Communication issues between domain controllers
Hi everyone,
I am experiencing some problems in communication between domain controllers in our organization
We have three domain controllers, one of them is a Windows 2003 server service pack 2 which is physical (controller A), another which is Windows 2008 Service Pack 2 (controller B), also physical, and a third one (controller C) which is a Windows 2008
service pack 1 and is virtual.
I have problems with this last DC, it won't respond to pings, or DNS query. I can't Access it by remote desktop client even when it is enabled. I cannot update it, it prompts error messages if I try to do so.
This problems are solved if I reboot it, it will work fine some hours or days, but not much longer. I have checked event viewer and I didn't found any message about this.
I read some time ago it would be great to have a DC in a virtual machine, so I did it, but is it right?
Do you know what might be going on with it? would depromoting it and seting it up again the best solución?
Thank you very much.
Best regards.
David.
This sounds like a NIC issue, which is odd since it is a virtual machine. Have you checked the host for any logs about the client?
I think the first thing I would do is destroy the current virtual NIC card and add a new one. Since this has nothing to do with Active Directory I would also suggest you post this in a forum of for the Host (VMWare or Hyper-V).
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security, BS CSci
2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
Please no e-mails, any questions should be posted in the NewsGroup.
This posting is provided AS IS with no warranties, and confers no rights.
Similar Messages
-
Difference between domain controllers and group policy objects in GPMC
Hello,
Am in confusion, someone can tel me the difference between
1.Domain controllers>default domain controller policy and
2.Group policy object>default domain controller policy
In Group policy management console and also i would like know where to define these categories. I normally use second option.
I have attached screenshot for your information.
regards,
Dharanesh,This first/upper item is a link to the GPO, the second/lower item is the actual GPO.
(notice the link, has a shortcut arrow showing)
by default, when you double-click on a link, a message will display which says "you have clicked on a link....." and the messagbox offers a checkbox for "do not display this message again..."
Effectively they are equivalent to a shortcut-to-a-file vs. the actual file.
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
Unable to Sync SYSVOL Folder between Domain Controllers
Good Afternoon All,
I have the following issue on my current domain configuration, I say current as we are seeking to go to Server 2012 R2 within the next few months, but for now, we are at the 2008 R2 functional level.
We have three Domain Controllers namely Server-001 to 3, with Server-002 holding the PDC Emulator Role. Now when policies are created or updated through GP Management, I have noticed that they sync without issue between Server-002 and Server-003, but not
Server-001. In the SYSVOL Folder in each DC, the folder totals in policies are as follows:
Server-001 - 72 Folders
Server-002 - 96 Folders
Server-003 - 96 Folders
So here, it can be clearly seen that there is some sort of replication issue between Server-001 and the other controllers. I have researched and read several articles and opinions regarding the same issue and have ran many of the commands outlined including
repadmin, dnslint, gposync, etc. with the only output displaying errors being gposync. I have checked all the event logs for each DC with added focus on the DFS Replication Logs and have seen no errors regarding replication on Server-001 which is the server
at fault, but have noted that it appears that Server-001 is only replicating to itself, while Servers -002 and -003 are syncing/replicating between each other. I created a text document in Server-002's SYSVOL Folder and checked in Server-003's and verified
that the document successfully synced across, but on Server-001 nothing happened. I did some research on the issue and came across non-authoritative sysvol restore as an option, but when I tried this on Server-001 via ADSI Edit, I noticed that the following
path:
OU=Domain Controllers>CN=Server-001>CN=DSFR-LocalSettings>CN=Domain System Volume
is missing. Initially, DSFR-LocalSettings was missing as well, but I re-created it. I then attempted to re-create Domain System Volume, but when I tried entering the Replication Group GUID, I got an error that "one or more of the values are not in the
correct format", even though this is the same GUID used on the other two DCs. I tried changing the value to octet, hexadecimal, etc. but nothing worked. i still got the same error. I am convinced that this is where the disconnect lies, but with no possible
idea how to fix this broken section, I am unsure how to further proceed. We were going to demote the server, bring up a 2012 R2 unit and have it seize the roles, but I convinced my Systems Administrator for us to try and see if there is a fix available before
commissioning a new server. As is, group policy is somewhat broken as policies either do no get applied at all, or, get applied to certain groups or OUs.
If you are interested I can forward you our DFSR Logs from each server, along with any other reports that I have run in the hopes that someone will be able to assist. I hope that I have been as clear as possible and have provided as much information as is
possibly required.
Thank you all in advance.Hi,
To perform non-authoritative synchronization for DFSR-replicated SYSVOL, the following article can be referred to for more information.
How to force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (like "D4/D2" for FRS)
http://support.microsoft.com/kb/2218556/en-us
Besides, we can use dcdiag command to check the health of the DC.
Dcdiag
http://technet.microsoft.com/en-us/library/cc731968.aspx
TechNet Subscriber Support
If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
Best regards,
Frank Shen -
DFSR replicaion problem between domain controllers
I have 2 domain controllers running server 2012 and recently noticed a lot of errors about replication between 2 of them
i demoted child controller and promoted it again for DC and issue still occurs
so far i noticed that when browsing network and looking for shares on main DC i can see SYSVOL folder there
but it is missing on the other one - it is present in c \ windows but not visible in shares \
also domain folder is empty on the child DC
when i run dfsrmngr and run the diagnostic it doesn't show errors in status also it says that it is enabled
also when trying to manualy create pair of folders to replicate the contents it says at one of the steps it is already used ....what would be the best
thing to do at this point o have replication issue solved ?
