min. 0 sec.
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.1 (<name unavailable>)
All tests passed on this DNS server
Total query time:0 min. 0 sec., Total WMI connection
time:0 min. 5 sec.
DNS server: 192.168.1.30 (dc1.chickbuns.com.)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.chickbuns.com. is operational on IP 192.168.1.30
Total query time:0 min. 3 sec., Total WMI connection
time:0 min. 0 sec.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: chickbuns.com
DC1 PASS PASS PASS PASS PASS PASS n/a
Total Time taken to test all the DCs:0 min. 9 sec.
......................... chickbuns.com passed test DNS
Starting test: LocatorCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test FsmoCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... chickbuns.com passed test Intersite -
Hi,
When I check pkiview.msc on my 2012 Subordinate CA I get the error shown in the first picture below. I'm also getting errors similar to below in the event log:
"Active Directory Certificate Services could not create an encryption certificate. Requested by contoso\admin1. The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE)."
I'm assisting in setting up a 2 tier PKI infrastructure using Windows 2012. The root CA looks good, but we're getting errors on the subordinate. The server was working, but we discovered that the server would only issue certificates with a maximum of a 1
year expiry date - obviously no good, so we decided to run through the following commands on the root CA (as recommended byhttp://www.techieshelp.com/subordinate-ca-increase-certificate-validity/)
certutil -setreg ca\ValidityPeriodunits "Years"
certutil -setreg ca\ValidityPeriod "5"
restarted AD certificate services on the root and subordinate CA.Then did the following on the subordinate CA:
1.On the Subordinate CA create a new CA request by right clicking the server in ADCS and select New Request.
2.Supplied the original request file from the subordinate CA (I couldn't find a way of generating a new request file)
3.Issued the certificate using the Root CA.
4.On the Subordinate CA ADCS installed new CA cert.
However, I keep on getting CDP or AIA errors on my subordinate CA.Also I'm missing a CDP field value when I look at the certificate listed in the personal and trusted certification authority store on my subordinate CA.
In addition, when I look at my CDP locations in Certificate Authority, I see a lot of CDPs, but I'm not sure if I need them all - I suspect I could just get away with LDAP, the C:\windows path and a single http:// path.
I've tried renewing the existing certificate and CRL on my subordinate CA, but that didn't work either.
Please advise.
ThanksOk, the process to renew the subordinate CA is incorrect. Once the registry setting to change the validity period was made on the root CA, the root CA ADCS service needs to be restarted. That is the only time those keys are read. Then:
1) On the subordinate CA, open the CA tool, right click the CA and select Renew CA Certificate. You can use the same key, no need to create a new one. It will create a NEW certificate request file
2) Copy that to the Root CA and submit like you would have done during the initial install
3) Approve the request and export the issued certificate
4) On the subordinate CA, in the CA tool, right click the CA and choose Install CA Certificate.
You can not reuse request files.
Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years. -
Event properties – Event 91, Level Error, Event ID 91, Date and time 5/10/2012 11:29:48AM, Service CertificationAuthority
General:
Could not connect to the Active Directory.
Active Directory Certificate Services will retry when processing requires Active Directory access.
We have a Windows 2008 Server Enterprise with AD . I would like to enable the service "Certificate Services" that
allow me to enable radius to authenticate users wireless with the active directory.Hi,
Can you please check this forum or someone from Microsoft, as we have post here dating back from October that are not being answered.
Everything for us is exactly the same as szucsati and Racom
NMNM,
Please give us an answer on this as the link provided is absolutely useless.
Thank you. -
Active Directory Web Services service terminated unexpectedly
Hi everyone:
I'm having a problem with the Active Directory Web Services service does not start. Attach the event ID:
Log System:
Log Name: System
Source: Service Control Manager
Date: 1/6/2015 6:55:19 PM
Event ID: 7034
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
The Active Directory Web Services service terminated unexpectedly. It has done this 35 time(s).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7034</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:19.292471600Z" />
<EventRecordID>32583</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="1388" />
<Channel>System</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Active Directory Web Services</Data>
<Data Name="param2">35</Data>
<Binary>41004400570053000000</Binary>
</EventData>
</Event>
Log Application:
Log Name: Application
Source: .NET Runtime
Date: 1/6/2015 6:55:13 PM
Event ID: 1026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
Application: Microsoft.ActiveDirectory.WebServices.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ServiceModel.CommunicationObjectFaultedException
Stack:
at System.ServiceModel.Channels.CommunicationObject.Close(System.TimeSpan)
at Microsoft.ActiveDirectory.WebServices.WindowsHostService.StartService(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name=".NET Runtime" />
<EventID Qualifiers="0">1026</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:13.000000000Z" />
<EventRecordID>1661713</EventRecordID>
<Channel>Application</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data>Application: Microsoft.ActiveDirectory.WebServices.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ServiceModel.CommunicationObjectFaultedException
Stack:
at System.ServiceModel.Channels.CommunicationObject.Close(System.TimeSpan)
at Microsoft.ActiveDirectory.WebServices.WindowsHostService.StartService(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
</Data>
</EventData>
</Event>
And
Log Name: Application
Source: Application Error
Date: 1/6/2015 6:55:13 PM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
Faulting application name: Microsoft.ActiveDirectory.WebServices.exe, version: 6.2.9200.16579, time stamp: 0x516356a2
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d34d8
Exception code: 0xe0434352
Fault offset: 0x0000000000047b8c
Faulting process id: 0x4ac
Faulting application start time: 0x01d02a03d45e2d00
Faulting application path: C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 1273a0f1-95f7-11e4-93f7-3440b59e2092
Faulting package full name:
Faulting package-relative application ID:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:13.000000000Z" />
<EventRecordID>1661714</EventRecordID>
<Channel>Application</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data>Microsoft.ActiveDirectory.WebServices.exe</Data>
<Data>6.2.9200.16579</Data>
<Data>516356a2</Data>
<Data>KERNELBASE.dll</Data>
<Data>6.2.9200.16864</Data>
<Data>531d34d8</Data>
<Data>e0434352</Data>
<Data>0000000000047b8c</Data>
<Data>4ac</Data>
<Data>01d02a03d45e2d00</Data>
<Data>C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe</Data>
<Data>C:\Windows\system32\KERNELBASE.dll</Data>
<Data>1273a0f1-95f7-11e4-93f7-3440b59e2092</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
I was working about this solution but nothing. "http://blogs.microsoft.co.il/yuval14/2012/06/08/how-to-resolve-error-message-the-active-directory-web-services-service-terminated-unexpectedly-event-id-4079-andor-7034/".
