Active Directory Domain Services Child Domains
I am using Windows Server 2008 R2 SP1.
http://technet.microsoft.com/en-us/library/cc771856(v=ws.10).aspx
When I select "Add Roles" I click on "Active Directory Domain Services (Installed)" the "Next>" button is not enabled and can not be selected.
Did I install ADDS wrong?
Is this not how you define Child Domains?
If I use the Command Line or Answer File Methods I get an error message at "ChildName".
Did I forget to install something about enabling Child Domains when installing ADDS?
Hi,
Did you try to create a child domain on the Domain Controller? It seems like that this Server is already a DC, with Active Directory Domain Services installed.
We don’t have to enable anything in the root domain for creating child domains/new trees, we just need to run
Dcpromo or Add Role on another server which is not a DC, and select the existing domain as its parent, then the child domain will be created.
In addition, please make the existing DC as the preferred DNS server on the new server.
I hope this helps.
Amy
Similar Messages
-
What am I trying to do?
I have tried installing Microsoft Exchange Server 2013 Cumulative Update 7 Setup on a fresh install of Windows Server 2012 R2 but it gets stuck when running the setup exe on Step 8 of 14 “Mailbox Transport Service” I have included full
error logs at the bottom of the page but the basics are in order it will throw which loop around are:
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
Exchange is currently running in the envirmonet on 2010 Sp3 I am installing 2013 CU7 fresh so I can migrate the databases over.
What am I running?
2 X DC on domain and forest functional level 2008R2 both writable
1 X fresh install of Windows 2012 R2 which is domain joined
What have I tried?
Checked Ipv6 is enabled on all DC NICS and Existing Exchange Servers
Rebooted every server
Run setup as Administrator
My account is part of the domain Enterprise Admin group
Tried adding "Exchange Server" or "Exchange Enterprise Servers" to the group policy and doing the relevant gpupdate /force and reboot :
Computer Configuration Windows Settings
Security Settings + Local Policies
User Rights Assignment Mange auditing and security log
Turned off firewall on DC and Exchange Server even stopped the service
Turned off all AV on the DC and Exchange Server
Checked I could telnet to global catalog servers on port 3268 which I can
Checked the global catalog records existed in DNS which they all do
Done the obvious ping tests all round which confirms connectivity
Schema has been prepared using appropriate commands before running the setup exe
setup.exe /PrepareSchema /IacceptExchangeServerLicenseTerms
Making sure the following path has full permissions:
EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
Restarted Microsoft Exchange Active Directory Topology service
DcDiag all looks good
What have I noticed that is suspicious?
Microsoft Exchange Transport service will not start even though both of its dependences services have started:
Microsoft Filtering Management Service
Microsoft Exchange Active Directory Topology Service
It will eventually error with
“Windows could not start the Microsoft Exchange Transport Service on local computer
Error 1053: This Service did not respond to the start of control request in a timely fashion”
This error is from the GUI wizard itself:
Error:
The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
" was run: "System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
Exchange logs which have been written:
**The error will loop around for 8 minutes on trying to set-sharedconfig DC whatever this is trying to do ??
[01/20/2015 17:13:20.0084] [2] Active Directory session settings for 'Set-SharedConfigDC' are: View Entire Forest: 'True', Configuration Domain Controller:mydomain.com', Preferred Global Catalog: 'mydomain.com', Preferred Domain Controllers:
'{ mydomain.com}'
[01/20/2015 17:13:20.0084] [2] User specified parameters:
-DomainController:mydomain.com' -ErrorVariable:'setSharedCDCErrors' -ErrorAction:'SilentlyContinue'
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] Ending processing Set-SharedConfigDC
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] An error ocurred while setting shared config DC. Error: The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details
No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Waiting 30 seconds before attempting again.
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0195] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0288] [1] The following 1 error(s) occurred during task execution:
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)
[01/20/2015 17:13:50.0288] [1] [ERROR] The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
" was run: "System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
[01/20/2015 17:13:50.0288] [1] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] [ERROR-REFERENCE] Id=AllADRolesCommonServiceControl___ee47ab1c06fb47919398e2e95ed99c6c Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
[01/20/2015 17:13:50.0288] [1] Setup is stopping now because of one or more critical errors.
[01/20/2015 17:13:50.0288] [1] Finished executing component tasks.
[01/20/2015 17:13:50.0304] [1] Ending processing Install-BridgeheadRole
Windows Event Viewer:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=5276) Forest mydomain.com. Exchange Active Directory Provider couldn't find minimal required number of suitable Global Catalog servers
in either the local site 'Default-First-Site' or the following sites:Hi apl228,
1. Please make sure the IPv6 is enabled.
2. Please make sure the account that install Exchange server has Administrator permission.
3. Please make sure DNS has been configured correctly.
Thanks
Mavis Huang
TechNet Community Support -
Active Directory Web Services Event 1202
Hi all,
I am stuck with the event 1202 (source ADWS) error on my ADLDS server hosting sharepoint extranet user repository. My sharepoint server is a domain member but
NOT a domain controller. I do not replicate this ADLDS instance with any other server. This ADLDS instance is not synched with AD's at all.
I already read posts existing on the subject and no one solved my problem as they're all related to ADLDS instances hosted on domain controllers
As a reminder the event 1202 (raised minutely) description is:
This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
My ADLDS instance is not named NTDS (and cannot as NTDS is the instance name of an ADDS domain) and ADWS correctly service it as the following 1200 event proove it:
Active Directory Web Services is now servicing the specified directory instance.
Directory instance: ADAM_ExtranetUsers
Directory instance LDAP port: 18589
Directory instance SSL port: 18836
So... my investigations result after enabling ADWS diagnostics are:
Following is the trace corresponding to the 1202 event generation
InstanceMap: [14.11.2012 08:57:19] [4] OnTimedEvent: got an event
InstanceMap: [14.11.2012 08:57:19] [4] CheckAndLoadAll: beginning
InstanceMap: [14.11.2012 08:57:19] [4] CheckAndLoadNTDSInstance: entered
InstanceMap: [14.11.2012 08:57:19] [4] CheckAndLoadNTDSInstance: found NTDS Parameters key
InstanceMap: [14.11.2012 08:57:19] [4] CheckAndLoadNTDSInstance: trying to change state to DC
InstanceMap: [14.11.2012 08:57:19] [4] AddRemoveSessionPoolAndDictionaryEntry: trying to change state for identifier ldap:389
InstanceMap: [14.11.2012 08:57:19] [4] AddSessionPool: adding a session pool for NTDS
DirectoryDataAccessImplementation: [14.11.2012 08:57:19] [4] InitializeInstance: entering, instance=NTDS, init=5, max=20
LdapSessionPoolImplementation: [14.11.2012 08:57:19] [4] InitializeInstance: entering, instance=NTDS, init=5, max=20
InstanceMap: [14.11.2012 08:57:20] [4] AddSessionPool: DirectoryException trying to create pool: System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
For me the BUGGY part of this ADWS error state within the CheckAndLoadNTDSInstance process. It effectively try to service NTDS instance because it found the NTDS registry key supposed to contain the AD DS instance configuration parameters. The content
of the key is the following on my system (and any system I think):
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\parameters]
"ldapserverintegrity"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\RID Values]
This is the normal content on any domain members. But this cause the ADWS service to think there is an NTDS domain service instance to serve which is not the case !!!!!
I resolved the error for a temporary period by removing the registry key above. Because I also think this key has nothing to do on client systems (as stated on technet). I also verified after removing the key that my ADLDS instance is still forcing SSL connections
for simple bind (which is what the ldapserverintegrity registry value is supposed to do. Note this registry settings is also present is the ldap and my ADAM_ExtranetUsers service registry.) Everything worked like a charm for a day and my event log stopped
reporting the 1202 event.
But during the first night, a process recreated the NTDS service registry key I deleted. So the event 1202 start reappearing every minute. Excepting filling my event log for nothing this error has no effect on the working ADLDS instance. So I can live with
but it's rather annoying!
So finally my question is: Is it really a bug or did i make a mistake? If this is by design how can I prevent ADWS to try to serve an instance that does not exists on the system?
Can I set the undocumented ADWS configuration value "InstanceRediscoveryInterval" defaulted to "00:01:00" to something that say "NEVER".