MAciunioC:\Users\Administrator.CON>dfsrdiag dumpadcfg
LDAP Bind : DC-SERVER2.CON.com
SitesDn : cn=sites,cn=configuration,dc=CON,dc=com
ServicesDn : cn=services,cn=configuration,dc=CON,dc=com
SystemDn : cn=system,DC=CON,DC=com
DefaultNcDn : DC=CON,DC=com
ComputersDn : cn=computers,DC=CON,DC=com
DomainCtlDn : ou=domain controllers,DC=CON,DC=com
SchemaDn : CN=Schema,CN=Configuration,DC=CON,DC=com
COMPUTER: DC-SERVER1
DN : cn=dc-server1,ou=domain controllers,dc=CON,dc=com
GUID : 3009B7C3-3316-411E-B4ED-ECEF72114C02
DNS : dc-server1.CON.com
Server BL : cn=dc-server1,cn=servers,cn=default-first-site-name,cn=sites,c
n=configuration,dc=CON,dc=com
Server Ref : (null)
USN Changed : 586839
When Created : Saturday, March 15, 2014 9:24:43 PM
When Changed : Saturday, July 26, 2014 9:16:42 AM
LOCAL SETTINGS: DFSR-LOCALSETTINGS
DN : cn=dfsr-localsettings,cn=dc-server1,ou=domain controllers,dc
=CON,dc=com
GUID : 3CD85D1B-177B-4CA4-BC15-2B9A87850553
Version : 1.0.0.0
USN Changed : 584264
When Created : Saturday, July 26, 2014 2:15:23 AM
When Changed : Saturday, July 26, 2014 2:25:26 AM
SUBSCRIBER: DOMAIN SYSTEM VOLUME
DN : cn=domain system volume,cn=dfsr-localsettings,cn=dc-server
1,ou=domain controllers,dc=CON,dc=com
GUID : 9B8DD38C-26D4-4E78-BC61-6F344C7938B0
Member Ref : cn=dc-server1,cn=topology,cn=domain system volume,cn=dfsr-
globalsettings,cn=system,dc=CON,dc=com
USN Changed : 584238
When Created : Saturday, July 26, 2014 2:15:23 AM
When Changed : Saturday, July 26, 2014 2:25:03 AM
SUBSCRIPTION: SYSVOL SUBSCRIPTION
DN : cn=sysvol subscription,cn=domain system volume,cn=dfsr-l
ocalsettings,cn=dc-server1,ou=domain controllers,dc=CON,dc=com
GUID : 0BC184CA-A02E-40BB-B257-DA32FF86F88A
ContentSetGuid: 342393C4-C03F-44B1-BE9A-8DFE1F906595
Root Path : c:\windows\sysvol\domain
Root Size : (null) (MB)
Staging Path : c:\windows\sysvol\staging areas\CON.com
Staging Size : (null) (MB)
Conflict Path : (null)
Conflict Size : (null) (MB)
USN Changed : 591605
When Created : Saturday, July 26, 2014 2:15:23 AM
When Changed : Saturday, July 26, 2014 9:41:57 PM
GLOBAL SETTINGS: DFSR-GLOBALSETTINGS
DN : cn=dfsr-globalsettings,cn=system,dc=CON,dc=com
GUID : 5708E418-6D80-45BD-AFC1-9135DEE1211A
USN Changed : 8313
When Created : Saturday, March 23, 2013 8:17:18 PM
When Changed : Sunday, March 9, 2014 5:06:58 AM
REPLICATION GROUP: DOMAIN SYSTEM VOLUME
DN : cn=domain system volume,cn=dfsr-globalsettings,cn=system,dc=
CON,dc=com
GUID : 31EFC46F-6D74-48FB-BA52-D6750206975B
Type : 1 (SYSVOL)
USN Changed : 8314
When Created : Saturday, March 23, 2013 8:17:19 PM
When Changed : Sunday, March 9, 2014 5:06:58 AM
CONTENT: CONTENT
DN : cn=content,cn=domain system volume,cn=dfsr-globalsettings,
cn=system,dc=CON,dc=com
GUID : 0DBFFC24-7793-48B4-B21E-49BAD434B8D6
USN Changed : 8315
When Created : Saturday, March 23, 2013 8:17:19 PM
When Changed : Sunday, March 9, 2014 5:06:58 AM
CONTENT SET: SYSVOL SHARE
DN : cn=sysvol share,cn=content,cn=domain system volume,cn=df
sr-globalsettings,cn=system,dc=CON,dc=com
GUID : 342393C4-C03F-44B1-BE9A-8DFE1F906595
File Filter : ~*,*.TMP,*.BAK
Compression Excl : (null)
Dir Filter : DO_NOT_REMOVE_NtFrs_PreInstall_Directory,NtFrs_PreExisti
ng___See_EventLog
USN Changed : 8316
When Created : Saturday, March 23, 2013 8:17:19 PM
When Changed : Sunday, March 9, 2014 5:06:58 AM
TOPOLOGY: TOPOLOGY
DN : cn=topology,cn=domain system volume,cn=dfsr-globalsettings
,cn=system,dc=CON,dc=com
GUID : 637AAE04-0A35-43BA-B6A2-1292049A6617
USN Changed : 8317
When Created : Saturday, March 23, 2013 8:17:19 PM
When Changed : Sunday, March 9, 2014 5:06:58 AM
MEMBER: DC-SERVER1
DN : cn=dc-server1,cn=topology,cn=domain system volume,cn=dfs
r-globalsettings,cn=system,dc=CON,dc=com
GUID : EBCFB268-8F7C-4C90-A49F-1018595A3D2C
Server Ref : cn=ntds settings,cn=dc-server1,cn=servers,cn=default-fir
st-site-name,cn=sites,cn=configuration,dc=CON,dc=com
Computer Ref : cn=dc-server1,ou=domain controllers,dc=CON,dc=com
Keywords : (null)
Computer DNS : dc-server1.CON.com
USN Changed : 584236
When Created : Saturday, July 26, 2014 2:15:23 AM
When Changed : Saturday, July 26, 2014 2:25:03 AM
CXTION: 2452641E-B5E9-4ABD-AA3F-38367137DFD1