I changed the Microsoft.ActiveDirectory.WebServices.exe.config file, add two line " <add key=”DebugLevel” value=”Info” />
<add key=”DebugLogFile” value=”c:windowsdebugadws.log” />", Attach the log
ADWS Log - AppDomain Microsoft.ActiveDirectory.WebServices.exe with ID 1 - 01/06/2015 17:51:37 ((UTC-04:00) Georgetown, La Paz, Manaus, San Juan)
OS Version Microsoft Windows NT 6.2.9200.0 - CLR Version 4.0.30319.18449
ADWS: [1/6/2015 5:51:37 PM] [1] Main: entered
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeBackupPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeBackupPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeRestorePrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeRestorePrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeAssignPrimaryTokenPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeAssignPrimaryTokenPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeIncreaseQuotaPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeIncreaseQuotaPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeDebugPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeDebugPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeTcbPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeTcbPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeShutdownPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeShutdownPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemoveUnnecessaryPriviledges: all present unnecessary priviledges removed successfully
Program: [1/6/2015 5:51:37 PM] [1] Main: Starting Windows service host.
WindowsHostService: [1/6/2015 5:51:37 PM] [1] WindowsHostService constructed
WindowsHostService: [1/6/2015 5:51:37 PM] [4] OnStart: entering.
WindowsHostService: [1/6/2015 5:51:37 PM] [4] OnStart: ServiceStart thread started.
WindowsHostService: [1/6/2015 5:51:37 PM] [6] StartService: entering.
PerfCounters: [1/6/2015 5:51:37 PM] [6] InstallCountersIfNeeded: entered
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: entered
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: System\CurrentControlSet\Services\ADWS key is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: System\CurrentControlSet\Services\ADWS\Performance key is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: First Counter value is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: perf counters are installed
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: installed perf counter version: 6
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: desired perf counter version: 6
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: perf counter category ADWS is current
PerfCounters: [1/6/2015 5:51:37 PM] [6] InstallCountersIfNeeded: counters already installed and current, no work needed
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Create Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Delete Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Get Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Put Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Enumerate Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Pull Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Open Enumeration Contexts' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADGroupMember Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADPrincipalGroupMembership Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'SetPassword Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'ChangePassword Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADPrincipalAuthorizationGroup Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'TranslateName Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADDomainController Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADDomain Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'MoveADOperationMasterRole Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADForest Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'ChangeOptionalFeature Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetVersion Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Number of Directory Instances' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Possible Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Allocated Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Reserved Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Non-reserved Connections In Use' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Reserved Connections In Use' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Open Web Service Sessions' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Active Web Service Sessions' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Web Service Sessions Created Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Maximum Possible Size' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Connection Creation Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Connection Reuse Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Maximum Possible Size' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Connection Creation Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Connection Reuse Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action Cache Size' performance counter
PerfCounters: [1/6/2015 5:51:37 PM] [6] Initialize: initializing performance counters
PerfCounters: [1/6/2015 5:51:37 PM] [6] Initialize: all performance counters initialized
ADWSHost: [1/6/2015 5:51:37 PM] [6] ADWSHost constructed
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: using host name for certificate name
Utils: [1/6/2015 5:51:37 PM] [6] GetComputerDnsName: computer name is xxx.dominio.com
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: using cert name xxx.dominio.com
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: loaded certificate
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] AddServiceThrottlingBehavior: MaxConcurrentCalls=32, MaxConcurrentSessions=500
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: including UserName endpoints
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: adding endpoints for Windows/
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: adding endpoints for UserName/
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StartConfigurationLoading: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StartConfigurationLoading: establishing watcher on C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe.Config
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for InitialPoolConnections, using default value 5
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 10 for MaxPoolConnections
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 50 for MaxPercentageReservedConnections
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxReservedIdleTimeout, using default value 00:02:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxReservedTimeout, using default value 00:30:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 5 for MaxConnectionsPerUser
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxBindLifetime, using default value 00:15:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxServerDownRetry, using default value 10
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for SyntaxCacheEntryLifetime, using default value 01:00:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:30:00 for MaxEnumContextExpiration
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:02:00 for OperationTimeout
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:02:00 for MaxPullTimeout
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 5 for MaxEnumCtxsPerSession
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 100 for MaxEnumCtxsTotal
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CertName, using default value NULL
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxGroupOrMemberEntries, using default value 5000
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CustomActionConnectionCount, using default value 10
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CustomActionIdleConnectionTimeout, using default value 00:02:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for InstanceRediscoveryInterval, using default value 00:01:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 32 for MaxConcurrentCalls
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 500 for MaxConcurrentSessions
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value Info for DebugLevel
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value C:\temp\windowsdebugadws.log for DebugLogFile
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] ValidateSettingLimits: entered
ClassManager: [1/6/2015 5:51:37 PM] [6] Start: starting...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: thread starting
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] Scavenger: waking up at 00:00:40 interval
EnumerationContextCache: [1/6/2015 5:51:37 PM] [6] EnumerationContextCache: using timer inverval 00:00:30
InstanceMap: [1/6/2015 5:51:37 PM] [6] InstanceMap: using timer inverval 00:01:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadAll: beginning
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: found NTDS Parameters key
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: trying to change state to DC
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: trying to change state for identifier ldap:389
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddSessionPool: adding a session pool for NTDS
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=NTDS, init=5, max=10
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=NTDS, init=5, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 0
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=1, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 1
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=2, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 2
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=3, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 3
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=4, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 4
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=5, max=10
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: state change successful (now hosts identifier ldap:389)
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: entered
DirectoryUtilities: [1/6/2015 5:51:37 PM] [6] GetTimeRemaining: remaining time is 00:02:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: isGlobalCatalogReady: TRUE
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: NTDS Settings DN: CN=NTDS Settings,CN=XXX,CN=Servers,CN=Alpacoma,CN=Sites,CN=Configuration,DC=dominio,DC=com
DirectoryUtilities: [1/6/2015 5:51:37 PM] [6] GetTimeRemaining: remaining time is 00:02:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: options: 1
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: CheckForGlobalCatalog=True
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: trying to change state to Global Catalog
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: trying to change state for identifier ldap:3268
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddSessionPool: adding a session pool for GC
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=GC, init=5, max=10
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=GC, init=5, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 0
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=1, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 1
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=2, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 2
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=3, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 3
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=4, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 4
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=5, max=10
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: state change successful (now hosts identifier ldap:3268)
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadADAMInstances: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadAll: caught unexpected exception System.IO.IOException: No more data is available.