At least to lower events count I will set it to something next to 1 hour or 1 day!
Does someone have a better solution?
Many thanks to any of you taking time to read my poor english ;-)Hi Brian,
Thanks to take time trying to resolve my issue.
- IPv6 is not enabled on my servers (this is one of the first thing I disable on my servers)
- If you read my post carefully you will see that removing the NTDS registry key resolve the problem for about 1 day. This because a process recreate the key automatically during the night (I think it is the KCC process that recreate the key but I'm not
sure)
And if I think it is a bug this is because you can see this wonderful sequence within the traces:
InstanceMap: [20.11.2012 05:57:13] [4] CheckAndLoadNTDSInstance: entered
InstanceMap: [20.11.2012 05:57:13] [4] CheckAndLoadNTDSInstance: found NTDS Parameters key
InstanceMap: [20.11.2012 05:57:13] [4] CheckAndLoadNTDSInstance: trying to change state to DC
.... here traces that shows the exception when the system try to connect (bind) to the NTDS ldap instance generating the event 1202 error ....
InstanceMap: [20.11.2012 05:57:14] [4] CheckAndLoadGCInstance: entered
InstanceMap: [20.11.2012 05:57:14] [4] CheckAndLoadGCInstance: machine isn't a DC, so it isn't a GC
Well ironically the system first think this is a DC just because it found NTDS registry key (this key exists but is empty and does not contain NTDS AD instance parameters excepting ldapserverintegrity). And the next step in the process
(just after CheckAndLoadNTDSInstance step there is the CheckAndLoadGCInstance step) it realizes it is not a DC so it cannot be a GC (global catalog). So can you tell me why the system is trying to service the NTDS instance that does not exist !!!!! And
it knows that... one step later....
Well I think everything is clear and I am suprised that with a such bug I am the only one complaining about that... at least with such level of accuracy (even if I saw posts without clear responses or people complaining that the problem is not
solved)
So for me there is no workaround or solution to resolve this. I repeat disabling the feature is not an option as we are using ADWS to administer our users through AD module for powershell. And I'm always laughing to see poeple proposing to disable a feature
to resolve a bug within it. It remind me the old days where Microsoft enclosed parts of code with try catch blocs to resolve bugs (in fact they just used exception swallowing to make us believe they resolved the bug.....).
So I'm waiting a fix from Microsoft for this unbelievable mistake and a real lack of testing because I can't believe nobody realizes that !!!
Thank you again for your help -
Event ID 91 Could not connect to the Active Directory. Active Directory Certificate Services
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event ID: 91
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: DC1.chickbuns.com
Description:
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-CertificationAuthority" Guid="{6A71D062-9AFE-4F35-AD08-52134F85DFB9}" EventSourceName="CertSvc" />
<EventID Qualifiers="49754">91</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-07T19:34:00.000000000Z" />
<EventRecordID>819</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>DC1.chickbuns.com</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="MSG_E_DS_RETRY">
</EventData>
</Event>
:\Users\Administrator>dcdiag /fix
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
Warning: DC1 is not advertising as a time server.
......................... DC1 failed test Advertising
Starting test: FrsEvent
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: Replications
......................... DC1 passed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
......................... DC1 passed test Services
Starting test: SystemLog
......................... DC1 passed test SystemLog
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: LocatorCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
......................... chickbuns.com failed test LocatorCheck
Starting test: Intersite
......................... chickbuns.com passed test Intersite.My test lab one sinle domain controller server 2008 R2 Sp1 and member exchange server is using,the event error 91 is generated as per the technet article http://technet.microsoft.com/en-us/library/cc774525(v=ws.10).aspx the domain
computer and domain users in public key services container is not listed ..
C:\Users\Administrator>netdom /query fsmo
Schema master DC1.chickbuns.com
Domain naming master DC1.chickbuns.com
PDC DC1.chickbuns.com
RID pool manager DC1.chickbuns.com
Infrastructure master DC1.chickbuns.com
The command completed successfully.
Command Line: "dcdiag.exe
/V /D /C /E"
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC1, is a Directory Server.
Home Server = DC1
* Connecting to directory service on server DC1.
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=1
pszRootDomain=chickbuns.com
pszNC=
pszRootDomainFQDN=DC=chickbuns,DC=com
pszConfigNc=CN=Configuration,DC=chickbuns,DC=com
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
fAdam=0
iSiteOptions=0
dwTombstoneLifeTimeDays=180
dwForestBehaviorVersion=3
HomeServer=0, DC1
SERVER: pServer[0].pszName=DC1
pServer[0].pszGuidDNSName (binding str)=771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
pServer[0].pszDNSName=DC1.chickbuns.com
pServer[0].pszLdapPort=(null)
pServer[0].pszSslPort=(null)
pServer[0].pszDn=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pServer[0].pszComputerAccountDn=CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
pServer[0].uuidObjectGuid=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].uuidInvocationId=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].iSite=0 (Default-First-Site-Name)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=ea9513a0 01cf0dd4
pServer[0].ftRemoteConnectTime=ea2bca80 01cf0dd4
pServer[0].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=ForestDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[1]=DC=DomainDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[4]=DC=chickbuns,DC=com
SITES: pSites[0].pszName=Default-First-Site-Name
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].pszISTG=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].iSiteOption=0
pSites[0].cServers=1
NC: pNCs[0].pszName=ForestDnsZones
pNCs[0].pszDn=DC=ForestDnsZones,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=5fc582f9-b435-49a1-aa54-41769fc24206,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.chickbuns.com
pNCs[0].aCrInfo[0].iSourceServer=0
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=DomainDnsZones
pNCs[1].pszDn=DC=DomainDnsZones,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=9e1c2cb8-b90b-4e9f-90dd-9903f935e4af,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.chickbuns.com
pNCs[1].aCrInfo[0].iSourceServer=0
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[2].aCrInfo[0].iSourceServer=0
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[3].aCrInfo[0].iSourceServer=0
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=chickbuns
pNCs[4].pszDn=DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=CHICKBUNS,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[4].aCrInfo[0].iSourceServer=0
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, chickbuns,
1 TARGETS: DC1,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC1 ... OK.
* Active Directory RPC Services Check
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
The DC DC1 is advertising itself as a DC and having a DS.
The DC DC1 is advertising as an LDAP server
The DC DC1 is advertising as having a writeable directory
The DC DC1 is advertising as a Key Distribution Center
The DC DC1 is advertising as a time server
The DS DC1 is advertising as a GC.
......................... DC1 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC1 for domain chickbuns.com in site Default-First-Site-Name
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
[DC1] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC1 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Domain Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role PDC Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Rid Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC1.
* Security Permissions Check for
DC=ForestDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=chickbuns,DC=com
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=chickbuns,DC=com
(Configuration,Version 3)
* Security Permissions Check for
DC=chickbuns,DC=com
(Domain,Version 3)
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC1\netlogon
Verified share \\DC1\sysvol
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
DC1 is in domain DC=chickbuns,DC=com
Checking for CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com in domain DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com in domain CN=Configuration,DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
......................... DC1 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... DC1 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
DC=ForestDnsZones,DC=chickbuns,DC=com has 1 cursors.
DC=DomainDnsZones,DC=chickbuns,DC=com has 1 cursors.
CN=Schema,CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
DC=chickbuns,DC=com has 1 cursors.
* Replication Latency Check
......................... DC1 passed test Replications
Starting test: RidManager
ridManagerReference = CN=RID Manager$,CN=System,DC=chickbuns,DC=com
* Available RID Pool for the Domain is 1600 to 1073741823
fSMORoleOwner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
* DC1.chickbuns.com is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN=RID Set,CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1103
......................... DC1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC1 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... DC1 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... DC1 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com and backlink on
CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on
CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (msDFSR-ComputerReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com are
correct.
......................... DC1 passed test VerifyReferences
Starting test: VerifyReplicas
......................... DC1 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC1 passed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: DNS
Test results for domain controllers:
DC: DC1.chickbuns.com
Domain: chickbuns.com
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS
Microsoft Windows Server 2008 R2 Enterprise (Service Pack level: 1.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:0C:29:DE:7F:EB
IP Address is static
IP address: 192.168.1.30
DNS servers:
192.168.1.30 (dc1.chickbuns.com.) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: chickbuns.com.