DN : cn=2452641e-b5e9-4abd-aa3f-38367137dfd1,cn=ntds settin
gs,cn=dc-server1,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration
,dc=CON,dc=com
GUID : 240A03AF-2CD0-4FBC-A56D-16BB90FE585A
Inbound : true
Partner DN : cn=dc-server2,cn=topology,cn=domain system volume,cn=d
fsr-globalsettings,cn=system,dc=CON,dc=com
USN Changed : 584199
When Created : Saturday, July 26, 2014 2:19:27 AM
When Changed : Saturday, July 26, 2014 2:25:02 AM
CXTION: 2A851034-2EF0-435F-A915-78380D4980EB
DN : cn=2a851034-2ef0-435f-a915-78380d4980eb,cn=ntds settin
gs,cn=dc-server2,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration
,dc=CON,dc=com
GUID : A439D7E8-199F-42C3-854E-339559B5382B
Inbound : false
Partner DN : cn=dc-server2,cn=topology,cn=domain system volume,cn=d
fsr-globalsettings,cn=system,dc=CON,dc=com
USN Changed : 584228
When Created : Saturday, July 26, 2014 2:10:02 AM
When Changed : Saturday, July 26, 2014 2:25:02 AM
MEMBER: DC-SERVER2
DN : cn=dc-server2,cn=topology,cn=domain system volume,cn=dfs
r-globalsettings,cn=system,dc=CON,dc=com
GUID : B8A9BA79-D85E-4DE3-8199-827F356EA9F7
Server Ref : cn=ntds settings,cn=dc-server2,cn=servers,cn=default-fir
st-site-name,cn=sites,cn=configuration,dc=CON,dc=com
Computer Ref : cn=dc-server2,ou=domain controllers,dc=CON,dc=com
Keywords : (null)
Computer DNS : dc-server2.CON.com
USN Changed : 12334
When Created : Sunday, March 9, 2014 5:10:25 AM
When Changed : Sunday, March 9, 2014 5:10:25 AM
Operation Succeeded
MAciunio -
Many communication issues between Photoshop CC 2014 and Bridge since update
Since I upgraded Photoshop to the CC 2014 version, I've had many issues on using Ps and Bridge together. Here they are:
1. Mini Bridge is absent
2. When clicking to "Browse in Bridge" from Photoshop, the window for my Creative Cloud app opens instead with a message asking whether I am sure if I want to update to "this version of Bridge" (image below). I already updated Bridge and re-installed it, but the same problem keeps occurring.
3. This one is the most frustrating one: the tools menu in Bridge does not show the options for opening images in Photoshop anymore. This was invaluable when working with Bridge and Photoshop at the same time.
The thing is that these issues have been going on for a long, long time, and I don't see any messages from Adobe to at least explain the reason for such blunders. There are many people complaining of the same issues here in this forum, so how come no fixes, no responses from Adobe yet?
Please let me know if you've found a fix for this.
Many thanks!I do not use the bridge often mostly just use it to edit metadata. I never remember tools being available in the right click on thumbnails menu list. Tools a bridge menu in its manu bar when all start-up scripts are enabled Photoshop should be in it.. If the start-up scripts are not enable you must enable them and then restart the Bridge for them to be available. My Bridge CC tools menu after being updated for CC 2014 has the same tools menu option Photoshop with 8 items. Are you writing you no longer have a Bridge CC tools menu with Photoshop and the 8 options? I use windows and though I use Adobe Bridge CC 64 bit version the startup script folder that seems to be used for Adobe Bridge CC 64 bit is "C:\Program Files (x86)\Common Files\Adobe\Startup Scripts CC\Adobe Bridge" Program File (x86) don't know why and in there there should be a file "bridge-6.jsx" I also see a "C:\Program Files\Common Files\Adobe\Startup Scripts CC\Adobe Bridge" with the same file in it however Adobe Bridge CC 64Bit seems to use the Programs Files (x86) path for when I put my startup script for X's Image Processor Pro into the Programs Files path Bridge CC 64bit did not list it as an available startup script. Adobe software is far from being bug free. I have no idea where startup bridge scripts reside your Mac use finder to make sure there is a "bridge-6.jsx" startup script...
-
Communication issue between SAP and VERTEX
Hi All,
We are facing connectivity issue with our Intergration system and vertex and below is the error message from SM59.Development and production seems to work fine.Kindly help check.