at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
at Microsoft.Win32.RegistryKey.InternalGetSubKeyNames()
at Microsoft.ActiveDirectory.WebServices.InstanceMap.DiscoverInstancesFromRegistry(String regRootKey, String regKeyInstancePrefix, Boolean& instanceEncounteredErrorsOnThisRun, List`1 discoveredInstances, DirectoryType directoryType)
at Microsoft.ActiveDirectory.WebServices.InstanceMap.CheckAndLoadADAMInstances()
at Microsoft.ActiveDirectory.WebServices.InstanceMap.CheckAndLoadAll()
ADWSHost: [1/6/2015 5:51:37 PM] [6] OnClosed: entered
CustomActionCaches: [1/6/2015 5:51:37 PM] [6] StopCaches: disposing Custom Action connection caches
ClassManager: [1/6/2015 5:51:37 PM] [6] Stop: closing down...
EnumerationContextCache: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
QuotaTracker: [1/6/2015 5:51:37 PM] [6] Clear: clearing all usage
DirectoryActionImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: woke up
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: received termination signal, exiting
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing pool
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing (instance=NTDS)...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ProhibitConnectionAcquisition: entering, instance=NTDS
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing pool
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing (instance=GC)...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ProhibitConnectionAcquisition: entering, instance=GC
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing utility connection NTDS
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing utility connection GC
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StopConfigurationLoading: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] Dispose: disposing
Some Idea, Tks for your help.
migrationsHere a dump file when I try to start the service, I hope can you help me.
Version=1
EventType=CLR20r3
EventTime=130652059133527283
ReportType=2
Consent=1
ReportIdentifier=4368792e-974e-11e4-93f7-3440b59e2092
IntegratorReportIdentifier=4368792d-974e-11e4-93f7-3440b59e2092
NsAppName=Microsoft.ActiveDirectory.WebServices.exe
Response.type=4
Sig[0].Name=Problem Signature 01
Sig[0].Value=V0KXCIQIJBOA2NW5DIQBFTEBV5SCPPFH
Sig[1].Name=Problem Signature 02
Sig[1].Value=6.2.9200.16579
Sig[2].Name=Problem Signature 03
Sig[2].Value=516356a2
Sig[3].Name=Problem Signature 04
Sig[3].Value=System.ServiceModel
Sig[4].Name=Problem Signature 05
Sig[4].Value=4.0.30319.34230
Sig[5].Name=Problem Signature 06
Sig[5].Value=53be5c02
Sig[6].Name=Problem Signature 07
Sig[6].Value=ca
Sig[7].Name=Problem Signature 08
Sig[7].Value=c4
Sig[8].Name=Problem Signature 09
Sig[8].Value=I0SHPZEWVQV4P1UJY40X15MQTHF34RR5
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.2.9200.2.0.0.272.7
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
DynamicSig[22].Name=Additional Information 1
DynamicSig[22].Value=5220
DynamicSig[23].Name=Additional Information 2
DynamicSig[23].Value=52200675db6baa97bf416b02ff886e01
DynamicSig[24].Name=Additional Information 3
DynamicSig[24].Value=0b14
DynamicSig[25].Name=Additional Information 4
DynamicSig[25].Value=0b146b7eb5ed6bd9871c898c60ee5051
UI[2]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
UI[5]=Check online for a solution (recommended)
UI[6]=Check for a solution later (recommended)
UI[7]=Close
UI[8]=Microsoft.ActiveDirectory.WebServices stopped working and was closed
UI[9]=A problem caused the application to stop working correctly. Windows will notify you if a solution is available.