Delegated domain name: _msdcs.chickbuns.com.
DNS server: dc1.chickbuns.com. IP:192.168.1.30 [Valid]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone chickbuns.com
Test record dcdiag-test-record deleted successfully in zone chickbuns.com
TEST: Records registration (RReg)
Network Adapter
[00000007] Intel(R) PRO/1000 MT Network Connection:
Matching CNAME record found at DNS server 192.168.1.30:
771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
DC1.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.48c41195-2630-4461-aaef-ec2a63cd8bf3.domains._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._udp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kpasswd._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.gc._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_gc._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.pdc._msdcs.chickbuns.com
Total query time:0 min. 3 sec.. Total RPC connection
time:0 min. 0 sec.
Total WMI connection time:0 min. 6 sec. Total Netuse connection
time:0 min. 0 sec.
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.1 (<name unavailable>)
All tests passed on this DNS server
Total query time:0 min. 0 sec., Total WMI connection
time:0 min. 5 sec.
DNS server: 192.168.1.30 (dc1.chickbuns.com.)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.chickbuns.com. is operational on IP 192.168.1.30
Total query time:0 min. 3 sec., Total WMI connection
time:0 min. 0 sec.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: chickbuns.com
DC1 PASS PASS PASS PASS PASS PASS n/a
Total Time taken to test all the DCs:0 min. 9 sec.
......................... chickbuns.com passed test DNS
Starting test: LocatorCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test FsmoCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... chickbuns.com passed test Intersite -
Active Directory Certificate Services
Hello,
I have an issue with CRL and delta CRL which I cannot publish
the errors are:
1. Active Directory Certificate services could not publish a Delta CRL for key 0 to the following location: ldap:///...
operation aborted 0x80004004 (-2147467260)
and another event id 74
please help
thanks
MashhourHi,
I suggest you start troubleshoot this issue from these guides below:
Event ID 66 — AD CS Certificate Revocation List (CRL) Publishing
http://technet.microsoft.com/en-us/library/cc726342(v=WS.10).aspx
Event ID 74 — AD CS Certificate Revocation List (CRL) Publishing
http://technet.microsoft.com/en-us/library/cc726336(v=WS.10).aspx
Please make sure that CA has Write permissions on the location mentioned in the Event message, and ensure that there is no network connectivity issue between CA and Domain Controller.
Best Regards,
Amy -
Active Directory Web Services service terminated unexpectedly
Hi everyone:
I'm having a problem with the Active Directory Web Services service does not start. Attach the event ID:
Log System:
Log Name: System
Source: Service Control Manager
Date: 1/6/2015 6:55:19 PM
Event ID: 7034
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
The Active Directory Web Services service terminated unexpectedly. It has done this 35 time(s).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7034</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:19.292471600Z" />
<EventRecordID>32583</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="1388" />
<Channel>System</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Active Directory Web Services</Data>
<Data Name="param2">35</Data>
<Binary>41004400570053000000</Binary>
</EventData>
</Event>
Log Application:
Log Name: Application
Source: .NET Runtime
Date: 1/6/2015 6:55:13 PM
Event ID: 1026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
Application: Microsoft.ActiveDirectory.WebServices.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ServiceModel.CommunicationObjectFaultedException
Stack:
at System.ServiceModel.Channels.CommunicationObject.Close(System.TimeSpan)
at Microsoft.ActiveDirectory.WebServices.WindowsHostService.StartService(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name=".NET Runtime" />
<EventID Qualifiers="0">1026</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:13.000000000Z" />
<EventRecordID>1661713</EventRecordID>
<Channel>Application</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data>Application: Microsoft.ActiveDirectory.WebServices.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ServiceModel.CommunicationObjectFaultedException
Stack:
at System.ServiceModel.Channels.CommunicationObject.Close(System.TimeSpan)
at Microsoft.ActiveDirectory.WebServices.WindowsHostService.StartService(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
</Data>
</EventData>
</Event>
And
Log Name: Application
Source: Application Error
Date: 1/6/2015 6:55:13 PM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: xxx.dominio.com
Description:
Faulting application name: Microsoft.ActiveDirectory.WebServices.exe, version: 6.2.9200.16579, time stamp: 0x516356a2
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d34d8
Exception code: 0xe0434352
Fault offset: 0x0000000000047b8c
Faulting process id: 0x4ac
Faulting application start time: 0x01d02a03d45e2d00
Faulting application path: C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 1273a0f1-95f7-11e4-93f7-3440b59e2092
Faulting package full name:
Faulting package-relative application ID:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2015-01-06T22:55:13.000000000Z" />
<EventRecordID>1661714</EventRecordID>
<Channel>Application</Channel>
<Computer>xxx.dominio.com</Computer>
<Security />
</System>
<EventData>
<Data>Microsoft.ActiveDirectory.WebServices.exe</Data>
<Data>6.2.9200.16579</Data>
<Data>516356a2</Data>
<Data>KERNELBASE.dll</Data>
<Data>6.2.9200.16864</Data>
<Data>531d34d8</Data>
<Data>e0434352</Data>
<Data>0000000000047b8c</Data>
<Data>4ac</Data>
<Data>01d02a03d45e2d00</Data>
<Data>C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe</Data>
<Data>C:\Windows\system32\KERNELBASE.dll</Data>
<Data>1273a0f1-95f7-11e4-93f7-3440b59e2092</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
I was working about this solution but nothing. "http://blogs.microsoft.co.il/yuval14/2012/06/08/how-to-resolve-error-message-the-active-directory-web-services-service-terminated-unexpectedly-event-id-4079-andor-7034/".
I changed the Microsoft.ActiveDirectory.WebServices.exe.config file, add two line " <add key=”DebugLevel” value=”Info” />
<add key=”DebugLogFile” value=”c:windowsdebugadws.log” />", Attach the log
ADWS Log - AppDomain Microsoft.ActiveDirectory.WebServices.exe with ID 1 - 01/06/2015 17:51:37 ((UTC-04:00) Georgetown, La Paz, Manaus, San Juan)
OS Version Microsoft Windows NT 6.2.9200.0 - CLR Version 4.0.30319.18449
ADWS: [1/6/2015 5:51:37 PM] [1] Main: entered
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeBackupPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeBackupPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeRestorePrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeRestorePrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeAssignPrimaryTokenPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeAssignPrimaryTokenPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeIncreaseQuotaPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeIncreaseQuotaPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeDebugPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeDebugPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeTcbPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeTcbPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: trying to remove priviledge SeShutdownPrivilege
Utils: [1/6/2015 5:51:37 PM] [1] RemovePriviledgeFromProcess: unable to remove SeShutdownPrivilege priviledge because it was absent
Utils: [1/6/2015 5:51:37 PM] [1] RemoveUnnecessaryPriviledges: all present unnecessary priviledges removed successfully
Program: [1/6/2015 5:51:37 PM] [1] Main: Starting Windows service host.
WindowsHostService: [1/6/2015 5:51:37 PM] [1] WindowsHostService constructed
WindowsHostService: [1/6/2015 5:51:37 PM] [4] OnStart: entering.
WindowsHostService: [1/6/2015 5:51:37 PM] [4] OnStart: ServiceStart thread started.
WindowsHostService: [1/6/2015 5:51:37 PM] [6] StartService: entering.
