DFS Replication and File permissions
Before the problem here is a simple description of my setup
Two File servers, Each have a folder in D: that is setup to replicate using Replication Group via DFS.
All files/folders are replicated perfectly from server A to Server B. When folder/files permissions are checked on both Server A and B they are also perfectly replicated.
Here is the problem.
We have a user User1 who is given modify/read/write permissions on a folder Folder1 on Server A. Folder1 replicates perfectly on Server B and all permissions are also replicated and can be seen on Folder1 in Server B.
When User1 opens file share on Server A he has his assigned permissions to work ok. But when he opens the file share from Server B he is unable to Modify Read or write anything inside Folder1.
At present End users are instructed to use Server A to use the file shares, which are then replicated to Server B as a backup.
Please help.
Also share permissions are also same on both servers.
So User1 cannot edit files on ServerB while both NTFS permissions and Share permissions are the same on serverA and serverB? Please recheck both permissions specifically if any user group included with denied permission.
A possible workaround is to create a new folder on ServerB, move files from the old folder into it, delete the old folder and rename the new folder to the old name. Then connect as DFS target to replace the old one to see if issue still exists.
If you have any feedback on our support, please send to [email protected]
Similar Messages
-
I have two identical servers with 4 network interfaces each. The primary usage for two servers is hosting SQL Server instance with Always On high availability and dfs replication. Two network interfaces from each server will be used to connect to main network,
while for the other two (on each) I was thinking about using crossover cable to possibly provide shorter path for two servers to communicate.
Will there be any benefits to doing so, moreover, would teaming two crossover cable help more?
Edit: Below is the link to the article where I got the idea of moving DFS Replication traffic to crossover. I wasn't able to find any info whether same thing is applied to SQL Always On high availability.
http://blogs.technet.com/b/filecab/archive/2006/08/24/449013.aspxHi,
According to your description, my understanding is that you want to connect 2 servers by crossed cable(2 NICs).
Just as the blog suggested, directly connect the servers by crossed cable and configure corresponding route entries will improve efficiency.
If both servers have 2 NICs to connect, I recommend you to team the 2 NICs for bandwidth aggregation. NIC teaming is supported by Windows Server 2012/2012 R2, detailed information you may reference:
NIC Teaming Overview
https://technet.microsoft.com/en-us/library/hh831648.aspx
besides, for file servers, SMB Multichannel (a feature included with Windows Server 2012/2012 R2 and part of the SMB 3.0 protocol) will helpful for increasing the network performance and availability. Detailed information reference:
The basics of SMB Multichannel, a feature of Windows Server 2012 and SMB 3.0
http://blogs.technet.com/b/josebda/archive/2012/05/13/the-basics-of-smb-multichannel-a-feature-of-windows-server-2012-and-smb-3-0.aspx
For SQL server, suggestions in SQL Server Best Practices would be helpful for you:
https://technet.microsoft.com/en-us/sqlserver/bb671430.aspx
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Image Capture from iPhone to OS X and File Permissions
Hello. I'm running Lion 10.7.3 and have an iPhone 4S and iPad 2. When I use the Image Capture app to transfer pictures and videos from my devices to OS X it works great with the exception of one problem. Every file that it copies over ends up with permissions of:
(Me): Read & Write
everyone: No Access
This is problematic because when my wife is logged into her profile or anyone else tries to view these files via shared folders, they can't see them. I'm putting them into a folder I created on "Macintosh HD". The folder that they are in has permission of:
(Me): Read & Write
wheel: Read only
everyone: Read only
Each time I import I suppose I could drop into Terminal and run a command to fix the issues but there must be a better way.
Any ideas? Thank you in advance.Got a solution using Automator.
Create a workflow like:
This is an Image Capture Plugin. When you open Automator select Image Capture as the type of workflow and select these two actions.
Copy Finder Items will take the image from Image Capture and copy to your disk. Select the folder you want the image to go to in the To: pulldown. You should select the /Users/Shared folder and any subfolder you wish. I made a folder named Images.
In the second action make sure Pass Input: is set to as arguments and then add the chmod 644
Then exit Automator giving the workflow a name. In Image Capture you should see the workflow you just created
in the Import To: pulldown. Select it. Now when you import the fiels wil be copied to the folder you specified and the permissions will be set to 644 rw for you r for everyone else.
good luck. post back if you have any questions.
(and this is in the Lion list so my question about Aperture above is meaningless! ) -
Set default directory and file permissions
I'm trying to use setfacl to set the default permissions for directories and files but I get an error saying "sudo: setfacl: command not found." What I am trying to do is share a specific directory on a local external drive connected by Thunderbolt. Everyone in the group has access to the drive and can view all the files but once a new file is created, the group permissions are not updated. Here is an example of two PDF file. The one created by userA only has permissions for that user where the file created by userB allows all users to open and modity the file.
-rw------- 1 userA staff 1988176 Feb 13 15:09 TestFile01.pdf
-rwxr-----+ 1 userB staff 1827102 Feb 13 15:05 TestFile02.pdf
0: group:MarketingGroup allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity
I can manually update the permissions through the Get Info window but this requires me to reset permissions every time a person saves a new file to the drive. There needs to be a way to do this automatically.
Here is what I tried but the setfacl command is not supported.
sudo setfacl -Rdm g:GroupName:rwx /DirectoryPathThanks Frank. I have an externat drive connected to my Mac via Thunderbolt. On this drive I have a specific directory that I'm shairing with Mac and PC users. I've created a group on the network to limit access to this directory to specific users. That works perfectly. The issue I'm having is when one of these users creates a new file in this directory or any of it's subdirectories, no one has permission to open or edit the file. Right now I'm using Get Info to modify the permissions of the folder and all enclosed items. When I check the permissions of the files I've "corrected" I notice this extra imformation "0: group:MarketingGroup allow read,write,append,readattr,writeattr,readextattr,writeextattr,readsecurity." This is not included when I check the permissions of items saved by other uses in the group.
So my question is how do I set the default permissions for this directory so every new file and directory will have the correct permissions to allow anyone in this group full access to open and modify every file?
Thanks for your help!!!! -
BranchCache - multiple domains and file permissions
I have been researching BranchCache and looking into its feasibility given my requirements and constraints.
I am considering replacing servers in branch offices with a single BranchCache server [per branch] in 'hosted' mode.
1. It has been suggested that each hosting server can only host files from content servers in the same domain as the caching/hosting server. Is this correct? For jurisdictional purposes, we have a 'shared, global' forest but also 'local, jurisdictional'
forests. Each branch needs to access data which resides in either/several/all of these forests.
2. A simpler but related question - how are file permissions adhered to? Are the NTFS perms simply included as metadata? How does the hosting server authorise the requesting client access to the file at the point of request? Does the content server provide
the authorisation instead and hence client and content server must be in the same domain?