UI[10]=&Close
LoadedModule[0]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
LoadedModule[1]=C:\Windows\SYSTEM32\ntdll.dll
LoadedModule[2]=C:\Windows\SYSTEM32\MSCOREE.DLL
LoadedModule[3]=C:\Windows\system32\KERNEL32.dll
LoadedModule[4]=C:\Windows\system32\KERNELBASE.dll
LoadedModule[5]=C:\Windows\SYSTEM32\dlphook.x64.dll
LoadedModule[6]=C:\Windows\SYSTEM32\VERSION.dll
LoadedModule[7]=C:\Windows\system32\PSAPI.DLL
LoadedModule[8]=C:\Windows\system32\ADVAPI32.dll
LoadedModule[9]=C:\Windows\system32\WS2_32.dll
LoadedModule[10]=C:\Windows\system32\msvcrt.dll
LoadedModule[11]=C:\Windows\SYSTEM32\sechost.dll
LoadedModule[12]=C:\Windows\system32\RPCRT4.dll
LoadedModule[13]=C:\Windows\system32\NSI.dll
LoadedModule[14]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
LoadedModule[15]=C:\Windows\system32\SHLWAPI.dll
LoadedModule[16]=C:\Windows\system32\USER32.dll
LoadedModule[17]=C:\Windows\system32\GDI32.dll
LoadedModule[18]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
LoadedModule[19]=C:\Windows\SYSTEM32\MSVCR110_CLR0400.dll
LoadedModule[20]=C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\51fbf5aac9c6f1aef14557276f98ad28\mscorlib.ni.dll
LoadedModule[21]=C:\Windows\system32\ole32.dll
LoadedModule[22]=C:\Windows\SYSTEM32\combase.dll
LoadedModule[23]=C:\Windows\SYSTEM32\CRYPTBASE.dll
LoadedModule[24]=C:\Windows\SYSTEM32\bcryptPrimitives.dll
LoadedModule[25]=C:\Windows\SYSTEM32\CRYPTSP.dll
LoadedModule[26]=C:\Windows\system32\rsaenh.dll
LoadedModule[27]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
LoadedModule[28]=C:\Windows\system32\OLEAUT32.dll
LoadedModule[29]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System\803e478b5cb2fe994c4f977853849956\System.ni.dll
LoadedModule[30]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\060758702287150a3b9ca51bfbd135e4\System.ServiceProcess.ni.dll
LoadedModule[31]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.Shared.dll
LoadedModule[32]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\af08c33d3e853168e58f0bb32118170b\System.Configuration.ni.dll
LoadedModule[33]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\5641065f716dfd6c76dd7bc6ab18c47a\System.Core.ni.dll
LoadedModule[34]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\b3344890d2d919e93f506faabd08186a\System.Xml.ni.dll
LoadedModule[35]=C:\Windows\system32\urlmon.dll
LoadedModule[36]=C:\Windows\system32\iertutil.dll
LoadedModule[37]=C:\Windows\system32\WININET.dll
LoadedModule[38]=C:\Windows\system32\USERENV.dll
LoadedModule[39]=C:\Windows\system32\profapi.dll
LoadedModule[40]=C:\Windows\SYSTEM32\Secur32.dll
LoadedModule[41]=C:\Windows\SYSTEM32\SSPICLI.DLL
LoadedModule[42]=C:\Windows\system32\SHELL32.dll
LoadedModule[43]=C:\Windows\SYSTEM32\SHCORE.dll
LoadedModule[44]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\7ab37f1ca732666c1ab41d8e500942e0\System.DirectoryServices.Protocols.ni.dll
LoadedModule[45]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\4e643cb8b12402db89eb2d5839872b78\System.ServiceModel.ni.dll
LoadedModule[46]=C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\02b9ba874b1c07b6016aa9406745e96b\SMDiagnostics.ni.dll
LoadedModule[47]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\f936aad8a951da6674d460db1855a3db\System.Web.Services.ni.dll
LoadedModule[48]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\8944debbd3293f930c7e37b64aed0d77\System.ServiceModel.Internals.ni.dll
LoadedModule[49]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\5844c97798b9e56b45cb0e5d3505ffd2\System.IdentityModel.ni.dll
LoadedModule[50]=C:\Windows\system32\crypt32.dll
LoadedModule[51]=C:\Windows\system32\MSASN1.dll
LoadedModule[52]=C:\Windows\SYSTEM32\DPAPI.dll
LoadedModule[53]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3838e7c87e962eaec01572bff0396922\System.Runtime.Serialization.ni.dll
LoadedModule[54]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\38df17ed0feec9b27d7d33272eecc176\System.ServiceModel.Web.ni.dll
LoadedModule[55]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\4ecba93b4eae5bb0c97205c4e4196702\System.DirectoryServices.ni.dll
LoadedModule[56]=C:\Windows\system32\wldap32.dll
LoadedModule[57]=C:\Windows\system32\mswsock.dll
LoadedModule[58]=C:\Windows\SYSTEM32\DNSAPI.dll
LoadedModule[59]=C:\Windows\System32\rasadhlp.dll
LoadedModule[60]=C:\Windows\System32\fwpuclnt.dll
LoadedModule[61]=C:\Windows\SYSTEM32\IPHLPAPI.DLL
LoadedModule[62]=C:\Windows\SYSTEM32\WINNSI.DLL
LoadedModule[63]=C:\Windows\SYSTEM32\DSPARSE.dll
LoadedModule[64]=C:\Windows\system32\kerberos.DLL
LoadedModule[65]=C:\Windows\SYSTEM32\cryptdll.dll
LoadedModule[66]=C:\Windows\SYSTEM32\bcrypt.dll
LoadedModule[67]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
FriendlyEventName=Stopped working
ConsentKey=CLR20r3
AppName=Microsoft.ActiveDirectory.WebServices
AppPath=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
NsPartner=windows
NsGroup=windows8
Tks for your help.
migrations -
Have a very recent Lenovo Ideapad Laptop running Windows 8.1. Connected via USB port to HP LaserJet Pro CM1415 frw Color MFP Printer. Was able to print fine nearly 2 weeks ago, but something recently happened - either a new windows or office 2013 update
or perhaps I blew away a certain file by mistake. I can see the printer installed but cannot print to it from anything (Word, Notepad, IE, Firefox etc.). The one thing to note is that usually when I plug or unplug a USB related device, Windows 8.1 recognizes
this and makes a certain chime noise, but with the printer USB cable it never makes that noise - making me think that it never fully recognizes the printer. Also when I select the printer (from within the control panel) and right click for properties (via
admin rights) It never lets me fully connect to it.
I have tried all the usual remedies - remove, install all drivers, reinstall printer, Windows update, start/stop print spooler and all other printer related services, etc. Its really annoying because this printer was working fine nearly 2
weeks ago. Looking for any advice now. Thanks.
-ChrisHi Chris,
à
I have tried all the usual remedies - remove, install all drivers, reinstall printer, Windows update, start/stop print spooler and all other printer related services, etc.
I noticed that you had reinstalled the printer. Just a confirmation, when un-install this printer, please check
if this printer still exist in registry. For more details, please refer to following KB.
Registry entries for printing
If printer entry still exist in registry, please delete that printer entry and re-install this printer again,
then check if this issue still exists. (Please backup registry entries before operating registry. It will help us to avoid unexpected issue.)
àand now see
message Active Directory Domain Services is not available
By the way, would you please let me know where/when get this
Active Directory Domain Services is not available error message? Or provide a screenshot of it?
(Please hide all protected or private information) Please check if all services are running correctly on the computer. Meanwhile, please refer to following article and check if can help you.
Printer
Problem: Active Directory Domain Services is currently unavailable – Why does windows say no printers are installed?