PerfCounters: [1/6/2015 5:51:37 PM] [6] InstallCountersIfNeeded: entered
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: entered
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: System\CurrentControlSet\Services\ADWS key is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: System\CurrentControlSet\Services\ADWS\Performance key is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: First Counter value is present
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersInstalled: perf counters are installed
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: installed perf counter version: 6
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: desired perf counter version: 6
PerfCounters: [1/6/2015 5:51:37 PM] [6] AreCountersCurrent: perf counter category ADWS is current
PerfCounters: [1/6/2015 5:51:37 PM] [6] InstallCountersIfNeeded: counters already installed and current, no work needed
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Create Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Delete Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Get Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Put Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Enumerate Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Pull Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Open Enumeration Contexts' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADGroupMember Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADPrincipalGroupMembership Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'SetPassword Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'ChangePassword Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADPrincipalAuthorizationGroup Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'TranslateName Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADDomainController Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADDomain Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'MoveADOperationMasterRole Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetADForest Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'ChangeOptionalFeature Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'GetVersion Operations Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Number of Directory Instances' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Possible Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Allocated Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Reserved Connections' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Non-reserved Connections In Use' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Reserved Connections In Use' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Open Web Service Sessions' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Active Web Service Sessions' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Web Service Sessions Created Per Second' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Maximum Possible Size' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Connection Creation Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action LDAP Cache Connection Reuse Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Maximum Possible Size' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Connection Creation Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action DS RPC Cache Connection Reuse Rate' performance counter
AdwsPerfCounter: [1/6/2015 5:51:37 PM] [6] AdwsPerfCounter: constructed 'Custom Action Cache Size' performance counter
PerfCounters: [1/6/2015 5:51:37 PM] [6] Initialize: initializing performance counters
PerfCounters: [1/6/2015 5:51:37 PM] [6] Initialize: all performance counters initialized
ADWSHost: [1/6/2015 5:51:37 PM] [6] ADWSHost constructed
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: using host name for certificate name
Utils: [1/6/2015 5:51:37 PM] [6] GetComputerDnsName: computer name is xxx.dominio.com
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: using cert name xxx.dominio.com
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] ProvisionCertificate: loaded certificate
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] AddServiceThrottlingBehavior: MaxConcurrentCalls=32, MaxConcurrentSessions=500
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: including UserName endpoints
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: adding endpoints for Windows/
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateServiceHost: adding endpoints for UserName/
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxReceivedMessageSize=1048576, ReceiveTimeout=00:10:00
ADWSHostFactory: [1/6/2015 5:51:37 PM] [6] CreateAdwsTransportWithMessageCredentialBinding: MaxDepth=10, MaxArrayLength=16384, MaxStringContentLength=32768
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StartConfigurationLoading: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StartConfigurationLoading: establishing watcher on C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe.Config
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for InitialPoolConnections, using default value 5
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 10 for MaxPoolConnections
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 50 for MaxPercentageReservedConnections
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxReservedIdleTimeout, using default value 00:02:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxReservedTimeout, using default value 00:30:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 5 for MaxConnectionsPerUser
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxBindLifetime, using default value 00:15:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxServerDownRetry, using default value 10
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for SyntaxCacheEntryLifetime, using default value 01:00:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:30:00 for MaxEnumContextExpiration
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:02:00 for OperationTimeout
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 00:02:00 for MaxPullTimeout
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 5 for MaxEnumCtxsPerSession
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 100 for MaxEnumCtxsTotal
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CertName, using default value NULL
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for MaxGroupOrMemberEntries, using default value 5000
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CustomActionConnectionCount, using default value 10
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for CustomActionIdleConnectionTimeout, using default value 00:02:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: no value specified for InstanceRediscoveryInterval, using default value 00:01:00
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 32 for MaxConcurrentCalls
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value 500 for MaxConcurrentSessions
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value Info for DebugLevel
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] LoadConfigSettingsFromFile: using loaded value C:\temp\windowsdebugadws.log for DebugLogFile
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] ValidateSettingLimits: entered
ClassManager: [1/6/2015 5:51:37 PM] [6] Start: starting...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: thread starting
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] Scavenger: waking up at 00:00:40 interval
EnumerationContextCache: [1/6/2015 5:51:37 PM] [6] EnumerationContextCache: using timer inverval 00:00:30
InstanceMap: [1/6/2015 5:51:37 PM] [6] InstanceMap: using timer inverval 00:01:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadAll: beginning
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: found NTDS Parameters key
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadNTDSInstance: trying to change state to DC
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: trying to change state for identifier ldap:389
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddSessionPool: adding a session pool for NTDS
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=NTDS, init=5, max=10
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=NTDS, init=5, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 0
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=1, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 1
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=2, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 2
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=3, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 3
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=4, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 4
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=NTDS
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=NTDS, new count=5, max=10
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: state change successful (now hosts identifier ldap:389)
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: entered
DirectoryUtilities: [1/6/2015 5:51:37 PM] [6] GetTimeRemaining: remaining time is 00:02:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: isGlobalCatalogReady: TRUE
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: NTDS Settings DN: CN=NTDS Settings,CN=XXX,CN=Servers,CN=Alpacoma,CN=Sites,CN=Configuration,DC=dominio,DC=com
DirectoryUtilities: [1/6/2015 5:51:37 PM] [6] GetTimeRemaining: remaining time is 00:02:00
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckForGlobalCatalog: options: 1
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: CheckForGlobalCatalog=True
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadGCInstance: trying to change state to Global Catalog
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: trying to change state for identifier ldap:3268
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddSessionPool: adding a session pool for GC
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=GC, init=5, max=10
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] InitializeInstance: entering, instance=GC, init=5, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 0
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=1, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 1
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=2, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 2
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=3, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 3
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=4, max=10
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ConnectionPool: trying to add connection 4
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: entering, instance=GC
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] ConnectionPoolEntry: connection created
ConnectionPool: [1/6/2015 5:51:37 PM] [6] AddConnectionIfPossible: grew pool, instance=GC, new count=5, max=10
InstanceMap: [1/6/2015 5:51:37 PM] [6] AddRemoveSessionPoolAndDictionaryEntry: state change successful (now hosts identifier ldap:3268)
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadADAMInstances: entered
InstanceMap: [1/6/2015 5:51:37 PM] [6] CheckAndLoadAll: caught unexpected exception System.IO.IOException: No more data is available.
at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
at Microsoft.Win32.RegistryKey.InternalGetSubKeyNames()
at Microsoft.ActiveDirectory.WebServices.InstanceMap.DiscoverInstancesFromRegistry(String regRootKey, String regKeyInstancePrefix, Boolean& instanceEncounteredErrorsOnThisRun, List`1 discoveredInstances, DirectoryType directoryType)
at Microsoft.ActiveDirectory.WebServices.InstanceMap.CheckAndLoadADAMInstances()
at Microsoft.ActiveDirectory.WebServices.InstanceMap.CheckAndLoadAll()
ADWSHost: [1/6/2015 5:51:37 PM] [6] OnClosed: entered
CustomActionCaches: [1/6/2015 5:51:37 PM] [6] StopCaches: disposing Custom Action connection caches
ClassManager: [1/6/2015 5:51:37 PM] [6] Stop: closing down...
EnumerationContextCache: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
QuotaTracker: [1/6/2015 5:51:37 PM] [6] Clear: clearing all usage
DirectoryActionImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
DirectoryDataAccessImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: woke up
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [3] ScavengerThread: received termination signal, exiting
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing pool
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing (instance=NTDS)...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ProhibitConnectionAcquisition: entering, instance=NTDS
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing pool
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing (instance=GC)...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] ProhibitConnectionAcquisition: entering, instance=GC
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
ConnectionPool: [1/6/2015 5:51:37 PM] [6] Dispose: disposing a ConnectionPoolEntry
ConnectionPoolEntry: [1/6/2015 5:51:37 PM] [6] Dispose: disposing...
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing utility connection NTDS
LdapSessionPoolImplementation: [1/6/2015 5:51:37 PM] [6] Dispose: disposing utility connection GC
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] StopConfigurationLoading: entered
ConfigurationSettings: [1/6/2015 5:51:37 PM] [6] Dispose: disposing
Some Idea, Tks for your help.
migrationsHere a dump file when I try to start the service, I hope can you help me.