I'm keen to pursue this technology further but suspect it has limitations which mean it is not feasible within my environment.
Thanks,
neil
Neil RustonHi Neil -
I forwarded your questions to the BranchCache team, and this is their response:
"All of the entities in the BranchCache system can be on different domains and BranchCache will work just fine. It’s ok to have content servers and hosted cache servers on different domains or on no domain at all. The client and server
just need to be able to communicate to get BranchCache working.
"As far as permissions go, clients in the branch office need to be able to download hashes from the remote file/web server to use BranchCache. The file or web server authenticates and authorizes the client using whatever means it would if BranchCache
were not in the picture. Once the client is granted permission, it can retrieve the hashes and pull from the local cache. Permissions are not embedded in the hashes. Ownership of the hashes is all a client needs to download from the cache.
Hashes are a substitute for content and are kept secure the same way content is."
Thanks -
James McIllece -
Shell script, automator and file permissions
We have an environment where, that when a user creates a folder on a network vol, it is owned by them and no one else has access to it. They then place a folder structure from there local HD into that folder they just created on the server. You would think a simple get info window with the user changing the permissions to include all would actually change all the file permissions in the enclosed folder, but it doesn't. I have a simple script written in automator using /bin/bash that is supposed to change the permissions in every folder and file to rw for all (user, group and everyone). It doesn't seem to be working correctly all the time for a few users.
for f in "$@"
do
chmod -R 777 "$f"
done
I have tried this as well
for f in "$@"
do
chmod -R a+rw "$f"
done
But that should be pretty much the same thing.
Something i have noticed is the users with the most problem are running 10.4.11, while the script was written in 10.5. Also the users that are having the problem dont seem to have the same get info window as the rest of the 10.4.11 users, it very closely resembles 10.5, with some minor differences. It seems they are missing the groups or something. This might be more or less than an issue than I realize.
http://picasaweb.google.com/tiemmothi/UserPermissions?feat=directlink
the 10.4 window in question is "the offender" and
"Mine" is 10.5*Access Control List* entries are in addition to the regular POSIX permissions. They are not required, but add finer levels of access control. Setting the regular permissions to read/write for everyone should work unless there are ACL entries which allow additional access - you can see ACL entries and extended attributes with/bin/ls -le@d /path/to/some/folder
An inherited ACL entry to allow everyone read/write access would look something likechmod -R +a "everyone allow list,addfile,search,delete,add_subdirectory,delete_child,readattr,writeattr,chown,file_inherit,directoryinherit" /path/to/some/folderA users */Public/Drop Box* folder has similar entries. -
Copy usernames and file permissions from old workgroup to new Active Directory
Hi,
I have a Windows Server 2003 R2 with about 60 users, 100 shared folders and 5000 subfolders. Each folder has share and protection permissions. Each subfolder has protection permissions. No active directory.
I need to install Windows Server 2012 R2 (as Primary Domain Controller) and re-create
the same users (which can have different guid but with the same username as the old server)
the same shared folders, with the same permission as the old server granted to the users
the same subfolders, with the same permission as the old server granted to the users
all under Active Directory.
Is there a way to automate these steps?
Thanks!Look in script repository for scripts that export local users and groups.
You will have to learn how these two systems work and develop a script / method for translating between the two systems. It is very dependent on what has been don on old system. Using USMT and MDT would be the best.
Post in the deployment forum for instructions on how to use the MDT to migrate users in a batch. You would start by adding the 2003 server to the 2012 domain and then the MDT can be customized to do the move.
https://technet.microsoft.com/en-us/windows/dn475741.aspx?f=255&MSPPError=-2147217396
https://social.technet.microsoft.com/Forums/en-US/home?forum=mdt
¯\_(ツ)_/¯ -
Time Machine and File Permissions
'Twere I to rate this question's technicality on a scale of 1 through 10, it would rate 8. Just warning you. Unix people will be especially useful for this.
Okay, so, before the problems started, my hard drive had three partitions. One for OS X, one for file storage for Ubuntu Linux, and one called the "Swap" partition, which somehow relates to Ubuntu (the Ubuntu installer put it there, I've no idea what it's for). Here's a makeshift diagram of what my partition map used to be:
I ran out of space in my OS X partition. You see, I've recently had the fortune to obtain some rather fantastic software. The downside is that the software (and it's files) take up roughly 53GB. I won't trouble with you what it actually is (though it should have dawned on some people by now). Between OS X and Ubuntu Linux, OS X prevailed. As far as I'm concerned, Linux will have to wait 'till I have a larger hard drive.
So, I fired up Disk Utility, and tried to remove the two Linux partitions. It told me it was "Preparing to erase [insert Linux partition name]". It told me that for an hour. After one hour, I said screw it, I'll do this the "hard" way.
My initial plan was to back up my data, and completely reformat my drive, reinstall Leopard, and have it restore from my Time Machine backup. Now, my external drive is not big enough to hold a complete system-wide backup. I had to leave some stuff out. Here's the list of exclusions, taken directly from the back up logs:
Excluding System files: 16.3 GB (242143 items)
Excluding /Developer: 0 bytes (1 items)
Excluding /Users/Audacitor/Downloads: 7.9 GB (18 items)
Excluding /Applications/Creative Suite 3: 3.2 GB (13214 items)
Excluding /Applications/Disk Images/Macromedia: 240.5 MB (4 items)
Excluding /Applications/Utilities: 484.2 MB (111 items)
Excluding /Users/Audacitor/.Trash: 97.3 MB (2142 items)
Excluding /System: 108.2 MB (5874 items)
Excluding /Users/Audacitor/Library/Calendars/Calendar Cache: 144 KB (1 items)
Excluding /Users/Audacitor/Library/Safari/WebpageIcons.db: 52 KB (1 items)
Excluding /Users/Audacitor/Library/Mail/Envelope Index: 680 KB (1 items)
Excluding /Users/Audacitor/Library/Icons/WebpageIcons.db: 20 KB (1 items)
I am uncertain as to why it excluded those last four entries. I didn't ask them to be excluded, so I assumed that was something Time Machine does automatically.
The backup worked normally, or so it seemed. After about a half hour, it told me it was done. I hastily (read; stupidly) unplugged the drive and prepared to reformat my drive. So excited was I to reach my new software, that I made the utter and completely foolish move of not double checking that everything I needed was backed up. If I had, I might never have this problem, and even if this problem were destined to happen, I could have at least saved my Pictures folder (fortunately, most of it's contents are safely residing on my iPod).