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
does not guarantee the accuracy of this information.
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu -
Failed to install Active directory domain services
Hi,
I've installed the AD Domain Services on Windows2008R2 by following this guide http://technet.microsoft.com/en-gb/library/cc755059%28WS.10%29.aspx. After click 'Install', step 6, it showed failed to install but there is no clue why it was failed, at all.
Here is a log I copied from C:\Windows\logs\ServerManager.log
2204: 2011-01-05 12:57:54.333 [InstallationProgressPage] Loading progress page...
2204: 2011-01-05 12:57:54.411 [InstallationProgressPage] Begining Sync operation...
2204: 2011-01-05 12:57:54.458 [Sync]
Sync Graph of changed nodes
==========
name : Active Directory Domain Services
state : Changed
rank : 1
sync tech: CBS
guest[1] : Active Directory Domain Controller
guest[2] : Identity Management for UNIX
ant. : empty
pred. : empty
provider : null
name : Active Directory Domain Controller
state : Changed
rank : 4
sync tech: CBS
ant. : .NET Framework 3.5.1
pred. : Active Directory Domain Services, .NET Framework 3.5.1
provider : Provider
2204: 2011-01-05 12:57:54.458 [Sync] Calling sync provider of Active Directory Domain Controller ...
2204: 2011-01-05 12:57:54.473 [Provider] Sync:: guest: 'Active Directory Domain Controller', guest deleted?: False
2204: 2011-01-05 12:57:54.473 [Provider] Begin installation of 'Active Directory Domain Controller'...
2204: 2011-01-05 12:57:54.473 [Provider] Install: Guest: 'Active Directory Domain Controller', updateElement: 'DirectoryServices-DomainController'
2204: 2011-01-05 12:57:54.473 [Provider] Installation queued for 'Active Directory Domain Controller'.
2204: 2011-01-05 12:57:54.473 [CBS] installing 'DirectoryServices-DomainController ' ...
2204: 2011-01-05 12:57:55.020 [CBS] ...parents that will be auto-installed: 'NetFx3 '
2204: 2011-01-05 12:57:55.020 [CBS] ...default children to turn-off: '<none>'
2204: 2011-01-05 12:57:55.036 [CBS] ...current state of 'DirectoryServices-DomainController': p: Staged, a: Staged, s: UninstallRequested
2204: 2011-01-05 12:57:55.036 [CBS] ...setting state of 'DirectoryServices-DomainController' to 'InstallRequested'
2204: 2011-01-05 12:57:55.051 [CBS] ...current state of 'NetFx3': p: Installed, a: Installed, s: InstallRequested
2204: 2011-01-05 12:57:55.051 [CBS] ...skipping 'NetFx3' because it is already in the desired state.
2204: 2011-01-05 12:57:55.098 [CBS] ...'DirectoryServices-DomainController' : applicability: Applicable
2204: 2011-01-05 12:57:55.114 [CBS] ...'NetFx3' : applicability: Applicable
2204: 2011-01-05 12:57:55.770 [CbsUIHandler] Initiate:
2204: 2011-01-05 12:57:55.770 [InstallationProgressPage] Installing...
2204: 2011-01-05 12:58:49.176 [CbsUIHandler] Error: -2147021879 :
2204: 2011-01-05 12:58:49.176 [CbsUIHandler] Terminate:
2204: 2011-01-05 12:58:49.254 [InstallationProgressPage] Verifying installation...
2204: 2011-01-05 12:58:49.270 [CBS] ...done installing 'DirectoryServices-DomainController '. Status: -2147021879 (80070bc9)
2204: 2011-01-05 12:58:49.270 [Provider] Skipped configuration of 'Active Directory Domain Controller' because install operation failed.
2204: 2011-01-05 12:58:49.270 [Provider]
[STAT] ---- CBS Session Consolidation -----
[STAT] For
'Active Directory Domain Controller'[STAT] installation(s) took '54.7870005' second(s) total.
[STAT] Configuration(s) took '0.0003053' second(s) total.
[STAT] Total time: '54.7873058' second(s).
2204: 2011-01-05 12:58:49.270 [Provider] Error (Id=0) Sync Result - Success: False, RebootRequired: True, Id: 110
2204: 2011-01-05 12:58:49.286 [Provider] Error (Id=0) Sync Message - OperationKind: Install, MessageType: Error, MessageCode: -2147021879, Message: <null>, AdditionalMessage: The requested operation failed. A system reboot is required to roll back changes
made
2204: 2011-01-05 12:58:49.286 [InstallationProgressPage] Sync operation completed
2204: 2011-01-05 12:58:49.286 [InstallationProgressPage] Performing post install/uninstall discovery...
2204: 2011-01-05 12:58:49.286 [Provider] C:\Windows\system32\ServerManager\Cache\CbsUpdateState.bin does not exist.
2204: 2011-01-05 12:58:49.286 [CBS] IsCacheStillGood: False.
2204: 2011-01-05 12:58:49.786 [CBS] >>>GetUpdateInfo--------------------------------------------------
2204: 2011-01-05 12:59:46.520 [CBS] Error (Id=0) Function: 'ReadUpdateInfo()->Update_GetInstallState' failed: 80070bc9 (-2147021879)
2204: 2011-01-05 12:59:46.520 [CBS] <<<GetUpdateInfo--------------------------------------------------
2204: 2011-01-05 12:59:46.598 [DISCOVERY] hr: -2147021879 -> reboot required.
2204: 2011-01-05 12:59:46.739 [InstallationProgressPage] About to load finish page...
2204: 2011-01-05 12:59:46.739 [InstallationFinishPage] Loading finish page
2204: 2011-01-05 12:59:46.801 [InstallationFinishPage] Finish page loaded
I also checked the event viewer, here are the event properties occurred during the installation:
Initiating changes to turn on update DirectoryServices-DomainController of package DirectoryServices-DomainController-Package. Client id: RMT
Update Directoryservices-DomainController of package DirectoryServices-DomainController-Package failed to be turned on. Status: 0x80070bc9
Installation failed. A restart is required.