Logon Cancel
Error Details timeout during allocate / CPIC-CALL: 'ThSAPCMRCV' : cmRc=20 thRc=456 Timeout dur
Error Details ERROR: timeout during allocate
Error Details LOCATION: SAP-Gateway on host ssapeci / sapgw04
Error Details DETAIL: no connect of TP /sapmnt/ECI/vertex/translink/verrfc from host ssapeci
Error Details COMPONENT: SAP-Gateway
Error Details COUNTER: 3114
Error Details MODULE: gwr3cpic.c
Error Details LINE: 6266
Error Details RETURN CODE: 242
Error Details SUBRC: 0
Error Details RELEASE: 700
Error Details TIME: Wed Mar 31 10:42:18 2010
Error Details VERSION: 2
AIX - 6.1
Oracle version - 10.2
SAP version - SAP ECC 6.0
Edited by: Priyanka Singh on Mar 31, 2010 12:50 PMHi my friend
1. Create a TCP/IP Connection RFC <connection> in SM59:
activation type: registered server program
program ID: <program>
2. Create an ini file in directory /usr/sap/<SID>/SYS/profile with content:
DEST=<connection>
TYPE=R
PROGID=<program>
GWHOST=<hostname>
GWSERV=sapgw<nn>
RFC_TRACE=0
Regards, -
Nexus1000v - ? communication issue vcenter - N1Kv ???
Unregulary we get these kind of alarms in our vcenter although there were no changes made on nexus or VM side.:
"vSphere HA detected that host HOSTNAME is in a different network partition than the master MASTERNAME"
They are cleared after a certain time without any manual action.VMware assumes a communication issue between vcenter and nexus1000.
Anyone with similar experiences (or even a solution)???Hi Sachin,
Thanks for your response.
Please find my reply below:
Is the module showing as up in the VSM when you execute 'show module'?
>Yes the module is up and showing active when i execute the given command
Is you ESX management VLAN allowed on the access port profile and on the uplink? Is it created on the switch?
>Yes it is created on the vswitch as well as the upstream switches and allowed in the link also.
Do you have system VLANs for your control, packet connectivity? For your ESX mgmt connectivity?
> Yes i had defined control, packet and management vlans as system vlans.
I feel that the port profile is not allowing the traffic to go in and out from the DVS.
When i change the uplink of VSM from vswitch to DVS then the VSM doesnt reach gateway itself.
Thanks, -
Poodle, SSL, and Domain Controllers
Security Gurus,
Can someone please explain to me how I can use Microsoft Network Monitor on a Domain Controller so that I can discover what applications and clients are using SSL 3.0?
I have enabled verbose schannel logging, and with that I know there are clients/apps talking SSL 3.0, however, the event 36880 doesn't give a source address - it just says an SSL handshake completed successfully using the SSL 3.0 protocol.
It's my hope that Network Monitor will reveal the source address of the clients/apps talking SSL 3.0. As you might know, capturing all packets on a DC generates an enormous amount of data; I'm hoping NM has some type of filter that I can use to only
capture the SSL version packets.
Regards,
'T'Senne,
Thank you for your response. However, I cannot disable SSLv3 because there are 3rd party applications that are dependent upon it.
What I'm try to accomplish is finding the source address of clients/apps that are communicating with the Domain Controllers using SSLv3. Once I have those source addresses I can begin communicating with the clients/app owners to let them know we are
disabling SSLv3.
It's my hope that I can achieve this using Network Monitor, however, I don't know what filters to use to capture that information.
Regards,
'T' -
Excessive Traffic on Port 445 between 2 Domain Controllers
Hi, my company has over 45 DC's across about 25 sites worldwide. We are noticing a lot of traffic using wireshark and Network Monitor on Microsoft-DS port 445. I have been searching if this is normal and what I see is that it is used for SMB File and
print sharing. Well, I don't have any file shares on these DC's other than the normal admin shares and sysvol share. I don't believe this is replication traffic since these 2 servers are not replication partners. I have checked sites and services to make sure
the intersite and intrasite connections look good. This traffic is constant over weeks and it is about 1 GB an hour between the 2 servers. This would not be a big deal if this was just on the local LAN but it is over the WAN and
that saturates the line. Should 2 DC's be talking that much that are not even replication partners? What type of traffic could it be. I am at a loss for troubleshooting this. I have done packet captures but that really does
not tell me much ( that I can read anyway). Oh, I have run AV scans alos and finding nothing.
Any help would be greatly appreciated.
Steve
SteveActually, DFS/FRS/DFSR replication is not related to NTDS replication. It uses a directory change notification event to trigger replication to a replica, and that is to all DCs in the domain. That's why you can have SYSVOL replication problems but AD replication
of the partitions do not have problems, such as when you create a user on one and it replicates to it's NTDS partner.
Below is a summary. You can read about how the whole process with NTFRS/DFSR works in the links below, if you like:
Introduction to Administering DFS-Replicated SYSVOL
"DFS Replication technology significantly improves replication of SYSVOL. ... When a change to a file occurs, FRS replicates the entire updated file. With DFS Replication, for files larger than 64 KB, only the updated portion of the file is replicated."
"To replicate only updates to files, DFS Replication uses an algorithm called remote differential compression (RDC). RDC detects changes ... without having to replicate the entire file. RDC detects insertions, removals, and rearrangements of data
in files. The DFS Replication service monitors SYSVOL, and, if a change occurs to any file that is stored in SYSVOL, DFS Replication automatically replicates the file updates to the SYSVOL folders on the other domain controllers in the domain. "
http://technet.microsoft.com/en-us/library/cc794837(v=WS.10).aspx
How FRS Works - Windows 2003
http://technet.microsoft.com/en-us/library/cc758169(v=WS.10).aspx
DFS Replication: Frequently Asked Questions (FAQ)
http://technet.microsoft.com/en-us/library/cc773238(v=WS.10).aspx
I think 316 MB in SYSVOL is a good amount of data. What is in there taking up that much space? Is something using SYSVOL to store it's data, such as an app that's constantly changing data?
The reason I'm asking is that this could be the cause of the issue, since if it changes on one DC, then it replicates, then another change occurs, etc., and it keeps going and it appears that a ton of data is being moved back and forth.