Version=1
EventType=CLR20r3
EventTime=130652059133527283
ReportType=2
Consent=1
ReportIdentifier=4368792e-974e-11e4-93f7-3440b59e2092
IntegratorReportIdentifier=4368792d-974e-11e4-93f7-3440b59e2092
NsAppName=Microsoft.ActiveDirectory.WebServices.exe
Response.type=4
Sig[0].Name=Problem Signature 01
Sig[0].Value=V0KXCIQIJBOA2NW5DIQBFTEBV5SCPPFH
Sig[1].Name=Problem Signature 02
Sig[1].Value=6.2.9200.16579
Sig[2].Name=Problem Signature 03
Sig[2].Value=516356a2
Sig[3].Name=Problem Signature 04
Sig[3].Value=System.ServiceModel
Sig[4].Name=Problem Signature 05
Sig[4].Value=4.0.30319.34230
Sig[5].Name=Problem Signature 06
Sig[5].Value=53be5c02
Sig[6].Name=Problem Signature 07
Sig[6].Value=ca
Sig[7].Name=Problem Signature 08
Sig[7].Value=c4
Sig[8].Name=Problem Signature 09
Sig[8].Value=I0SHPZEWVQV4P1UJY40X15MQTHF34RR5
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.2.9200.2.0.0.272.7
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
DynamicSig[22].Name=Additional Information 1
DynamicSig[22].Value=5220
DynamicSig[23].Name=Additional Information 2
DynamicSig[23].Value=52200675db6baa97bf416b02ff886e01
DynamicSig[24].Name=Additional Information 3
DynamicSig[24].Value=0b14
DynamicSig[25].Name=Additional Information 4
DynamicSig[25].Value=0b146b7eb5ed6bd9871c898c60ee5051
UI[2]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
UI[5]=Check online for a solution (recommended)
UI[6]=Check for a solution later (recommended)
UI[7]=Close
UI[8]=Microsoft.ActiveDirectory.WebServices stopped working and was closed
UI[9]=A problem caused the application to stop working correctly. Windows will notify you if a solution is available.
UI[10]=&Close
LoadedModule[0]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
LoadedModule[1]=C:\Windows\SYSTEM32\ntdll.dll
LoadedModule[2]=C:\Windows\SYSTEM32\MSCOREE.DLL
LoadedModule[3]=C:\Windows\system32\KERNEL32.dll
LoadedModule[4]=C:\Windows\system32\KERNELBASE.dll
LoadedModule[5]=C:\Windows\SYSTEM32\dlphook.x64.dll
LoadedModule[6]=C:\Windows\SYSTEM32\VERSION.dll
LoadedModule[7]=C:\Windows\system32\PSAPI.DLL
LoadedModule[8]=C:\Windows\system32\ADVAPI32.dll
LoadedModule[9]=C:\Windows\system32\WS2_32.dll
LoadedModule[10]=C:\Windows\system32\msvcrt.dll
LoadedModule[11]=C:\Windows\SYSTEM32\sechost.dll
LoadedModule[12]=C:\Windows\system32\RPCRT4.dll
LoadedModule[13]=C:\Windows\system32\NSI.dll
LoadedModule[14]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
LoadedModule[15]=C:\Windows\system32\SHLWAPI.dll
LoadedModule[16]=C:\Windows\system32\USER32.dll
LoadedModule[17]=C:\Windows\system32\GDI32.dll
LoadedModule[18]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
LoadedModule[19]=C:\Windows\SYSTEM32\MSVCR110_CLR0400.dll
LoadedModule[20]=C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\51fbf5aac9c6f1aef14557276f98ad28\mscorlib.ni.dll
LoadedModule[21]=C:\Windows\system32\ole32.dll
LoadedModule[22]=C:\Windows\SYSTEM32\combase.dll
LoadedModule[23]=C:\Windows\SYSTEM32\CRYPTBASE.dll
LoadedModule[24]=C:\Windows\SYSTEM32\bcryptPrimitives.dll
LoadedModule[25]=C:\Windows\SYSTEM32\CRYPTSP.dll
LoadedModule[26]=C:\Windows\system32\rsaenh.dll
LoadedModule[27]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
LoadedModule[28]=C:\Windows\system32\OLEAUT32.dll
LoadedModule[29]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System\803e478b5cb2fe994c4f977853849956\System.ni.dll
LoadedModule[30]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\060758702287150a3b9ca51bfbd135e4\System.ServiceProcess.ni.dll
LoadedModule[31]=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.Shared.dll
LoadedModule[32]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\af08c33d3e853168e58f0bb32118170b\System.Configuration.ni.dll
LoadedModule[33]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\5641065f716dfd6c76dd7bc6ab18c47a\System.Core.ni.dll
LoadedModule[34]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\b3344890d2d919e93f506faabd08186a\System.Xml.ni.dll
LoadedModule[35]=C:\Windows\system32\urlmon.dll
LoadedModule[36]=C:\Windows\system32\iertutil.dll
LoadedModule[37]=C:\Windows\system32\WININET.dll
LoadedModule[38]=C:\Windows\system32\USERENV.dll
LoadedModule[39]=C:\Windows\system32\profapi.dll
LoadedModule[40]=C:\Windows\SYSTEM32\Secur32.dll
LoadedModule[41]=C:\Windows\SYSTEM32\SSPICLI.DLL
LoadedModule[42]=C:\Windows\system32\SHELL32.dll
LoadedModule[43]=C:\Windows\SYSTEM32\SHCORE.dll
LoadedModule[44]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\7ab37f1ca732666c1ab41d8e500942e0\System.DirectoryServices.Protocols.ni.dll
LoadedModule[45]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\4e643cb8b12402db89eb2d5839872b78\System.ServiceModel.ni.dll
LoadedModule[46]=C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\02b9ba874b1c07b6016aa9406745e96b\SMDiagnostics.ni.dll
LoadedModule[47]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\f936aad8a951da6674d460db1855a3db\System.Web.Services.ni.dll
LoadedModule[48]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\8944debbd3293f930c7e37b64aed0d77\System.ServiceModel.Internals.ni.dll
LoadedModule[49]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\5844c97798b9e56b45cb0e5d3505ffd2\System.IdentityModel.ni.dll
LoadedModule[50]=C:\Windows\system32\crypt32.dll
LoadedModule[51]=C:\Windows\system32\MSASN1.dll
LoadedModule[52]=C:\Windows\SYSTEM32\DPAPI.dll
LoadedModule[53]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3838e7c87e962eaec01572bff0396922\System.Runtime.Serialization.ni.dll
LoadedModule[54]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\38df17ed0feec9b27d7d33272eecc176\System.ServiceModel.Web.ni.dll
LoadedModule[55]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\4ecba93b4eae5bb0c97205c4e4196702\System.DirectoryServices.ni.dll
LoadedModule[56]=C:\Windows\system32\wldap32.dll
LoadedModule[57]=C:\Windows\system32\mswsock.dll
LoadedModule[58]=C:\Windows\SYSTEM32\DNSAPI.dll
LoadedModule[59]=C:\Windows\System32\rasadhlp.dll
LoadedModule[60]=C:\Windows\System32\fwpuclnt.dll
LoadedModule[61]=C:\Windows\SYSTEM32\IPHLPAPI.DLL
LoadedModule[62]=C:\Windows\SYSTEM32\WINNSI.DLL
LoadedModule[63]=C:\Windows\SYSTEM32\DSPARSE.dll
LoadedModule[64]=C:\Windows\system32\kerberos.DLL
LoadedModule[65]=C:\Windows\SYSTEM32\cryptdll.dll
LoadedModule[66]=C:\Windows\SYSTEM32\bcrypt.dll
LoadedModule[67]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
FriendlyEventName=Stopped working
ConsentKey=CLR20r3
AppName=Microsoft.ActiveDirectory.WebServices
AppPath=C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
NsPartner=windows
NsGroup=windows8
Tks for your help.
migrations -
Hi,
We have some problems with our Root CA. I can se a lot of failed requests. with the event id 22: in the logs. The description is: Active Directory Certificate Services could not process request 3686 due to an error: The revocation function was unable to
check revocation because the revocation server was offline. 0x80092013 (-2146885613). The request was for CN=xxxxx.ourdomain.com. Additional information: Error Verifying Request Signature or Signing Certificate
A couple of months ago we decomissioned one of our old 2003 DCs and it looks like this server might have had something to do with the CA structure but I am not sure whether this was in use or not since I could find the role but I wasn't able to see any existing
configuration.
Let's say that this server was previously responsible for the certificates and was the server that should have revoked the old certs, what can I do know to try and correct the problem?
Thank you for your help
//Crishello,
let me recap first:
you see these errors on a ROOT CA. so it seems like the ROOT CA is also operating as an ISSUING CA. Some clients try to issue a new certificate from the ROOT CA and this fails with your error mentioned.
do you say that you had a PREVIOUS CA which you decomissioned, and you now have a brand NEW CA, that was built as a clean install? When you decommissioned the PREVIOUS CA, that was your design decision to don't bother with the current certificates that it
issued and which are still valid, right?