Roles:
Active Directory Domain Services
Error: The server needs to be restarted to undo the changes
Please help.
Thanks,
balrogzAnother thing to check is to ensure the server service is up and running.
http://blogs.dirteam.com/blogs/paulbergson/archive/2014/04/29/can-t-add-the-role-quot-active-directory-domain-services-quot-to-my-2008-r2-server.aspx
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security, BS CSci
2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
Please no e-mails, any questions should be posted in the NewsGroup.
This posting is provided AS IS with no warranties, and confers no rights. -
Hi everyone,
I've been banging my head against this for a while and hope someone can help me.
Running Windows Server 2008 R2 Standard with Service Pack 1.
When I try to add the Active Directory Domain Services role to the server it gets to about 90% complete and then dies.
The ServerManager.log shows the following information, I have run the System Readiness Tool - output below - with no errors found.
At a loss on what to do next. The only other links I've found suggest rebuilding the server which I would really like to avoid...
Help appreciated,
John
ServerManager.log (extract)
==========
name : Active Directory Domain Services
state : Changed
rank : 1
sync tech: CBS
guest[1] : Active Directory Domain Controller
guest[2] : Identity Management for UNIX
ant. : empty
pred. : empty
provider : null
name : Active Directory Domain Controller
state : Changed
rank : 4
sync tech: CBS
ant. : .NET Framework 3.5.1
pred. : Active Directory Domain Services, .NET Framework 3.5.1
provider : Provider
8720: 2012-01-18 10:54:41.853 [Sync] Calling sync provider of Active Directory Domain Controller ...
8720: 2012-01-18 10:54:41.853 [Provider] Sync:: guest: 'Active Directory Domain Controller', guest deleted?: False
8720: 2012-01-18 10:54:41.853 [Provider] Begin installation of 'Active Directory Domain Controller'...
8720: 2012-01-18 10:54:41.853 [Provider] Install: Guest: 'Active Directory Domain Controller', updateElement: 'DirectoryServices-DomainController'
8720: 2012-01-18 10:54:41.853 [Provider] Installation queued for 'Active Directory Domain Controller'.
8720: 2012-01-18 10:54:41.853 [CBS] installing 'DirectoryServices-DomainController ' ...
8720: 2012-01-18 10:54:42.399 [CBS] ...parents that will be auto-installed: 'NetFx3 '
8720: 2012-01-18 10:54:42.399 [CBS] ...default children to turn-off: 'WCF-HTTP-Activation '
8720: 2012-01-18 10:54:42.415 [CBS] ...current state of 'DirectoryServices-DomainController': p: Staged, a: Staged, s: UninstallRequested
8720: 2012-01-18 10:54:42.415 [CBS] ...setting state of 'DirectoryServices-DomainController' to 'InstallRequested'
8720: 2012-01-18 10:54:42.430 [CBS] ...current state of 'NetFx3': p: Installed, a: Installed, s: InstallRequested
8720: 2012-01-18 10:54:42.430 [CBS] ...skipping 'NetFx3' because it is already in the desired state.
8720: 2012-01-18 10:54:42.430 [CBS] ...current state of default child 'WCF-HTTP-Activation': p: Installed, a: Installed, s: InstallRequested
8720: 2012-01-18 10:54:42.430 [CBS] ...skipped child 'WCF-HTTP-Activation' because it is already installed
8720: 2012-01-18 10:54:42.461 [CBS] ...'DirectoryServices-DomainController' : applicability: Applicable
8720: 2012-01-18 10:54:42.461 [CBS] ...'NetFx3' : applicability: Applicable
8720: 2012-01-18 10:54:42.539 [CbsUIHandler] Initiate:
8720: 2012-01-18 10:54:42.539 [InstallationProgressPage] Installing...
8720: 2012-01-18 10:54:42.758 [InstallationProgressPage] Verifying installation...
8720: 2012-01-18 10:54:42.758 [InstallationProgressPage] Installing...
8720: 2012-01-18 10:55:03.740 [CbsUIHandler] Error: -2147021879 :
8720: 2012-01-18 10:55:03.740 [CbsUIHandler] Terminate:
8720: 2012-01-18 10:55:03.787 [InstallationProgressPage] Verifying installation...
8720: 2012-01-18 10:55:03.802 [CBS] ...done installing 'DirectoryServices-DomainController '. Status: -2147021879 (80070bc9)
8720: 2012-01-18 10:55:03.818 [Provider] Skipped configuration of 'Active Directory Domain Controller' because install operation failed.
8720: 2012-01-18 10:55:03.818 [Provider]
[STAT] ---- CBS Session Consolidation -----
[STAT] For
'Active Directory Domain Controller'[STAT] installation(s) took '21.9535541' second(s) total.
[STAT] Configuration(s) took '0.0007754' second(s) total.
[STAT] Total time: '21.9543295' second(s).
8720: 2012-01-18 10:55:03.818 [Provider] Error (Id=0) Sync Result - Success: False, RebootRequired: True, Id: 110
8720: 2012-01-18 10:55:03.818 [Provider] Error (Id=0) Sync Message - OperationKind: Install, MessageType: Error, MessageCode: -2147021879, Message: <null>, AdditionalMessage: The requested operation failed. A system reboot is required to roll back changes made
8720: 2012-01-18 10:55:03.818 [InstallationProgressPage] Sync operation completed
8720: 2012-01-18 10:55:03.818 [InstallationProgressPage] Performing post install/uninstall discovery...
8720: 2012-01-18 10:55:03.833 [Provider] C:\Windows\system32\ServerManager\Cache\CbsUpdateState.bin does not exist.
8720: 2012-01-18 10:55:03.833 [CBS] IsCacheStillGood: False.
8720: 2012-01-18 10:55:04.333 [CBS] >>>GetUpdateInfo--------------------------------------------------
8720: 2012-01-18 10:55:34.784 [CBS] Error (Id=0) Function: 'ReadUpdateInfo()->Update_GetInstallState' failed: 80070bc9 (-2147021879)
8720: 2012-01-18 10:55:34.784 [CBS] <<<GetUpdateInfo--------------------------------------------------
8720: 2012-01-18 10:55:34.815 [DISCOVERY] hr: -2147021879 -> reboot required.