So, I wiped my drive. Specifically, I booted into my Leopard Install DVD, and went for the Erase and Install option. The install commenced and finished without a hitch. I brought my "new" computer up, enjoyed the theatrics of the intro movie and started running through the setup. I came to the step where it asks if I want to transfer files from another Mac, from another volume on my Mac, from a Time Machine backup, or not at all. I of course clicked for a Time Machine back up. The first sign of trouble was that my backup didn't show up (despite having my external plugged in). I felt a pang of fear, but it didn't worry me too much, and I thought to myself that I'd just use Migration Assistant later on (the Leopard setup sequence specifically stated I could do this if I so wished).
So I went straight to my desktop and fired up Migration Assistant, and went through the steps till it asked me to select a Time Machine backup. But there were none to select from. I waited a full minute, my fear growing steadily to terror. Finally, I realized that my data was gone, and flipped out. My inner geek, which was screaming at me to calm down and look inside my external, was shackled and thrown into a tiny corner of my now completely panicked mind. This lasted for roughly two minutes. After regaining myself, and opened my external. It contained one folder named Backups.backupdb. I opened it, and inside I found Neomiranda (Neomiranda is the name I gave my computer). So far so good. Inside the folder of Neomiranda, I found 2008-02-20-060526.inProgress. Another 30 seconds of flipping out over the idea of .inProgress. After awhile, I had the sense to right click on it, and hit the "Show Package Contents" option.
Inside were three folders, with three corresponding log files. I quickly realized that each one was a backup. The first two were empty, which I anticipated. Those were my two attempts while figuring out what to exclude, so I could get a backup to fit on my external. The third contained another Neomiranda folder, which contained all my data. Everything except my Pictures folder was there.
So, I went back and forth, manually restoring my data. When I'd finished, I started up a few apps to check that everything worked. Not everything worked. Mail wouldn't even get a bounce from the dock, Firefox told me there was a copy of itself already running, and iTunes complained that I had either a locked disk or insufficient permissions. Acting on iTunes' advice, I set out comparing the permissions of various folders I'd copied to the permissions of their equivalents on another, fully functional, system. Everything checked out. Nothing was locked, and everything had the correct permissions. I fired up Disk Utility and had it a run a permissions repair. It spat out a great deal of stuff that it apparently found wrong, and apparently fixed, but ultimately, it had no effect.
I cannot find anything wrong with any permissions, but I've got a feeling that's where the problem is. Why? Because any time I want to do anything to a folder I've copied, or anything inside a folder I've copied, it wants my admin password. Despite no apparent differences in permissions between folders I don't need a password for and between folders I do need a password for, I need a password for folders I have copied from my backup.
I've not looked into file ownership, as I couldn't find a way to even find out who a file belongs to, much less actually change ownership to anything. If I end having to use chown at a bash, fine with me, but I'm not a Unix man. I'll still need help with it (though I do know how to use the man command).Same problem and for months now. I haven't been able to find a solution, but I suspect that's because I don't know exactly what's wrong.
-
[SOLVED] FSTAB and File Permissions
Hi Guru's
I'm a new Arch user migrating from Ubuntu.
I have one hard drive partitioned as follows:
SDA1 NTFS
SDA2 / ext3
SDA3 / swap
SDA4 NTFS
I also have a semi permanent USB Hard Drive and various other USB devices which seem to be mounting fine under autofs. When / if, I solve my fstab problem, I will look into Udev to give these devices static names.
My problem is that no matter what I try, I cannot make the two NTFS drives accessible by a normal user (me). The following is from my current fstab file:
/dev/sda1 /mnt/sda1 ntfs rw,user,auto,uid=1000,gid=100,sync,umask=000 # my uid and the users group
/dev/sda4 /mnt/sda4 ntfs rw,user,auto,uid=1000,gid=100,sync,umask=000
This is one of dozens of combinations I have tried based on research and "RTFM". I just keep getting more confused. The directory entries show me as the owner, rw permissions and belonging to the user group, the only problem is that I can not write to those partitions as a normal user.
Any suggestions would be greatly appreciated.
Any suggestions for links that tie in how fstab, autofs, udev and hal work together. I have seen links on all of them, but would like to see a brief overview on how they work together. As you can see, I'm one of those linux noobs.
Thanks
Larry
Last edited by ljshap (2008-05-27 11:04:44)Hi luca,
Thanks for the link. I made the following changes:
/dev/sda1 /mnt/sda1 ntfs-3g users,noauto,uid=1000,gid=100,fmask=0113,dmask=0002,locale=en_PH.utf8 0 0
/dev/sda4 /mnt/sda4 ntfs-3g users,uid=1000,gid=100,fmask=0113,dmask=0002,locale=en_PH.utf8 0 0
Except for the locale, its working great. I still have to mount sda1 as root, which is probably a good idea for the other OSes partition. If I change it to auto it does mount automatically but thats flirting with danger
On to Udev
Thanks Again
Larry -
Directory and file permissions in Oracle EBS R12.2.4
Hi there
I beleive that a typical R12.2.4 Linux x86-64 based environment has following directory structure under the installation directory (/u01/oracle/<SID>)
11.2.0 data fs1 fs2 fs_ne
So my question here is what should be the permission level of these directories (and their subdirectories) and the files underneath them. I am looking for permissions for both Database Tier and Application Tier directories and associated files. Is there a published Oracle Support document for this?
Regards
KabeerBut by memory I recall that the files underneath the DB and Apps Tier's directories were having lesser permissions. And that's where I was asking to make sure.
The list of files/directories with the permissions are not documented and the only way to revert back to the original values which are set by Rapid Install is re-running the installation again.
If this instance is used for practice only you may keep permissions the way they are now as long as the application/database work with no issues.
Thanks,
Hussein -
Power shell script to list all files and folder permissions recursively
Hi All,
I am looking for a powershell script to perform the following operations.
1) To list the folder and file permissions(Allow,Deny both) recursively in a given folder.
2) List out all the files and folders which are having the deny permission or having only the read access (or) only the write access. Basically the folder should have Read,Execute,Write permissions. Else we have to flag that file/folder name.
I had written a batch script for the same which does this task using icacls.exe output, but this script takes lot of time to recursively parse all the files ( ~1 lakh files).
Please help me with the powershell script for the same.
Thanks
SambasivaTry this module: http://gallery.technet.microsoft.com/scriptcenter/PowerShellAccessControl-d3be7b83
After importing the module, you can run something like this:
dir c:\folder -recurse | Get-AccessControlEntry
That output can be exported to a CSV for later viewing. You can also provide some parameters to Get-AccessControlEntry to limit the results:
dir c:\folder -recurse | Get-AccessControlEntry -FileRights Write
dir c:\folder -recurse | Get-AccessControlEntry -AceType AccessDenied
dir c:\folder -recurse | Get-AccessControlEntry -AceType AccessAllowed -FileRights Write -
Is the DFS replication DFsrPrivate a junction point folder and if so where are the files stored?
We have DFS replication set and see an arrow against the folder DFSrPrivate. Do the files reside at this location or elsewhere?