The error says, that the REQUEST signature cannot be validated. REQUESTs are signed either by itself (self-signed) or if they are renewal requests, they would be signed with the previous certificate which the client tries to renew. The self-signed REQUESTs
do not contain CRL paths at all.
So this implies to me as these requests that are failing are renewal requests. Renewal requests would contain CRL paths of the previous certificates that are nearing their expiration.
As there are many such REQUEST and failures, it probably means that the clients use AUTOENROLLMENT, which tries to renew their current, but shortly expiring, certificates during (by default) their last 6 weeks of lifetime.
As you decommissioned your PREVIOUS CA, it does not issue CRL anymore and the current certificates cannot be checked for validity.
Thus, if the renewal tries to renew them by using the NEW CA, your NEW CA cannot validate CRL of the PREVIOUS CA and will not issue new certificates.
But it would not issue new certificates anyway even if it was able to verify the PREVIOUS CA's CRL, as it seems your NEW CA is completely brand new, without being restored from the PREVIOUS CA's database. Right?
So simply don't bother :-) As long as it was your design to decommission the PREVIOUS CA without bothering with its already issued certificates.
The current certificates which autoenrollment tries to renew cannot be checked for validity. They will also slowly expire over the next 6 weeks or so. After that, autoenrollment will ask your NEW CA to issue a brand new certificate without trying to renew.
Just a clean self-signed REQUEST.
That will succeed.
You can also verify this by trying to issue a certificate on an affected machine manually from Certificates MMC.
ondrej. -
Hi,
I need to create local digital signatures for my users. How can I do that using W2k8 Active Directory Certificate Services? We are gonna sign Office 2010 documents.
What company offers cheap digital signatures solutions?
Thanks in advancedConsider the following:
if you use your local CA server to issue digital signature certificates, there is no cost, because you are eligible to issue so many certificates as you need. However, documents signed by these certificates will be considered trusted only within your AD
forest and other machines that explicitly trust your local CA. Any external client will not trust your signatures.
If you want to make your signature trusted outside your network (say, in worldwide), you need to pruchase a certificate from trusted commercial CA (VeriSign, GoDaddy, GlobalSign, StartCom, etc) according to respective vendor price list. In that case you
don't need to have your local CA server, because it is not used. All certificate management is performed by the external CA. A most common scenario is to purchase signing certificate for particular departament principals (head managers) or few certificates
for a whole company (all documents are revised by a responsible person or persons who holds signing certificate and sign them after review).
so, it is not clear from your post what exactly you need.
My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Windows PKI reference:
on TechNet wiki -
Hi,
I am trying to install certificate services on a windows 2008 server (R2 ENT SP1) with a PCIe nCipher HSM module installed on it. The version of nCipher SW is = 11.30. It is a RootCA, and I am trying to use a key that is already stored in the HSM (I
have done this before with a PCI HSM (older HW version)). I select “Use existing private key” and “Select an existing private key on this computer” on the wizard, then i change the CSP to nCipher and click on "search" the key I am looking for
appears and I select that one. I repeat, I have done this before and it works with a PCI HSM module.
The installation is finished before being prompted to insert the operator cards, and it ends with two errors:
<Error>: Active Directory Certificate Services setup failed with the following error: Overlapped I/O operation is in progress. 0x800703e5 (WIN32: 997)
And:
<Error>: Active Directory Certificate Services setup failed with the following error: The group or resource is not in the correct state to perform the requested operation.
0x8007139f (WIN32: 5023)
The servermanager.log says:
1856: 2014-07-23 18:27:48.195 [CAManager] Sync: Validity period units: Years
1856: 2014-07-23 18:27:48.928 [Provider] Error (Id=0) System.Runtime.InteropServices.COMException (0x800703E5): CCertSrvSetup::Install: Overlapped I/O operation is in progress. 0x800703e5 (WIN32: 997)
at Microsoft.CertificateServices.Setup.Interop.CCertSrvSetupClass.Install()
at Microsoft.Windows.ServerManager.CertificateServer.CertificateServerRoleProvider.Configure(InstallableFeatureInformation featureInfo, DiscoveryResult discoveryResult, ChangeTracker changeTracker)
1856: 2014-07-23 18:27:48.928 [Provider] CAErrorID: 0, CAErrorString: 'Active Directory Certificate Services setup failed with the following error: Overlapped I/O operation is in progress.
0x800703e5 (WIN32: 997)'
1856: 2014-07-23 18:27:48.928 [Provider] Adding error message.
1856: 2014-07-23 18:27:48.928 [Provider] [STAT] For 'Certification Authority':
And:
1856: 2014-07-23 18:27:49.053 [CAWebProxyManager] Sync: Initializing defaults
1856: 2014-07-23 18:27:49.162 [Provider] Error (Id=0) System.Runtime.InteropServices.COMException (0x8007139F): CCertSrvSetup::Install: The group or resource is not in the correct state to perform the requested operation. 0x8007139f (WIN32: 5023)
at Microsoft.CertificateServices.Setup.Interop.CCertSrvSetupClass.Install()
at Microsoft.Windows.ServerManager.CertificateServer.CertificateServerRoleProvider.Configure(InstallableFeatureInformation featureInfo, DiscoveryResult discoveryResult, ChangeTracker changeTracker)
1856: 2014-07-23 18:27:49.162 [Provider] CAErrorID: 0, CAErrorString: 'Active Directory Certificate Services setup failed with the following error: The group or resource is not in the correct
state to perform the requested operation. 0x8007139f (WIN32: 5023)'
1856: 2014-07-23 18:27:49.162 [Provider] Adding error message.
Has anyone experienced this before? Am I missing something here?
Any help will be very appreciated
Thanks in advance
Best regards
Alejandro Lozano VillanuevaHi, thanks for your support.
I have been playing around a bit with some ncipher commands and found this:
C:\Program Files (x86)\nCipher\nfast\bin>cspcheck.exe
cspcheck: fatal error: File key_mscapi_container-1c44b9424a23f6cddc91e8a065241a0
9aa719e4f (key #1): 0 modules contain the counter (NVRAM file ID 021c44b9424a23f
6cddc91)
cspcheck: information: 2 containers and 2 keys found.
cspcheck: fatal error occurred.
If I perform the same command on the original server (the server with the original kmdata folder and with the running RootCA services):
E:\nfast\bin>cspcheck.exe
cspcheck: information: 2 containers and 2 keys found.
cspcheck: everything seems to be in order.
Strange?
Moreover, when I do a csptest.exe command (also on both servers, i find this)
On the new server:
C:\Program Files (x86)\nCipher\nfast\bin>csptest.exe
nCipher CSP test software
=========================
Found the nCipher domestic CSP named 'nCipher Enhanced Cryptographic Provider'
Provider name: nCipher Enhanced Cryptographic Provider
Version number: 1.48
User key containers:
Container 'csptest.exe' has no stored keys.
Container 'Administrator' has no stored keys.
Machine key containers:
Container '352dd28a-17cb-4c6f-b6e4-bf39bcf75db5' has a 2048-bit signature key.
Container 'ROOTCA' has no stored keys.
Container 'csptest.exe' has no stored keys.
While in the old server:
E:\nfast\bin>csptest.exe
nCipher CSP test software
=========================
Found the nCipher domestic CSP named 'nCipher Enhanced Cryptographic Provider'
Provider name: nCipher Enhanced Cryptographic Provider
Version number: 1.40
User key containers:
Container 'csptest.exe' has no stored keys.
Machine key containers:
Container '352dd28a-17cb-4c6f-b6e4-bf39bcf75db5' has a 2048-bit signature key.
Container 'ROOTCA' has a 2048-bit signature key.
Container 'csptest.exe' has no stored keys.
As you can see, the container called ROOTCA, which is the one that I use during the installation, says it has no stored keys. While on the old server, it says it contains a key. Why is this happening? I dont know, I am copying the complete
key management folder from one server to another and initialize the security world with that folder as I always do, and i dont have any errors during this procedure.
Do you know what could be the cause of this? or how can I fix this? Thanks a lot, best regards.