Quick story - I remember a customer was using SYSVOL to store data so they can access it across the WAN link. He said he did it because of its "cool" replication features. I said, yea, but it's meant for domain data (GPO policies, templates, etc.)
and not for custom data. Create a DFS share for that so it works independently of SYSVOL.
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights. -
DNS issues with replaced domain controllers
I have slight issue I hope some one can help with.
We recently replaced some domain controllers in our 2 core sites the process we followed is as below:-
moved FSMO roles to different already working servers
demoted the old domain controllers and decommissioned.
built virtual machine replacements with the same names.
depromo'd the servers
ran all the tests and it reported everything was fine.
moved the fsmo roles to the new servers.
repeated this for the remaining servers.
this was our 2003 domain to free up physical space but our new 2013 domain what will exist separately until all our applications our tested.
however the problem we now have is that non domain controllers have issues registering against the new servers despite being able to do look-ups against them all (replication testing looks fine). one of our regional DC's seems to have taken over as the primary
replica. as changes made else where disappeared but changes made there got replicated out perfectly.
I have managed to resolve this particular issue by added the domain controllers back into several locations in DNS manually (maining forward lookup zones>my domain>_tcp )but we still experience the odd issue with servers not registering in DNS properly
(although it's a lot better since the I did the above)
so basically does any one have a idea on what could have caused this issue and how I can resolve?should the demotion not automatically remove it from sites and services automatically (it could well be this if not) the question then becomes how do we resolve the issues we have now.
Hello,
NO, as you can demote a DC and it still may run site-aware services like DFS and for this reason a DC is NOT automatically removed from AD sites and services during demotionprocess.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter: -
Virtualised domain network communication issues
Hi all,
I have a situation with a virtualised domain network. I have a primary and secondary Domain controllers, and 4 Remote Desktop Servers, all are running Server 2012 R2. Some of the Remote Desktop Servers are
OK, but 2 of them consistently lose connection with the Domain Controller and DNS and can only be accessed via console. A reboot resolves the issue. We have a scheduled reboot in the morning at 5am but approx 10-12 hours later, they drop off, until we reboot
it again.
I have tried hotfixes, I have upgraded from 2008 R2 to 2012 R2, I have added a second 'internal network' connection to hopefully bypass the physical Nic. But this still keeps happening. I have also seen reference
to disabling the 'Large Send Offload' setting on the virtual nic, but that caused the server to become unresponsive and require a restart as well.
I am really hoping someone has come across something similar as no solution I have found online has helped.
Thanks in advance!
StuHi Umesh,
Thanks, I am aware of that, that's one of the reasons I have added the other DC. All servers are now pointing to that one as their primary DNS.
I am not 100% sure yet as there hasn't been enough time pass. But there was a program running on the servers called 'networx' which is a bandwidth monitoring and logging program which basically gave us an easy report of what their internet usage is on a
per program basis. I have disabled that and that *seems* to have given them much more stability as they have had no freezes or quick disconnections since that was done. If it is that that is the problem, can any of you guys suggets a free/low cost program
that logs internet usage by program/site on a TS?
OK, so back to the questions:
1. Domain Controller:
IP: 192.168.200.241/24
DG: 192.168.200.254
DNS1: 192.168.200.241
DNS2: 192.168.200.240
2. Affected VM:
IP: 192.168.200.43/24
DG: 192.168.200.254
DNS1: 192.168.200.241
3. Result is:
nltest /dsgetsite:<cpointfs>
the Syntax of the command is incorrect.
4.
C:\Users\administrator.CPOINTFS>repadmin /showrepl
Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\CPOINTAD
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 53cc5d7f-0624-42d3-8916-60d8f74233b5
DSA invocationID: b2756aae-6442-4964-9773-68f8494c2ad9
==== INBOUND NEIGHBORS ======================================
DC=cpointFS,DC=local
Default-First-Site-Name\CPOINTDC via RPC
DSA object GUID: d01d6df9-288a-45c9-8cbc-f65ab64ec996
Last attempt @ 2015-03-16 11:11:56 was successful.
CN=Configuration,DC=cpointFS,DC=local
Default-First-Site-Name\CPOINTDC via RPC
DSA object GUID: d01d6df9-288a-45c9-8cbc-f65ab64ec996
Last attempt @ 2015-03-16 10:47:26 was successful.
CN=Schema,CN=Configuration,DC=cpointFS,DC=local
Default-First-Site-Name\CPOINTDC via RPC
DSA object GUID: d01d6df9-288a-45c9-8cbc-f65ab64ec996
Last attempt @ 2015-03-16 10:47:26 was successful.
DC=DomainDnsZones,DC=cpointFS,DC=local
Default-First-Site-Name\CPOINTDC via RPC
DSA object GUID: d01d6df9-288a-45c9-8cbc-f65ab64ec996
Last attempt @ 2015-03-16 10:47:26 was successful.
DC=ForestDnsZones,DC=cpointFS,DC=local
Default-First-Site-Name\CPOINTDC via RPC
DSA object GUID: d01d6df9-288a-45c9-8cbc-f65ab64ec996
Last attempt @ 2015-03-16 10:47:27 was successful. -
Replication and AD Domain sevices errors between 2 Domain Controllers
Hi,
I've a 2 Domain Controllers (NJ-DC1-2K8 and NJ-DC2-2K8) setup in VMware Workstation 10. Recently, I've run into different errors in regards to Replication, DNS and AD Domain services. Both of my DC are setup with static IP pointing to each other for fault
tolerance. Initially, One of my DC had a lingering object error which I was able to fix after spending some time. The next day, when I tried to replicate 2 DC, the number of errors grew. Ran dcdiag, it produced a list of crazy errors that I never saw before.