Thanks
DavidHi David,
The DFsrPrivate folder resides at replicated folders. This folder is in reality a junction point or, in simpler terms, a link to another location on the volume. It seems to point to a path under the ‘System Volume Information’ folder on the same volume.
For more detailed information, you could refer to the article below:
Backup/Restore of DFSR Replicated Data - Part 2: Inspecting DFSR's Footprint
http://blogs.technet.com/b/filecab/archive/2008/06/22/backup-restore-of-dfsr-replicated-data-part-2-inspecting-dfsr-s-footprint.aspx
Best Regards,
Mandy
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
DFS replication stopped working and cannot be debugged because WMI repository cannot be accessed
Hello,
two days ago our DFS replication suddendly stopped working sometime around midnight local time. At least this is what our second domain controller is reporting. Event log is flooded with event id 5002 from DFSR. It is unclear what caused this sudden problem
and even worse, how to solve it. First thing I tried was to perform propagation tests. According to propagation report none of them was successful. Creating an integrity report brought me to another problem: It fails with two errors. First it is unable to
connect to the other DC. Second it is unable to access local WMI repository. This is true for both machines.
First I tried to find information on possible problems with WMI. WMIdiag provided a lot of information. However, opinions I found on the net largely disagree whether output from WMIdiag is useful or not. Yet I tried to re-compile .mof files and rebuild the
repository. So far, nothing changed. This is my output from WMIdiag:
34309 13:02:46 (0) ** WMIDiag v2.1 started on Donnerstag, 22. Mai 2014 at 12:49.
34310 13:02:46 (0) **
34311 13:02:46 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007.
34312 13:02:46 (0) **
34313 13:02:46 (0) ** This script is not supported under any Microsoft standard support program or service.
34314 13:02:46 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
34315 13:02:46 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
34316 13:02:46 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
34317 13:02:46 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
34318 13:02:46 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
34319 13:02:46 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
34320 13:02:46 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
34321 13:02:46 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
34322 13:02:46 (0) ** of the possibility of such damages.
34323 13:02:46 (0) **
34324 13:02:46 (0) **
34325 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34326 13:02:46 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
34327 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34328 13:02:46 (0) **
34329 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34330 13:02:46 (0) ** Windows Server 2008 R2 - Service pack 1 - 64-bit (7601) - User 'COM\ABCDEF' on computer 'DC2'.
34331 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34332 13:02:46 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)!
34333 13:02:46 (0) ** INFO: => 1 possible incorrect shutdown(s) detected on:
34334 13:02:46 (0) ** - Shutdown on 01 April 2014 10:20:54 (GMT-0).
34335 13:02:46 (0) **
34336 13:02:46 (0) ** System drive: ....................................................................................................... C: (Datenträgernr. 0 Partitionsnr. 1).
34337 13:02:46 (0) ** Drive type: ......................................................................................................... SCSI (Adaptec Array SCSI Disk Device).
34338 13:02:46 (0) ** There are no missing WMI system files: .............................................................................. OK.
34339 13:02:46 (0) ** There are no missing WMI repository files: .......................................................................... OK.
34340 13:02:46 (0) ** WMI repository state: ............................................................................................... CONSISTENT.
34341 13:02:46 (0) ** AFTER running WMIDiag:
34342 13:02:46 (0) ** The WMI repository has a size of: ................................................................................... 26 MB.
34343 13:02:46 (0) ** - Disk free space on 'C:': .......................................................................................... 10665 MB.
34344 13:02:46 (0) ** - INDEX.BTR, 4276224 bytes, 22.05.2014 12:52:30
34345 13:02:46 (0) ** - MAPPING1.MAP, 67248 bytes, 22.05.2014 12:52:30
34346 13:02:46 (0) ** - MAPPING2.MAP, 67168 bytes, 22.05.2014 12:48:33
34347 13:02:46 (0) ** - OBJECTS.DATA, 23126016 bytes, 22.05.2014 12:52:30
34348 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34349 13:02:46 (0) ** INFO: Windows Firewall status: ...................................................................................... ENABLED.
34350 13:02:46 (0) ** Windows Firewall Profile: ........................................................................................... DOMAIN.
34351 13:02:46 (0) ** Inbound connections that do not match a rule BLOCKED: ............................................................... ENABLED.
34352 13:02:46 (0) ** => This will prevent any WMI remote connectivity to this computer except
34353 13:02:46 (0) ** if the following three inbound rules are ENABLED and non-BLOCKING:
34354 13:02:46 (0) ** - 'Windows Management Instrumentation (DCOM-In)'
34355 13:02:46 (0) ** - 'Windows Management Instrumentation (WMI-In)'
34356 13:02:46 (0) ** - 'Windows Management Instrumentation (ASync-In)'
34357 13:02:46 (0) ** Verify the reported status for each of these three inbound rules below.
34358 13:02:46 (0) **
34359 13:02:46 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI)' group rule: ............................................. DISABLED.
34360 13:02:46 (0) ** => This will prevent any WMI remote connectivity to/from this machine.
34361 13:02:46 (0) ** - You can adjust the configuration by executing the following command:
34362 13:02:46 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE GROUP="Windows Management Instrumentation (WMI)" NEW ENABLE=YES'
34363 13:02:46 (0) ** Note: With this command all inbound and outbound WMI rules are activated at once!
34364 13:02:46 (0) ** You can also enable each individual rule instead of activating the group rule.
34365 13:02:46 (0) **
34366 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34367 13:02:46 (0) ** DCOM Status: ........................................................................................................ OK.
34368 13:02:46 (0) ** WMI registry setup: ................................................................................................. OK.
34369 13:02:46 (0) ** INFO: WMI service has dependents: ................................................................................... 1 SERVICE(S)!
34370 13:02:46 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Disabled')
34371 13:02:46 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well.
34372 13:02:46 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but
34373 13:02:46 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped,
34374 13:02:46 (0) ** this can prevent the service/application to work as expected.
34375 13:02:46 (0) **
34376 13:02:46 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
34377 13:02:46 (0) ** WINMGMT service: .................................................................................................... OK (Already started).
34378 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34379 13:02:46 (0) ** WMI service DCOM setup: ............................................................................................. OK.
34380 13:02:46 (0) ** WMI components DCOM registrations: .................................................................................. OK.
34381 13:02:46 (0) ** WMI ProgID registrations: ........................................................................................... OK.
34382 13:02:46 (0) ** WMI provider DCOM registrations: .................................................................................... OK.
34383 13:02:46 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
34384 13:02:46 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
34385 13:02:46 (2) !! WARNING: Some WMI providers EXE/DLL file(s) are missing: ............................................................ 1 WARNING(S)!