Alejandro Lozano Villanueva -
Hi,
When I check pkiview.msc on my 2012 Subordinate CA I get the error shown in the first picture below. I'm also getting errors similar to below in the event log:
"Active Directory Certificate Services could not create an encryption certificate. Requested by contoso\admin1. The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE)."
I'm assisting in setting up a 2 tier PKI infrastructure using Windows 2012. The root CA looks good, but we're getting errors on the subordinate. The server was working, but we discovered that the server would only issue certificates with a maximum of a 1
year expiry date - obviously no good, so we decided to run through the following commands on the root CA (as recommended byhttp://www.techieshelp.com/subordinate-ca-increase-certificate-validity/)
certutil -setreg ca\ValidityPeriodunits "Years"
certutil -setreg ca\ValidityPeriod "5"
restarted AD certificate services on the root and subordinate CA.Then did the following on the subordinate CA:
1.On the Subordinate CA create a new CA request by right clicking the server in ADCS and select New Request.
2.Supplied the original request file from the subordinate CA (I couldn't find a way of generating a new request file)
3.Issued the certificate using the Root CA.
4.On the Subordinate CA ADCS installed new CA cert.
However, I keep on getting CDP or AIA errors on my subordinate CA.Also I'm missing a CDP field value when I look at the certificate listed in the personal and trusted certification authority store on my subordinate CA.
In addition, when I look at my CDP locations in Certificate Authority, I see a lot of CDPs, but I'm not sure if I need them all - I suspect I could just get away with LDAP, the C:\windows path and a single http:// path.
I've tried renewing the existing certificate and CRL on my subordinate CA, but that didn't work either.
Please advise.
ThanksOk, the process to renew the subordinate CA is incorrect. Once the registry setting to change the validity period was made on the root CA, the root CA ADCS service needs to be restarted. That is the only time those keys are read. Then:
1) On the subordinate CA, open the CA tool, right click the CA and select Renew CA Certificate. You can use the same key, no need to create a new one. It will create a NEW certificate request file
2) Copy that to the Root CA and submit like you would have done during the initial install
3) Approve the request and export the issued certificate
4) On the subordinate CA, in the CA tool, right click the CA and choose Install CA Certificate.
You can not reuse request files.
Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years. -
Event properties – Event 91, Level Error, Event ID 91, Date and time 5/10/2012 11:29:48AM, Service CertificationAuthority
General:
Could not connect to the Active Directory.
Active Directory Certificate Services will retry when processing requires Active Directory access.
We have a Windows 2008 Server Enterprise with AD . I would like to enable the service "Certificate Services" that
allow me to enable radius to authenticate users wireless with the active directory.Hi,
Can you please check this forum or someone from Microsoft, as we have post here dating back from October that are not being answered.
Everything for us is exactly the same as szucsati and Racom
NMNM,
Please give us an answer on this as the link provided is absolutely useless.
Thank you. -
List of Domains and Child Domains
I am working in Windows Server 2008 R2 SP1.
Is there a way to list Domains and Child Domains entered this way:
http://technet.microsoft.com/en-us/library/cc731541(v=ws.10).aspxHi Philosophiae,
Please refer to the cmdlet
Get-ADDomain on server 2008 R2, it will get abundant domain information.
Best Regards,
Anna -
Windows 2000/Active Directory - Gateway on none domain controller
I have been trying to configure a Gateway to run on a non member server and have it point to a domain. All attempts to work of the remote machine have failed and wonder what I am doing wrong. Here is an out line of what I have done:
Environment
All machines are Windows 2003 running in VMWare instances.
Machine 1: Gateway machine. IDM is installed but not running. Server name = USTRSDLMS009VM1, member of the workgroup IDM
Machine 2: AD machine, Gateway installed. IDM is installed but not running. Server Name = USTRSDLMS009VM2. Domain Name = IdMTestAd.IdMTest.com.
Machine 3: IDM is installed and running. Servername = USTRSDLMS009VM3 member of the workgroup IDM
Basic Tests:
All machines can ping each other by both computer name and ip address.
Easy step first
Connect to IDM on Machine 3 (IDM server) configure the Windows 2000/Active Directory RA to point to the Gateway on Machine 2 (AD server). All works perfect. Server is identified with IP address.
Remote server test
Connect to IDM on Machine 3 (IDM server) configure the Windows 2000/Active Directory RA to point to the Gateway on Machine 2 (Gateway machine). This does not work. Configuration of Resource Parameters is as follows:
Host: Configured using both IP or ServerName
TCP Port: 9278
User: Administrator
container: cn=users,dc=idmtestad,dc=idmlab,dc=com
LDAP HostName, DomainName, IP or Servername of Server 1 (standalone gateway server). This is the setting that should allow me to use a remote machine. NOTE: I have done tons of tests and they all indicate that this field is not working.
I get the following error message when I try and connect:
Test connection failed for resource(s):
AD-VM2DirectConnect: Error opening object 'LDAP://cn=users,dc=idmtestad,dc=idmlab,dc=com': ADsOpenObject(): 0X8007054B: , , The specified domain either does not exist or could not be contacted.
I have also tested connecting to the LDAP using an LDAP browser with the same credentials from the standalone gateway machine. Worked fine.
The following is the Gateway Trace log from the standalone gateway machine. I will post it as a seperate item in the thread (a little cleaner I think). But the basic error section is:
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,7352): buildBindOptions bind flag = 0x1
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5182): Error opening object 'LDAP://cn=users,dc=idmtestad,dc=idmlab,dc=com': ADsOpenObject(): 0X8007054B: , , The specified domain either does not exist or could not be contacted.The GW Log file from the stand alone GW server.
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/logging/WSTrace.cpp,146): trace active, level: 4, file: c:\gwtrace\gwtrace.txt, maxSize: 3500 KB
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/logging/WSTrace.cpp,201): Trace file set to 'c:\gwtrace\gwtrace.txt'
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,116): Enter: reply
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,74): Enter: sendBuffer
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,88): Sending buffer:
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <?xml version='1.0' encoding='UTF-16'?>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Response>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Result status='ok'>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <ResultItem type='message' status='ok'>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Text>Trace level set to 4</Text>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </ResultItem>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <ResultItem type='message' status='ok'>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Text>Trace file maximum size set to 3500</Text>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </ResultItem>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <ResultItem type='message' status='ok'>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Text>Trace file set to 'c:\gwtrace\gwtrace.txt'</Text>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Message>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </ResultItem>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Result>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Response>
02/28/2006 13.14.33.765000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,110): SendPrivate: count: 1100 pad: 8
02/28/2006 13.14.33.781000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,103): Exit: sendBuffer
02/28/2006 13.14.33.781000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,124): Exit: reply
02/28/2006 13.14.33.781000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,558): Exit: ProcessCommand
02/28/2006 13.14.33.781000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,695): Exit: handleRequest
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/client_handler.cpp,344): got 6564 bytes
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,260): ReceivePrivate: count: 6542, 6560 wrapped up rawlength 6558
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,269): Rightbefore decrypt:
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,34): KEY:[e8 92 1c 9c 05 78 d7 a0 d3 62 32 f8 46 0a 0d 3d 64 05 6a bd fe a9 34 57 ]
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/RAEncryptor.cpp,67): RAEncryptor::Decrypt3DES: input length (6552) moded to 819
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,110): SendPrivate: count: 0 pad: 4
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,563): Enter: handleRequest
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,583): Received buffer:
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <?xml version='1.0' encoding='UTF-16'?>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Request encrypted='true'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <cmd>test config</cmd>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Resource name='AD-VM2DirectConnect' class='com.waveset.adapter.ADSIResourceAdapter'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attributes>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='ADSI Search Page Size' type='string' value='1000'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Container' type='string' value='cn=users,dc=idmtestad,dc=idmlab,dc=com'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Create Home Directory' type='string' value='1'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Display Name Attribute' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Encryption Type' type='string' value='None'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Global Catalog Server' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Host' type='string' value='130.175.204.29'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Input Form' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='LDAP Hostname' type='string' value='130.175.204.38'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Log File Path' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Log Level' type='string' value='2'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Maximum Age Length' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Maximum Age Unit' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Maximum Archives' type='string' value='3'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Maximum Log File Size' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Object Class' type='string' value='User'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Poll Every' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Polling Start Date' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Polling Start Time' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Post-Poll Workflow' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Pre-Poll