I'm a newbie to the server environment, trying to gain knowledge so I can't get those errors sort out even I tried a lot. I read a lot of online articles on different forums like here Microsoft TechNet trying to overcome this problem but didn't work. I even
removed DNS role and re-added it but same problem. I guess removing the DNS role doesn't remove everything related to DNS. I'm going to upload pictures here of the different errors through the commands I got. I would appreciate if someone can help me to get
it fixed.
Other than that, I also would like to know what is the best way to remove DNS, AD Domain Services and then reinstall them without demoting the server. What are some of the things I would have to keep in mind before doing that. How can I make sure that doing
this wouldn't impact in AD data loss like user account, GP Policies, Computer account and etc....?
Errors are as follows:
1) C:\Users\Administrator>repadmin /syncall
CALLBACK MESSAGE: The following replication is in progress:
From: 66803610-2817-4853-ad3b-70c32a78c04a._msdcs.Fleet.local
To : 9736b2e5-a75e-4991-a481-08c0226ed1c5._msdcs.Fleet.local
CALLBACK MESSAGE: Error issuing replication: 8451 (0x2103):
The replication operation encountered a database error.
From: 66803610-2817-4853-ad3b-70c32a78c04a._msdcs.Fleet.local
To : 9736b2e5-a75e-4991-a481-08c0226ed1c5._msdcs.Fleet.local
CALLBACK MESSAGE: SyncAll Finished.
SyncAll reported the following errors:
Error issuing replication: 8451 (0x2103):
The replication operation encountered a database error.
From: 66803610-2817-4853-ad3b-70c32a78c04a._msdcs.Fleet.local
To : 9736b2e5-a75e-4991-a481-08c0226ed1c5._msdcs.Fleet.local
2) C:\Users\Administrator>repadmin /showrepl
Repadmin: running command /showrepl against full DC localhost
NewJersey\NJ-DC1-2K8
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
DSA invocationID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
==== INBOUND NEIGHBORS ======================================
DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
30 consecutive failure(s).
Last success @ 2014-07-06 16:16:49.
CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
29 consecutive failure(s).
Last success @ 2014-07-06 16:06:25.
CN=Schema,CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
10 consecutive failure(s).
Last success @ 2014-07-06 15:49:54.
DC=DomainDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
30 consecutive failure(s).
Last success @ 2014-07-06 15:49:54.
DC=ForestDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
19 consecutive failure(s).
Last success @ 2014-07-06 16:10:47.
Source: NewJersey\NJ-DC2-2K8
******* 30 CONSECUTIVE FAILURES since 2014-07-06 16:16:49
Last error: 8456 (0x2108):
The source server is currently rejecting replication requests.
3) C:\Users\Administrator>dcdiag /replsum
Invalid Syntax: Invalid option /replsum. Use dcdiag.exe /h for help.
C:\Users\Administrator>repadmin /replsum
Replication Summary Start Time: 2014-07-06 21:03:28
Beginning data collection for replication summary, this may take awhile:
Source DSA largest delta fails/total %% error
NJ-DC1-2K8 09d.22h:06m:34s 5 / 5 100 (8457) The destination server is currently rejecting replication requests.
NJ-DC2-2K8 05h:13m:34s 5 / 5 100 (8456) The source server is currently rejecting replication requests.
Destination DSA largest delta fails/total %% error
NJ-DC1-2K8 05h:13m:34s 5 / 5 100 (8456) The source server is currently rejecting replication requests.
NJ-DC2-2K8 09d.22h:06m:34s 5 / 5 100 (8457) The destination server is currently rejecting replication requests.
4) C:\Users\Administrator>dcdiag /test:DNS
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = NJ-DC1-2K8
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: NewJersey\NJ-DC1-2K8
Starting test: Connectivity
......................... NJ-DC1-2K8 passed test Connectivity
Doing primary tests
Testing server: NewJersey\NJ-DC1-2K8
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... NJ-DC1-2K8 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : Fleet
Running enterprise tests on : Fleet.local
Starting test: DNS
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90
......................... Fleet.local passed test DNS
5) C:\Users\Administrator>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = NJ-DC1-2K8
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: NewJersey\NJ-DC1-2K8
Starting test: Connectivity
......................... NJ-DC1-2K8 passed test Connectivity
Doing primary tests
Testing server: NewJersey\NJ-DC1-2K8
Starting test: Advertising
......................... NJ-DC1-2K8 passed test Advertising
Starting test: FrsEvent
......................... NJ-DC1-2K8 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... NJ-DC1-2K8 failed test DFSREvent
Starting test: SysVolCheck
......................... NJ-DC1-2K8 passed test SysVolCheck
Starting test: KccEvent
......................... NJ-DC1-2K8 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... NJ-DC1-2K8 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... NJ-DC1-2K8 passed test MachineAccount
Starting test: NCSecDesc
......................... NJ-DC1-2K8 passed test NCSecDesc
Starting test: NetLogons
......................... NJ-DC1-2K8 passed test NetLogons
Starting test: ObjectsReplicated
......................... NJ-DC1-2K8 passed test ObjectsReplicated
Starting test: Replications
[Replications Check,NJ-DC1-2K8] A recent replication attempt failed:
From NJ-DC2-2K8 to NJ-DC1-2K8
Naming Context: DC=ForestDnsZones,DC=Fleet,DC=local
The replication generated an error (8456):
The source server is currently rejecting replication requests.
The failure occurred at 2014-07-06 20:49:06.
The last success occurred at 2014-07-06 16:10:47.