34386 13:02:46 (0) ** - ROOT/MICROSOFTACTIVEDIRECTORY, ReplProv1, replprov.dll
34387 13:02:46 (0) ** => This will make any operations related to the WMI class supported by the provider(s) to fail.
34388 13:02:46 (0) ** This can be due to:
34389 13:02:46 (0) ** - the de-installation of the software.
34390 13:02:46 (0) ** - the deletion of some files.
34391 13:02:46 (0) ** => If the software has been de-installed intentionally, then this information must be
34392 13:02:46 (0) ** removed from the WMI repository. You can use the 'WMIC.EXE' command to remove
34393 13:02:46 (0) ** the provider registration data.
34394 13:02:46 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT\MICROSOFTACTIVEDIRECTORY path __Win32Provider Where Name='ReplProv1' DELETE'
34395 13:02:46 (0) ** => If not, you must restore a copy of the missing provider EXE/DLL file(s) as indicated by the path.
34396 13:02:46 (0) ** You can retrieve the missing file from:
34397 13:02:46 (0) ** - A backup.
34398 13:02:46 (0) ** - The Windows CD.
34399 13:02:46 (0) ** - Another Windows installation using the same version and service pack level of the examined system.
34400 13:02:46 (0) ** - The original CD or software package installing this WMI provider.
34401 13:02:46 (0) **
34402 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34403 13:02:46 (0) ** INFO: User Account Control (UAC): ................................................................................... DISABLED.
34404 13:02:46 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED.
34405 13:02:46 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative
34406 13:02:46 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer
34407 13:02:46 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote
34408 13:02:46 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group.
34409 13:02:46 (0) **
34410 13:02:46 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
34411 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED!
34412 13:02:46 (0) ** - REMOVED ACE:
34413 13:02:46 (0) ** ACEType: &h0
34414 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34415 13:02:46 (0) ** ACEFlags: &h0
34416 13:02:46 (0) ** ACEMask: &h7
34417 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34418 13:02:46 (0) ** DCOM_RIGHT_ACCESS_LOCAL
34419 13:02:46 (0) ** DCOM_RIGHT_ACCESS_REMOTE
34420 13:02:46 (0) **
34421 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34422 13:02:46 (0) ** Removing default security will cause some operations to fail!
34423 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34424 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34425 13:02:46 (0) **
34426 13:02:46 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
34427 13:02:46 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED!
34428 13:02:46 (0) ** - REMOVED ACE:
34429 13:02:46 (0) ** ACEType: &h0
34430 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34431 13:02:46 (0) ** ACEFlags: &h0
34432 13:02:46 (0) ** ACEMask: &h7
34433 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34434 13:02:46 (0) ** DCOM_RIGHT_ACCESS_LOCAL
34435 13:02:46 (0) ** DCOM_RIGHT_ACCESS_REMOTE
34436 13:02:46 (0) **
34437 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34438 13:02:46 (0) ** Removing default security will cause some operations to fail!
34439 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34440 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34441 13:02:46 (0) **
34442 13:02:46 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
34443 13:02:46 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
34444 13:02:46 (0) ** - REMOVED ACE:
34445 13:02:46 (0) ** ACEType: &h0
34446 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34447 13:02:46 (0) ** ACEFlags: &h0
34448 13:02:46 (0) ** ACEMask: &h7
34449 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34450 13:02:46 (0) ** DCOM_RIGHT_ACCESS_LOCAL
34451 13:02:46 (0) ** DCOM_RIGHT_ACCESS_REMOTE
34452 13:02:46 (0) **
34453 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34454 13:02:46 (0) ** Removing default security will cause some operations to fail!
34455 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34456 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34457 13:02:46 (0) **
34458 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
34459 13:02:46 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
34460 13:02:46 (0) ** - REMOVED ACE:
34461 13:02:46 (0) ** ACEType: &h0
34462 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34463 13:02:46 (0) ** ACEFlags: &h0
34464 13:02:46 (0) ** ACEMask: &h1F
34465 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34466 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34467 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34468 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34469 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34470 13:02:46 (0) **
34471 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34472 13:02:46 (0) ** Removing default security will cause some operations to fail!
34473 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34474 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34475 13:02:46 (0) **
34476 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
34477 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
34478 13:02:46 (0) ** - REMOVED ACE:
34479 13:02:46 (0) ** ACEType: &h0
34480 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34481 13:02:46 (0) ** ACEFlags: &h0
34482 13:02:46 (0) ** ACEMask: &h1F
34483 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34484 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34485 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34486 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34487 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34488 13:02:46 (0) **
34489 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34490 13:02:46 (0) ** Removing default security will cause some operations to fail!
34491 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34492 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34493 13:02:46 (0) **
34494 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
34495 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
34496 13:02:46 (0) ** - REMOVED ACE:
34497 13:02:46 (0) ** ACEType: &h0
34498 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34499 13:02:46 (0) ** ACEFlags: &h0
34500 13:02:46 (0) ** ACEMask: &h1F
34501 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34502 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34503 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34504 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34505 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34506 13:02:46 (0) **
34507 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34508 13:02:46 (0) ** Removing default security will cause some operations to fail!
34509 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34510 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34511 13:02:46 (0) **
34512 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
34513 13:02:46 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
34514 13:02:46 (0) ** - REMOVED ACE:
34515 13:02:46 (0) ** ACEType: &h0
34516 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34517 13:02:46 (0) ** ACEFlags: &h0
34518 13:02:46 (0) ** ACEMask: &h1F
34519 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34520 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34521 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34522 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34523 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34524 13:02:46 (0) **
34525 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34526 13:02:46 (0) ** Removing default security will cause some operations to fail!
34527 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34528 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34529 13:02:46 (0) **
34530 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
34531 13:02:46 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED!
34532 13:02:46 (0) ** - REMOVED ACE:
34533 13:02:46 (0) ** ACEType: &h0
34534 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34535 13:02:46 (0) ** ACEFlags: &h0
34536 13:02:46 (0) ** ACEMask: &h1F
34537 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34538 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34539 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34540 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34541 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34542 13:02:46 (0) **
34543 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34544 13:02:46 (0) ** Removing default security will cause some operations to fail!
34545 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34546 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34547 13:02:46 (0) **
34548 13:02:46 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
34549 13:02:46 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
34550 13:02:46 (0) ** - REMOVED ACE:
34551 13:02:46 (0) ** ACEType: &h0
34552 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34553 13:02:46 (0) ** ACEFlags: &h0
34554 13:02:46 (0) ** ACEMask: &hB
34555 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34556 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34557 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34558 13:02:46 (0) **
34559 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34560 13:02:46 (0) ** Removing default security will cause some operations to fail!