8720: 2012-01-18 10:55:34.831 [InstallationProgressPage] About to load finish page...
8720: 2012-01-18 10:55:34.831 [InstallationFinishPage] Loading finish page
8720: 2012-01-18 10:55:34.831 [InstallationFinishPage] Finish page loaded
CheckSUR.log
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.21645
Package Version 13.0
2012-01-18 10:33
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
Summary:
Seconds executed: 220
No errors detectedHi John,
Thanks for posting.
Performed some research and some results say that this problem can be caused by HD Write Caching.
To disable Write Caching:
1. Go to Device Manager.
2.Click the plus sign (+) next to the Disk Drives branch to expand it.
3.Right-click the drive on which you want to enable or disable disk write caching, and then click Properties.
4.Click the Disk Properties tab.
5.Click to select or clear the Write Cache Enabled check box as appropriate.
6.Click OK.
If no luck, Please check if any erros can be found in Event log, Dcpromoui.Log and Dcpromo.log
The following articles maybe helpful to you:
Known Issues for Installing and Removing AD DS
http://technet.microsoft.com/en-us/library/cc754463(v=WS.10).aspx
You cannot install Active Directory Domain Services
http://support.microsoft.com/kb/975142
Thanks
ZHANG -
I know this question has been asked before, but never for R2, that I can tell, and the posted fixes aren't working. I have just installed SCVMM 2008 R2 on a Windows Server 2008 R2 server, using a remote SQL 2008 SP1 database. When I attempt to connect to SCVMM, I get the following error:
"The SQL Server service account does not have permission to access Active Directory Domain Services (AD DS).
Ensure that the SQL Server service is running under a domain account or a computer account that has permission to access AD DS. For more information, see "Some applications and APIs require access to authorization information on account objects" in the Microsoft Knowledge Base at http://go.microsoft.com/fwlink/?LinkId=121054.
ID: 2607"
What I've seen online is that this is usually becuase the domain account SCVMM is running as does not have the proper permissions on the SQL database. Here's what I've confirmed:
1) My SCVMM service account is a local admin on the SCVMM server
2) My SCVMM service account is a dbowner on the SCVMM database in SQL
3) My SQL service account is a dbowner on the SCVMM database in SQL
4) My SQL service account is a domain user (even made it a domain admin, just in case, and it still "doesn't have access to AD DS," which is obviously untrue)
5) Neither service account is locked out
Has anyone run in to this? It says in Technet that remote SQL 2008 is supported, as long as the SQL management studio is installed to the SCVMM server, and I installed and patched before I began the SCVMM installation. I just don't know what else to try - I have no errors in event logs, no issues during the installation itself...
Andrew ToppThat answer was very unhelpful fr33m4n. The individual mentions that they've received the error that points to the KB article. I currently receive the same error -- there seems to be no resolution. I've run the Microsoft VBS script to add TAUG to the WAAG
as suggested by 331951, and that made absolutely no difference.
1) My SCVMM service account is a local admin on the SCVMM server
2) My SCVMM service account is a dbowner on the SCVMM database in SQL
3) My SQL service account is a dbowner on the SCVMM database in SQL
4) My SQL service account is a domain user (even made it a domain admin, just in case, and it still
"doesn't have access to AD DS," which is obviously untrue)
The user is also a member of WAAG, the machines have delegated authority to each other. Is there any other solution? -
The Active Directory Domain Services is currently unavailable....printer "unseen"
I Have a Windows 7 on an Acer Aspire 5742 laptop and an HP LaserjetP1102w. There are two wireless laptops in the household. I am trying to print from Microsoft Word Starter, but it states "No Printers Installed" and if I try to add a printer I get the message: The Active Directory Domain Services is currently unavailable.
I can print Self Test/Device configuration sheets (on this the iPv4 reads as 0.0.0.0.), a printer test page and a test print from the HP Print and Scan Doctor. It is the network which is not reading the printer.
I have disabled my firewall, un- and re-installed the printer. I have also tried to uninstall and reinstall the printer using the Window 7 installer utility. but that tells this printer "is not currently supported by this Wizard"
I have searched the web for people with the same problem but found nothing that has helped me. Not to put too fine a point on it I am at my wit's end.
You are my last resort (no pressure, then!)
This question was solved.
View Solution.Are the configuration reports with the 0.0.0.0 being printed directly from the printer? A 0.0.0.0 address indicates the printer is not actually on the network (or at least not getting DHCP information from the router). The Print and Scan Doctor should not have been able to print to it unless it happened to be connected by a USB cable as well.
What brand and model is the router?
Is the wireless light a solid blue light or a flashing blue light?
You mentioned an Active Directory Domain Services error message. Outside of corporate networks, this is not an error message you should get. I suspect there might be a deeper software issue at fault. Please provide the exact steps you are using to add the printer to generate that error message.
↙-----------How do I give Kudos?| How do I mark a post as Solved? ----------------↓ -
Cannot Print. "The Active Directory Domain Services is currently unavailable"
Hi there
I cannot print and I have not been able to find the fix via existing forum threads.
System:
Win 7 Ultimate 64 bit German - Profile language is Danish (installed a week ago and completely windows updated)
Office 365 Small Business Premium
HP DV8 Laptop. i7, 512GB SSD, 8GB RAM
HP LaserJet P1006 USB printer.
Problem
No matter if I try to print from IE, Notebook, Word 2013 or anything else, I cannot chose my printer (P1006).
If I try to Add Printer in Word 2013, I get the "The Active Directory Domain Services is currently unavailable" error.
In Devices and Printers, the P1006 is visible, but there is no driver installed.
Trying to install the correct driver:
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=3435683&prodTypeId=18972&prodSeriesId=3435682&swLang=8&taskId=135&swEnvOID=4063
only creates a general error during installation: "Printer Software Installer has stopped working - A problem has caused the program to stop working correctly. Windows closes the program and will notify you if a solution has been found"
I have tried all the solution software from Windows, from HP (for the laptop and for the printer) - but nothing comes up with any details or suggestions.