19 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,NJ-DC1-2K8] A recent replication attempt failed:
From NJ-DC2-2K8 to NJ-DC1-2K8
Naming Context: DC=DomainDnsZones,DC=Fleet,DC=local
The replication generated an error (8456):
The source server is currently rejecting replication requests.
The failure occurred at 2014-07-06 21:04:16.
The last success occurred at 2014-07-06 15:49:54.
31 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,NJ-DC1-2K8] A recent replication attempt failed:
From NJ-DC2-2K8 to NJ-DC1-2K8
Naming Context: CN=Schema,CN=Configuration,DC=Fleet,DC=local
The replication generated an error (8456):
The source server is currently rejecting replication requests.
The failure occurred at 2014-07-06 20:49:06.
The last success occurred at 2014-07-06 15:49:54.
10 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,NJ-DC1-2K8] A recent replication attempt failed:
From NJ-DC2-2K8 to NJ-DC1-2K8
Naming Context: CN=Configuration,DC=Fleet,DC=local
The replication generated an error (8456):
The source server is currently rejecting replication requests.
The failure occurred at 2014-07-06 20:49:06.
The last success occurred at 2014-07-06 16:06:25.
29 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,NJ-DC1-2K8] A recent replication attempt failed:
From NJ-DC2-2K8 to NJ-DC1-2K8
Naming Context: DC=Fleet,DC=local
The replication generated an error (8456):
The source server is currently rejecting replication requests.
The failure occurred at 2014-07-06 20:49:06.
The last success occurred at 2014-07-06 16:16:49.
30 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
......................... NJ-DC1-2K8 failed test Replications
Starting test: RidManager
......................... NJ-DC1-2K8 passed test RidManager
Starting test: Services
......................... NJ-DC1-2K8 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 07/06/2014 20:17:29
Event String: Name resolution for the name 2.5.16.172.in-addr.arpa timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0x0000168E
Time Generated: 07/06/2014 20:18:05
Event String:
The dynamic registration of the DNS record '9736b2e5-a75e-4991-a481-08c0226ed1c5._msdcs.Fleet.local. 600 IN CNAME NJ-DC1-2K8.Fleet.local.'
failed on the following DNS server:
A warning event occurred. EventID: 0x000003F6
Time Generated: 07/06/2014 21:04:01
Event String: Name resolution for the name 1.0.0.127.in-addr.arpa timed out after none of the configured DNS servers responded.
......................... NJ-DC1-2K8 failed test SystemLog
Starting test: VerifyReferences
......................... NJ-DC1-2K8 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : Fleet
Starting test: CheckSDRefDom
......................... Fleet passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Fleet passed test CrossRefValidation
Running enterprise tests on : Fleet.local
Starting test: LocatorCheck
......................... Fleet.local passed test LocatorCheck
Starting test: Intersite
......................... Fleet.local passed test Intersite
6) C:\Users\Administrator>repadmin /showrepl NJ-DC1-2K8
NewJersey\NJ-DC1-2K8
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
DSA invocationID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
==== INBOUND NEIGHBORS ======================================
DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
30 consecutive failure(s).
Last success @ 2014-07-06 16:16:49.
CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
29 consecutive failure(s).
Last success @ 2014-07-06 16:06:25.
CN=Schema,CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
10 consecutive failure(s).
Last success @ 2014-07-06 15:49:54.
DC=DomainDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 21:04:16 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
31 consecutive failure(s).
Last success @ 2014-07-06 15:49:54.
DC=ForestDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC2-2K8 via RPC
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
Last attempt @ 2014-07-06 20:49:06 failed, result 8456 (0x2108):
The source server is currently rejecting replication requests.
19 consecutive failure(s).
Last success @ 2014-07-06 16:10:47.
Source: NewJersey\NJ-DC2-2K8
******* 31 CONSECUTIVE FAILURES since 2014-07-06 16:16:49
Last error: 8456 (0x2108):
The source server is currently rejecting replication requests.
7) C:\Users\Administrator>repadmin /showrepl NJ-DC2-2K8
NewJersey\NJ-DC2-2K8
DSA Options: IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL
Site Options: (none)
DSA object GUID: 66803610-2817-4853-ad3b-70c32a78c04a
DSA invocationID: 3e8ee380-a165-4cef-b311-dadcf30f8406
==== INBOUND NEIGHBORS ======================================
DC=Fleet,DC=local
NewJersey\NJ-DC1-2K8 via RPC
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
Last attempt @ 2014-07-06 21:04:22 failed, result 8457 (0x2109):
The destination server is currently rejecting replication requests.
53 consecutive failure(s).
Last success @ 2014-06-26 23:01:29.
CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC1-2K8 via RPC
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
Last attempt @ 2014-07-06 20:52:11 failed, result 8457 (0x2109):
The destination server is currently rejecting replication requests.
10 consecutive failure(s).
Last success @ 2014-06-26 22:56:54.
CN=Schema,CN=Configuration,DC=Fleet,DC=local
NewJersey\NJ-DC1-2K8 via RPC
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
Last attempt @ 2014-07-06 20:52:11 failed, result 8457 (0x2109):
The destination server is currently rejecting replication requests.
7 consecutive failure(s).
Last success @ 2014-06-26 22:56:56.
DC=DomainDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC1-2K8 via RPC
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
Last attempt @ 2014-07-06 20:52:11 failed, result 8457 (0x2109):
The destination server is currently rejecting replication requests.
7 consecutive failure(s).
Last success @ 2014-06-26 22:57:01.