34561 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34562 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34563 13:02:46 (0) **
34564 13:02:46 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
34565 13:02:46 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
34566 13:02:46 (0) ** - REMOVED ACE:
34567 13:02:46 (0) ** ACEType: &h0
34568 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34569 13:02:46 (0) ** ACEFlags: &h0
34570 13:02:46 (0) ** ACEMask: &h1F
34571 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34572 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34573 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34574 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34575 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34576 13:02:46 (0) **
34577 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34578 13:02:46 (0) ** Removing default security will cause some operations to fail!
34579 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34580 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34581 13:02:46 (0) **
34582 13:02:46 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
34583 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
34584 13:02:46 (0) ** - REMOVED ACE:
34585 13:02:46 (0) ** ACEType: &h0
34586 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34587 13:02:46 (0) ** ACEFlags: &h0
34588 13:02:46 (0) ** ACEMask: &h1F
34589 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34590 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34591 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34592 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34593 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34594 13:02:46 (0) **
34595 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34596 13:02:46 (0) ** Removing default security will cause some operations to fail!
34597 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34598 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34599 13:02:46 (0) **
34600 13:02:46 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
34601 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
34602 13:02:46 (0) ** - REMOVED ACE:
34603 13:02:46 (0) ** ACEType: &h0
34604 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34605 13:02:46 (0) ** ACEFlags: &h0
34606 13:02:46 (0) ** ACEMask: &h1F
34607 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34608 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34609 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34610 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34611 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34612 13:02:46 (0) **
34613 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34614 13:02:46 (0) ** Removing default security will cause some operations to fail!
34615 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34616 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34617 13:02:46 (0) **
34618 13:02:46 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
34619 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED!
34620 13:02:46 (0) ** - REMOVED ACE:
34621 13:02:46 (0) ** ACEType: &h0
34622 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34623 13:02:46 (0) ** ACEFlags: &h0
34624 13:02:46 (0) ** ACEMask: &h1F
34625 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34626 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34627 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34628 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34629 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34630 13:02:46 (0) **
34631 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34632 13:02:46 (0) ** Removing default security will cause some operations to fail!
34633 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34634 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34635 13:02:46 (0) **
34636 13:02:46 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
34637 13:02:46 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED!
34638 13:02:46 (0) ** - REMOVED ACE:
34639 13:02:46 (0) ** ACEType: &h0
34640 13:02:46 (0) ** ACCESS_ALLOWED_ACE_TYPE
34641 13:02:46 (0) ** ACEFlags: &h0
34642 13:02:46 (0) ** ACEMask: &h1F
34643 13:02:46 (0) ** DCOM_RIGHT_EXECUTE
34644 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_LOCAL
34645 13:02:46 (0) ** DCOM_RIGHT_LAUNCH_REMOTE
34646 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL
34647 13:02:46 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE
34648 13:02:46 (0) **
34649 13:02:46 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
34650 13:02:46 (0) ** Removing default security will cause some operations to fail!
34651 13:02:46 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
34652 13:02:46 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
34653 13:02:46 (0) **
34654 13:02:46 (0) **
34655 13:02:46 (0) ** DCOM security warning(s) detected: .................................................................................. 0.
34656 13:02:46 (0) ** DCOM security error(s) detected: .................................................................................... 14.
34657 13:02:46 (0) ** WMI security warning(s) detected: ................................................................................... 0.
34658 13:02:46 (0) ** WMI security error(s) detected: ..................................................................................... 0.
34659 13:02:46 (0) **
34660 13:02:46 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR!
34661 13:02:46 (0) ** Overall WMI security status: ........................................................................................ OK.
34662 13:02:46 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
34663 13:02:46 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1.
34664 13:02:46 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer".
34665 13:02:46 (0) ** 'select * from MSFT_SCMEventLogEvent'
34666 13:02:46 (0) **
34667 13:02:46 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
34668 13:02:46 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 3 NAMESPACE(S)!
34669 13:02:46 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM.
34670 13:02:46 (0) ** - ROOT/CIMV2/TERMINALSERVICES.
34671 13:02:46 (0) ** - ROOT/SERVICEMODEL.
34672 13:02:46 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to
34673 13:02:46 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level.
34674 13:02:46 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags)
34675 13:02:46 (0) ** i.e. 'WMIC.EXE /NODE:"ISWDC2" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity'
34676 13:02:46 (0) **
34677 13:02:46 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK.
34678 13:02:46 (0) ** WMI CONNECTIONS: .................................................................................................... OK.
34679 13:02:46 (1) !! ERROR: WMI GET operation errors reported: ........................................................................... 32 ERROR(S)!
34680 13:02:46 (0) ** - Root/CIMV2, MSFT_NetInvalidDriverDependency, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34681 13:02:46 (0) ** MOF Registration: ''
34682 13:02:46 (0) ** - Root/CIMV2, Win32_OsBaselineProvider, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34683 13:02:46 (0) ** MOF Registration: ''
34684 13:02:46 (0) ** - Root/CIMV2, Win32_OsBaseline, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34685 13:02:46 (0) ** MOF Registration: ''
34686 13:02:46 (0) ** - Root/CIMV2, Win32_DriverVXD, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34687 13:02:46 (0) ** MOF Registration: ''
34688 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_BITS_BITSNetUtilization, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34689 13:02:46 (0) ** MOF Registration: ''
34690 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_BITS_BITSNetUtilization, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34691 13:02:46 (0) ** MOF Registration: ''
34692 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_GenericIKEandAuthIP, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34693 13:02:46 (0) ** MOF Registration: ''
34694 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_GenericIKEandAuthIP, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34695 13:02:46 (0) ** MOF Registration: ''
34696 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecAuthIPv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34697 13:02:46 (0) ** MOF Registration: ''
34698 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecAuthIPv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34699 13:02:46 (0) ** MOF Registration: ''
34700 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecAuthIPv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34701 13:02:46 (0) ** MOF Registration: ''