Workflow' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Proxy Administrator' type='string' value='Configurator'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Scheduling Interval' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Search Subdomains' type='boolean' value='false'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='TCP Port' type='string' value='9278'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='Update search filter' type='string' value='(objectCategory=person)'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='User Provides Password On Change' type='string' value='0'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='When reset, ignore past changes' type='string' value='1'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='activeSyncConfigMode' type='string' value='basic'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='activeSyncPostProcessForm' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='blockCount' type='string' value='100'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='confirmationRule' type='string' value='CONFIRMATION_RULE_NONE'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='connectionLimit' type='string' value='10'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='correlationRule' type='string' value='CORRELATION_RULE_NONE'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='createUnmatched' type='string' value='true'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='deleteRule' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='parameterizedInputForm' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='password' type='encrypted' value='H7fYWJq3kBs='/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='populateGlobal' type='string' value='false'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='processRule' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='resolveProcessRule' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='searchContext' type='string'>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attribute>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='useInputForm' type='boolean' value='true'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Attribute name='user' type='string' value='Administrator'/>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Attributes>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Resource>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Request>
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,632): command='test config'
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,463): Enter: ProcessCommand
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,2403): Enter: testConfiguration
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,2411): Enter: doCheck
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/Extension.cpp,34): Enter: getRequiredResAttrValue
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/object/Extension.cpp,44): Exit: getRequiredResAttrValue
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5090): Enter: openObject - 2
02/28/2006 13.16.42.125000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4666): Enter: login(wstring**,EncyptedData**,wstring**,WavesetResult&)
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4648): Enter: login(wstring**,EncyptedData**,wstring**,bool,HANDLE*,TOKEN_TYPE,WavesetResult&)
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,34): Enter: getRequiredResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,44): Exit: getRequiredResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,34): Enter: getRequiredResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,44): Exit: getRequiredResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4659): Login: 1
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4660): Exit: login(wstring**,EncyptedData**,wstring**,bool,HANDLE*,TOKEN_TYPE,WavesetResult&)
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4669): Login: 1
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,4670): Exit: login(wstring**,EncyptedData**,wstring**,bool,HANDLE*,TOKEN_TYPE,WavesetResult&)
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5104): ADsGetObject for LDAP://cn=users,dc=idmtestad,dc=idmlab,dc=com
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/connect/RAEncryptor.cpp,67): RAEncryptor::Decrypt3DES: input length (8) moded to 1
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5118): ADsGetObject
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,73): Enter: getOptionalResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/object/Extension.cpp,77): Exit: getOptionalResAttrValue
02/28/2006 13.16.42.140000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,7352): buildBindOptions bind flag = 0x1
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5182): Error opening object 'LDAP://cn=users,dc=idmtestad,dc=idmlab,dc=com': ADsOpenObject(): 0X8007054B: , , The specified domain either does not exist or could not be contacted.
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,5190): Exit: openObject - 2
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,116): Enter: reply
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,74): Enter: sendBuffer
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,88): Sending buffer:
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <?xml version='1.0' encoding='UTF-16'?>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Response>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Result status='error'>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <ResultItem type='message' status='error'>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Message>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): <Text>Error opening object 'LDAP://cn=users,dc=idmtestad,dc=idmlab,dc=com': ADsOpenObject(): 0X8007054B: , , The specified domain either does not exist or could not be contacted.
</Text>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Message>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </ResultItem>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Result>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,66): </Response>
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/connect/RASecureConnection.cpp,110): SendPrivate: count: 810 pad: 2
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,103): Exit: sendBuffer
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,124): Exit: reply
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,2438): Exit: doCheck
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/adsi/ADSIExtension.cpp,2407): Exit: testConfiguration
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,558): Exit: ProcessCommand
02/28/2006 13.16.44.437000 [2540] (../../../../src/wps/agent/object/RequestHandler.cpp,695): Exit: handleRequest -
OBIEE 11g Active Directory Presentation Service Error retrieving user
Hi Team,
It was a great help from all of you on our OBIEE learnings.
I recently configured Microsoft AD on Weblogic rather than RPD. But felt like I am in a desert of helplessness due to the complicated and lengthy documents and settings :(
Still when I configured everything and logged in to presentation services using AD Credentials, observed following error!
Error retrieving user/group data from Oracle BI Server's User Population API.
Error Details
Error Codes: GDU6UYHS:OPR4ONWY:U9IM8TAC:OI2DL65P:SDKE4UTF
Odbc driver returned an error (SQLExecDirectW).
State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 43113] Message returned from OBIS. [nQSError: 13049] User 'gp06108' with 'oracle.bi.publisher.scheduleReport;AtAGlance;oracle.bi.publisher.accessReportOutput;_all_;oracle.bi.publisher.accessExcelReportAnalyzer;_all_;oracle.epm.financialreporting.accessReporting;Explore;oracle.bi.publisher.accessOnlineReportAnalyzer;EPM_Essbase_Filter;oracle.bi.publisher.runReportOnline;oracle.as.scheduler.security.MetadataPermission' permission can not query user population.Please have your System Administrator look at the log for more details on this error. (HY000)
Please have your System Administrator look at the log for more details on this error.
Expression: privileges['Admin: Catalog']['Change Permissions']
Total blockout! Anyone faced this issue earlierYou need a user to be present in your Active Directory Base DN that will be used as the BISystemUser. You will either have to create this user in AD or use an existing AD user and then specify its credentials in Enterprise Manager (expand Weblogic Domain > bifoundation_domain (right click) > Security > Credentials). You will need to set system.user credential under oracle.bi.system map. Make sure your AD user's password never expires or you will run into problems in a few weeks time!
Paul -
ContentSubmitters AD group: root domain or child domain???
Hi
We have an empty root domain. Mailbox users & Exchange 2013 servers are in a child domain.
As per Microsoft's documentation; we want to create the "ContentSubmitters" group in AD for content index to work properly (article 2807668). However I do not know where to create it!!! The article doesn't address it.
Does it go on the root domain where default exchange groups reside OR OR OR OR OR does it go on child domain where exchange servers reside?????
ThanksHi,
Agree with Riaz, you need to create the ContentSubmitters group on the domain that Exchange server is installed using Active Directory Users and Computer (ADUC).
What's more, when you create the active directory security group called ContentSubmitters, follow the steps below to grant Admistrators and NetworkService full access to the group.
Right click the group -> Properties ->Security tab -> add those two groups -> give them full control to the group.
Here is a thread for your reference.
Exchange 2013 Content Catalog Index Failed All Databases
http://social.technet.microsoft.com/Forums/exchange/en-US/fccf9dca-b865-4356-905b-33ac25dcc44d/exchange-2013-content-catalog-index-failed-all-databases?forum=exchangesvravailabilityandisasterrecovery
Hope it helps.
Best regards,
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Amy Wang
TechNet Community Support
Maybe you are looking for
-
Why doesn't my Notification Center work?
Recently I updated my iPhone to iOS 5.0.1.When I was on iOS 5.0.0 my Notification was working properly.But now,when I updated it,it stopped working!I try to swipe it from the black area from the clock area,i try to swipe it in Landscape mode,but it n
-
I putin a CD. Don't remember which one. And in Startup in Control Panel I said boot the CD. I restarted and now it says "This startup disk will not work on this Macintosh model. Use the latest Installer to update this disk for this model." That's fin
-
I am new to Icloud, I activate it two weeks ago on my macbook air and my Imac 27. , but nothing happens. In the system preferences panel, My Icloud storage indicator doesn't move ( 15Gb of 15 Gb available ). I suppose I miss something, but what ? Tha
-
Bug 6236588 - Duplicate Message ID
Hello, Can you please confirm that this issue is resolved in versions 1.3.3 and above. We tested versions 1.3.3 and 1.4 and message id in the header information doesn't match the way it's being formatted in the UniqueValue.java class in the source co
-
Defining trading partners for Order outbound scenario
We do have the scenario like: We do receive the file from File (in house file, we can think it as some Positional file) and the receiver is going to receive the EDIFACT ORDERS file. So far, we defined the trading partner setup is as follows: Created