What should I try?
Absolutely everything else works perfectly on the system.
Reffered here via http://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/cannot-print-the-active-directory-domain-services/1cf47626-a2cd-4b7a-94b6-10cbc8ab02b0Hi,
I suggest you try the following:
1. Try the steps in the following article:
Troubleshoot printer problems
http://windows.microsoft.com/en-US/windows-vista/Troubleshoot-printer-problems
Fix printing problems by resetting the print spooler
http://support.microsoft.com/kb/2000007
2. Let us try updating the printer driver which might help you in resolving the issue.
Click on the link below for more information on updating the printer drivers.
Find and install printer drivers
http://windows.microsoft.com/en-US/windows-vista/Find-and-install-printer-drivers
3. Remove the printer and add it again:
Go to Control Panel
Select Printers
Right-click on Add Printer
Select Run as Administrator
Now try to add your network printer
Also a thread for your reference:
Error message when attempting to print: Active Directory Domain Service is Currently Unavailable
http://social.technet.microsoft.com/Forums/en-US/winserverprint/thread/d6212275-24d6-4168-830a-9441f861cb76
Hope this helps.
Vincent Wang
TechNet Community Support -
What am I trying to do?
I have tried installing Microsoft Exchange Server 2013 Cumulative Update 7 Setup on a fresh install of Windows Server 2012 R2 but it gets stuck when running the setup exe on Step 8 of 14 “Mailbox Transport Service” I have included full
error logs at the bottom of the page but the basics are in order it will throw which loop around are:
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
Exchange is currently running in the envirmonet on 2010 Sp3 I am installing 2013 CU7 fresh so I can migrate the databases over.
What am I running?
2 X DC on domain and forest functional level 2008R2 both writable
1 X fresh install of Windows 2012 R2 which is domain joined
What have I tried?
Checked Ipv6 is enabled on all DC NICS and Existing Exchange Servers
Rebooted every server
Run setup as Administrator
My account is part of the domain Enterprise Admin group
Tried adding "Exchange Server" or "Exchange Enterprise Servers" to the group policy and doing the relevant gpupdate /force and reboot :
Computer Configuration Windows Settings
Security Settings + Local Policies
User Rights Assignment Mange auditing and security log
Turned off firewall on DC and Exchange Server even stopped the service
Turned off all AV on the DC and Exchange Server
Checked I could telnet to global catalog servers on port 3268 which I can
Checked the global catalog records existed in DNS which they all do
Done the obvious ping tests all round which confirms connectivity
Schema has been prepared using appropriate commands before running the setup exe
setup.exe /PrepareSchema /IacceptExchangeServerLicenseTerms
Making sure the following path has full permissions:
EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
Restarted Microsoft Exchange Active Directory Topology service
DcDiag all looks good
What have I noticed that is suspicious?
Microsoft Exchange Transport service will not start even though both of its dependences services have started:
Microsoft Filtering Management Service
Microsoft Exchange Active Directory Topology Service
It will eventually error with
“Windows could not start the Microsoft Exchange Transport Service on local computer
Error 1053: This Service did not respond to the start of control request in a timely fashion”
This error is from the GUI wizard itself:
Error:
The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
" was run: "System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
Exchange logs which have been written:
**The error will loop around for 8 minutes on trying to set-sharedconfig DC whatever this is trying to do ??
[01/20/2015 17:13:20.0084] [2] Active Directory session settings for 'Set-SharedConfigDC' are: View Entire Forest: 'True', Configuration Domain Controller:mydomain.com', Preferred Global Catalog: 'mydomain.com', Preferred Domain Controllers:
'{ mydomain.com}'
[01/20/2015 17:13:20.0084] [2] User specified parameters:
-DomainController:mydomain.com' -ErrorVariable:'setSharedCDCErrors' -ErrorAction:'SilentlyContinue'
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] Ending processing Set-SharedConfigDC
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] An error ocurred while setting shared config DC. Error: The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details
No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Waiting 30 seconds before attempting again.
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0195] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0288] [1] The following 1 error(s) occurred during task execution:
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)
[01/20/2015 17:13:50.0288] [1] [ERROR] The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
" was run: "System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
[01/20/2015 17:13:50.0288] [1] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] [ERROR-REFERENCE] Id=AllADRolesCommonServiceControl___ee47ab1c06fb47919398e2e95ed99c6c Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
[01/20/2015 17:13:50.0288] [1] Setup is stopping now because of one or more critical errors.
[01/20/2015 17:13:50.0288] [1] Finished executing component tasks.
[01/20/2015 17:13:50.0304] [1] Ending processing Install-BridgeheadRole
Windows Event Viewer:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=5276) Forest mydomain.com. Exchange Active Directory Provider couldn't find minimal required number of suitable Global Catalog servers
in either the local site 'Default-First-Site' or the following sites:Hi apl228,
1. Please make sure the IPv6 is enabled.
2. Please make sure the account that install Exchange server has Administrator permission.
3. Please make sure DNS has been configured correctly.
Thanks
Mavis Huang
TechNet Community Support
Maybe you are looking for
-
Does anyone know how to run an export in background mode for windows ? Normally in unix I would simply nohup the expdp command. Also what is the purpose of being able to reattach to a job in Data Pump - that in itself would suggest the export is alre
-
Date separate year, month and day
Hello everyone and thanks in advance, I'm new to this and the truth is not doing this. Well, I have a PDF with several pages which I designed and has been asking me in a complete date in the format dd / mm / yy and subsequent pages he asks me the sam
-
Is there a way to create a home page in safari on iPad 2? Also, what is a good portal website for iPads? Thank you.
-
Message- Not enough RAM to open Classic
For many months we have successfully opened Classic (set for auto open on booting OSX 10.4.7). Suddenly we get an message asking if we want to continue opening Classic with insufficient RAM (needs at least 128 megs). But we have 768 megs of installed
-
Where is the homepage setup on 3.6.6 it's not on the options anymore?
Cant find homepage setup on 3.6.6, used to be in "options/general" but not there now...can anyone help please. Steve