34702 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecAuthIPv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34703 13:02:46 (0) ** MOF Registration: ''
34704 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecIKEv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34705 13:02:46 (0) ** MOF Registration: ''
34706 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecIKEv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34707 13:02:46 (0) ** MOF Registration: ''
34708 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecIKEv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34709 13:02:46 (0) ** MOF Registration: ''
34710 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecIKEv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34711 13:02:46 (0) ** MOF Registration: ''
34712 13:02:46 (0) ** - Root/CIMV2, Win32_PerfFormattedData_TermService_TerminalServices, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34713 13:02:46 (0) ** MOF Registration: ''
34714 13:02:46 (0) ** - Root/CIMV2, Win32_PerfRawData_TermService_TerminalServices, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34715 13:02:46 (0) ** MOF Registration: ''
34716 13:02:46 (0) ** - Root/WMI, ReserveDisjoinThread, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34717 13:02:46 (0) ** MOF Registration: ''
34718 13:02:46 (0) ** - Root/WMI, ReserveLateCount, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34719 13:02:46 (0) ** MOF Registration: ''
34720 13:02:46 (0) ** - Root/WMI, ReserveJoinThread, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34721 13:02:46 (0) ** MOF Registration: ''
34722 13:02:46 (0) ** - Root/WMI, ReserveDelete, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34723 13:02:46 (0) ** MOF Registration: ''
34724 13:02:46 (0) ** - Root/WMI, ReserveBandwidth, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34725 13:02:46 (0) ** MOF Registration: ''
34726 13:02:46 (0) ** - Root/WMI, ReserveCreate, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34727 13:02:46 (0) ** MOF Registration: ''
34728 13:02:46 (0) ** - Root/WMI, SystemConfig_PhyDisk, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34729 13:02:46 (0) ** MOF Registration: ''
34730 13:02:46 (0) ** - Root/WMI, SystemConfig_Video, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34731 13:02:46 (0) ** MOF Registration: ''
34732 13:02:46 (0) ** - Root/WMI, SystemConfig_IDEChannel, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34733 13:02:46 (0) ** MOF Registration: ''
34734 13:02:46 (0) ** - Root/WMI, SystemConfig_NIC, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34735 13:02:46 (0) ** MOF Registration: ''
34736 13:02:46 (0) ** - Root/WMI, SystemConfig_Network, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34737 13:02:46 (0) ** MOF Registration: ''
34738 13:02:46 (0) ** - Root/WMI, SystemConfig_CPU, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34739 13:02:46 (0) ** MOF Registration: ''
34740 13:02:46 (0) ** - Root/WMI, SystemConfig_LogDisk, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34741 13:02:46 (0) ** MOF Registration: ''
34742 13:02:46 (0) ** - Root/WMI, SystemConfig_Power, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
34743 13:02:46 (0) ** MOF Registration: ''
34744 13:02:46 (0) ** => When a WMI performance class is missing (i.e. 'Win32_PerfRawData_TermService_TerminalServices'), it is generally due to
34745 13:02:46 (0) ** a lack of buffer refresh of the WMI class provider exposing the WMI performance counters.
34746 13:02:46 (0) ** You can refresh the WMI class provider buffer with the following command:
34747 13:02:46 (0) **
34748 13:02:46 (0) ** i.e. 'WINMGMT.EXE /SYNCPERF'
34749 13:02:46 (0) **
34750 13:02:46 (0) ** WMI MOF representations: ............................................................................................ OK.
34751 13:02:46 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
34752 13:02:46 (0) ** WMI ENUMERATION operations: ......................................................................................... OK.
34753 13:02:46 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
34754 13:02:46 (2) !! WARNING: WMI GET VALUE operation errors reported: ................................................................... 5 WARNING(S)!
34755 13:02:46 (0) ** - Root, Instance: __EventConsumerProviderCacheControl=@, Property: ClearAfter='00000000000030.000000:000' (Expected default='00000000000500.000000:000').
34756 13:02:46 (0) ** - Root, Instance: __EventProviderCacheControl=@, Property: ClearAfter='00000000000030.000000:000' (Expected default='00000000000500.000000:000').
34757 13:02:46 (0) ** - Root, Instance: __EventSinkCacheControl=@, Property: ClearAfter='00000000000015.000000:000' (Expected default='00000000000230.000000:000').
34758 13:02:46 (0) ** - Root, Instance: __ObjectProviderCacheControl=@, Property: ClearAfter='00000000000030.000000:000' (Expected default='00000000000500.000000:000').
34759 13:02:46 (0) ** - Root, Instance: __PropertyProviderCacheControl=@, Property: ClearAfter='00000000000030.000000:000' (Expected default='00000000000500.000000:000').
34760 13:02:46 (0) **
34761 13:02:46 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
34762 13:02:46 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
34763 13:02:46 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
34764 13:02:46 (0) ** WMI static instances retrieved: ..................................................................................... 1822.
34765 13:02:46 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
34766 13:02:46 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1.
34767 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34768 13:02:46 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
34769 13:02:46 (0) ** DCOM: ............................................................................................................. 0.
34770 13:02:46 (0) ** WINMGMT: .......................................................................................................... 0.
34771 13:02:46 (0) ** WMIADAPTER: ....................................................................................................... 0.
34772 13:02:46 (0) **
34773 13:02:46 (0) ** # of additional Event Log events AFTER WMIDiag execution:
34774 13:02:46 (0) ** DCOM: ............................................................................................................. 0.
34775 13:02:46 (0) ** WINMGMT: .......................................................................................................... 0.
34776 13:02:46 (0) ** WMIADAPTER: ....................................................................................................... 0.
34777 13:02:46 (0) **
34778 13:02:46 (0) ** 32 error(s) 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found
34779 13:02:46 (0) ** => This error is typically a WMI error. This WMI error is due to:
34780 13:02:46 (0) ** - a missing WMI class definition or object.
34781 13:02:46 (0) ** (See any GET, ENUMERATION, EXECQUERY and GET VALUE operation failures).
34782 13:02:46 (0) ** You can correct the missing class definitions by:
34783 13:02:46 (0) ** - Manually recompiling the MOF file(s) with the 'MOFCOMP <FileName.MOF>' command.
34784 13:02:46 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag.
34785 13:02:46 (0) ** (This list can be built on a similar and working WMI Windows installation)
34786 13:02:46 (0) ** The following command line must be used:
34787 13:02:46 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider'
34788 13:02:46 (0) ** Note: When a WMI performance class is missing, you can manually resynchronize performance counters
34789 13:02:46 (0) ** with WMI by starting the ADAP process.
34790 13:02:46 (0) ** - a WMI repository corruption.
34791 13:02:46 (0) ** In such a case, you must rerun WMIDiag with 'WriteInRepository' parameter
34792 13:02:46 (0) ** to validate the WMI repository operations.
34793 13:02:46 (0) ** Note: ENSURE you are an administrator with FULL access to WMI EVERY namespaces of the computer before
34794 13:02:46 (0) ** executing the WriteInRepository command. To write temporary data from the Root namespace, use:
34795 13:02:46 (0) ** i.e. 'WMIDiag WriteInRepository=Root'
34796 13:02:46 (0) ** - If the WriteInRepository command fails, while being an Administrator with ALL accesses to ALL namespaces
34797 13:02:46 (0) ** the WMI repository must be reconstructed.
34798 13:02:46 (0) ** Note: The WMI repository reconstruction requires to locate all MOF files needed to rebuild the repository,
34799 13:02:46 (0) ** otherwise some applications may fail after the reconstruction.
34800 13:02:46 (0) ** This can be achieved with the following command:
34801 13:02:46 (0) ** i.e. 'WMIDiag ShowMOFErrors'
34802 13:02:46 (0) ** Note: The repository reconstruction must be a LAST RESORT solution and ONLY after executing
34803 13:02:46 (0) ** ALL fixes previously mentioned.