DC=ForestDnsZones,DC=Fleet,DC=local
NewJersey\NJ-DC1-2K8 via RPC
DSA object GUID: 9736b2e5-a75e-4991-a481-08c0226ed1c5
Last attempt @ 2014-07-06 20:52:11 failed, result 8457 (0x2109):
The destination server is currently rejecting replication requests.
23 consecutive failure(s).
Last success @ 2014-06-26 22:57:03.
Source: NewJersey\NJ-DC1-2K8
******* 53 CONSECUTIVE FAILURES since 2014-06-26 23:01:29
Last error: 8457 (0x2109):
The destination server is currently rejecting replication requests.
Please someone go through these different errors and walk me through exactly what I got to do to fix them.
ThanksHi,
Actually, I made copies of those VMs to my external usb 3.0 hdd, so I can load up some of the VMs from it than from my internal hdd since it would freeze on my internal one sometimes. Copied ones worked fine for few days until recently when I started having
these different issues. I did look at USN rollback and applied the fix, didn't work. For the past few days, I been spending endless hours on fixing them but it doesn't look like they are going to be fixed. It's driving me crazy and the bad news is that I've
no backup of my data. I got 2 DC and both have these issues.
Building new domain controllers in VMs won't be a problem for me but I'm worried about losing my AD database in both DCs which includes user and computer accounts and a bunch GPOs.
I'm a newbie to the server environment. Can you please walk me through on exactly how can I save AD database if possible before I start doing the cleanup process on both of my DCs. I read some articles online which provide instructions on how can I cleanup
the AD with Metadata and take both DCs offline but it's all confusing to me. They don't explain anything about saving AD database rather demoting bad DCs. If you know a fix for my DCs that I can apply, so I won't have do it all over and save time. Please let
me know step by step process or whatever you could help me to bring those 2 DCs backup.
Thanks -
Communication between domain models
Hi All,
I have an event that is being dispatched from a domain model (DomainModelEvent.RESULT) which needs to be received from another domain model (DomainModel2.play()). I've read in various forums the use of patterns such as Messenger or Presenter being helpful for PM-to-PM or PM-to-Domain communication, but not Domain-to-Domain. Since I'm using Cairngorm, should I just have these domains dispatch a CaringormEvent that a command object can handle. This creates dependencies between the model and the Cairngorm framework, but is that so bad? Since it's a DOMAIN model, it is dependent to the application (which is in Cairngorm) anyway? Does anyone have any insights on this?Hi there,
Do you have a motivation for the domain1 not referencing domain2? Maybe the guideline Options in Loose Coupling could be useful. Checkout the Guidelines section.
Best,
Alex -
Patching Domain controllers on different days. Can this cause issues
You fellas are awesome. Thanks for the peace of mind.
We have a few domain controllers that need to be patched. 2 for one of our locations and 2 for the other. They are both on different subnets however they do replicate AD information. My plan were to patch the two domain controllers tonight for one of our locations. Then patch the others on a different night for the other locations. My question is will this cause any replication issues since the two DCs would have different updates and service packs? I remember having this issue with exchange when I did this but Exchange was in a DAG which the AD boxes arent. Any replies are much appreciated.
This topic first appeared in the Spiceworks Community -
One way trust WMI issues - only on domain controllers
Hi all,
I'm having some interesting issues with attempting to setup remote monitoring via WMI from a trusted domain service account to some remote domains in our environment. There is a one way trust setup, and the service account has no problems with any client
machines, but gets rejected when attempting to query the domain controllers.
I've verified this is an issue both in our enterprise and production environment. I assumed it had something to do with the Domain Controller Security Policy and added the account in question to the following policies to no avail:
Act as part of the operating system
Log on as a batch job
Log on as a service
Replace a process level token
Now I'm beginning to suspect it's something to do with not being able to add the service account to the "domain admins" group, however I'd much rather a solution that didn't involve giving this account admin privileges at all.
I've given the account read permissions to /root/CIMv2 via the WMI control MMC snap-in, as well as DCOM remote enable and added it to the "Distributed COM Users" and "Performance Monitor Users" groups.
I'm fully out of ideas and my google-fu is failing. Anyone hit this before?Hi,
Yes, you will need to know the credentials of the domain admin in the trusted domain.
You can try to use Get-WmiObject command, and input trusted domain administrator’s credentials, which should give you admin privileges.
Using the Get-WMiObject Cmdlet
http://technet.microsoft.com/en-us/library/ee176860.aspx
If you have problems of applying Powershell, please refer to Powershell forum below:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserverpowershell&filter=alltypes&sort=lastpostdesc
Regards,
Amy
Maybe you are looking for
-
Remove ":" from select option label(description)
Hello All I have a requirement to remove the select option description (which SAP displays by default from the field label maintained in the data element), I thought the best way to achieve that requirement is by passing "space" to the parameter 'I_
-
I recently happily downgraded back to iTunes v.6 after experiencing a nightmare with iTunes v.7. Since re-installing v.6, everything is fine except for one strange and annoying problem. I'm hoping someone can help, so here goes.... Now, when I synch/
-
HI, My application is using xsltc to create PDFs.The application is deployed on weblogic 9.1. I have compiled my xsl files using xalan-j_2_7_0 from command-line and deployed the classes on the server. The problem i am facing is that the TransformerFa
-
I just posted this question in the General Flash Forum, before I realised there was a forum specifically for Flash Lite, but now that I've found this forum, I guess I'll post it here too... forgive me... Hi all, I've just earned a freelance contract
-
Java.lang.Object. init ???????
Can anyone tell me why Sun have removed the method java.lang.Object.<init> from their JDK1.3.1?