34804 13:02:46 (2) !! WARNING: Static information stored by external applications in the repository will be LOST! (i.e. SMS Inventory)
34805 13:02:46 (0) **
34806 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34807 13:02:46 (0) ** WMI Registry key setup: ............................................................................................. OK.
34808 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34809 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34810 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34811 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34812 13:02:46 (0) **
34813 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34814 13:02:46 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
34815 13:02:46 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
34816 13:02:46 (0) **
34817 13:02:46 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\ABCDEF\APPDATA\LOCAL\TEMP\WMIDIAG-V2.1_2K8R2.SRV.SP1.64_ISWDC2_2014.05.22_12.49.13.LOG' for details.
34818 13:02:46 (0) **
34819 13:02:46 (0) ** WMIDiag v2.1 ended on Donnerstag, 22. Mai 2014 at 13:02 (W:89 E:52 S:1).
There are a lot of error in the report and I don't know, whether they are relevant or how to solve them. To my current knowledge, I need to solve at least some of them so that I can access the local WMI repository again and get replication back working.
But after hours of research I am stuck. Any hints are greatly appreciated.
Regards,
OliverI don't know why, but soon after posting this, I found a solution to the problem. The WMI part was solved in this thread:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/953be9ef-e9e3-4885-a5c4-47fc475ba562/dfs-is-not-working-anymore?forum=winserverfiles
The relevant portion is this:
Open a CMD prompt in %windir%\system32\wbem
mofcomp dfsrprovs.mof
net stop winmgmt
net start winmgmt
net start iphlpsvc
net stop dfsr
net start dfsr
I don't know why recompiling of all mof did not solve the problem, but the solution above did. Restarting the DCs solved the communication issue. I don't know why the primary DC forgot about the WMI DFS provider or why communication failed. However, it is
working again, it seems. -
BSOD on Server 2012 running dfs namespace and dfs replication roles with deduplication
Hello,
I have recently setup 2 dfsn & dfsr servers, both 2012 one physical the other virtual.
The idea is to have one server as primary and the other as a failover \ DR.
The primary server is virtual and connects via mpio \ iscsi to a dell san, using the provided dell DSM Drivers.
The secondary server is physical with local disk for storage.
I copy files to a namespace setup to always prefer the primary server, these files are then replicated across to the secondary.
I have also turned on deduplication on both servers to get the most out of the available storage.
This has been working well for 6 months or so, there have however been 2-3 occasions where the primary virtual server has crashed and blue screened causing the DFSR database to undergo a full consistency check.
The bug check errors i have managed to extract from the Memory.dmp and mini dump are as follows:
* Bugcheck Analysis
REFERENCE_BY_POINTER (18)
Arguments:
Arg1: 0000000000000000, Object type of the object whose reference count is being lowered
Arg2: fffffa80379a3070, Object whose reference count is being lowered
Arg3: 0000000000000002, Reserved
Arg4: ffffffffffffffff, Reserved
The reference count of an object is illegal for the current state of the object.
Each time a driver uses a pointer to an object the driver calls a kernel routine
to increment the reference count of the object. When the driver is done with the
pointer the driver calls another kernel routine to decrement the reference count.
Drivers must match calls to the increment and decrement routines. This bugcheck
can occur because an object's reference count goes to zero while there are still
open handles to the object, in which case the fourth parameter indicates the number
of opened handles. It may also occur when the object?s reference count drops below zero
whether or not there are open handles to the object, and in that case the fourth parameter
contains the actual value of the pointer references count.
Debugging Details:
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: 0x18
PROCESS_NAME: dfsrs.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre
LAST_CONTROL_TRANSFER: from fffff800999ee0d7 to fffff8009985a440
STACK_TEXT:
fffff880`0bf3fb48 fffff800`999ee0d7 : 00000000`00000018 00000000`00000000 fffffa80`379a3070 00000000`00000002 : nt!KeBugCheckEx
fffff880`0bf3fb50 fffff800`99c33529 : fffffa80`379a3070 fffff8a0`0244adc0 00000000`000017e4 0000001b`930b60d8 : nt! ?? ::FNODOBFM::`string'+0x38605
fffff880`0bf3fb90 fffff800`99859453 : fffffa80`4063db00 fffffa80`4063db00 fffff880`0bf3fcc0 00000000`00000001 : nt!NtClose+0x239
fffff880`0bf3fc40 000007ff`5e8d2cda : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
0000001b`9069f398 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x000007ff`5e8d2cda
STACK_COMMAND: kb
FOLLOWUP_IP:
nt! ?? ::FNODOBFM::`string'+38605
fffff800`999ee0d7 cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt! ?? ::FNODOBFM::`string'+38605
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 51a966cd
IMAGE_VERSION: 6.2.9200.16628
BUCKET_ID_FUNC_OFFSET: 38605
FAILURE_BUCKET_ID: 0x18_OVER_DEREFERENCE_nt!_??_::FNODOBFM::_string_
BUCKET_ID: 0x18_OVER_DEREFERENCE_nt!_??_::FNODOBFM::_string_
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x18_over_dereference_nt!_??_::fnodobfm::_string_
FAILURE_ID_HASH: {eaf19261-0688-f327-a17d-6f7960ac4ebd}
Followup: MachineOwner
rax=0000000000000000 rbx=ffffffffffffffff rcx=0000000000000018
rdx=0000000000000000 rsi=fffffa80379a3070 rdi=00000000fffc000c
rip=fffff8009985a440 rsp=fffff8800bf3fb48 rbp=fffffa80379a3040
r8=fffffa80379a3070 r9=0000000000000002 r10=fffffa8030d89190
r11=fffffa804063db00 r12=00000000000017e4 r13=0000000000000000
r14=fffff8a00a548f90 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000246
nt!KeBugCheckEx:
fffff800`9985a440 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff880`0bf3fb50=0000000000000018
Child-SP RetAddr : Args to Child
: Call Site
fffff880`0bf3fb48 fffff800`999ee0d7 : 00000000`00000018 00000000`00000000 fffffa80`379a3070 00000000`00000002 : nt!KeBugCheckEx
fffff880`0bf3fb50 fffff800`99c33529 : fffffa80`379a3070 fffff8a0`0244adc0 00000000`000017e4 0000001b`930b60d8 : nt! ?? ::FNODOBFM::`string'+0x38605
fffff880`0bf3fb90 fffff800`99859453 : fffffa80`4063db00 fffffa80`4063db00 fffff880`0bf3fcc0 00000000`00000001 : nt!NtClose+0x239
fffff880`0bf3fc40 000007ff`5e8d2cda : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ fffff880`0bf3fc40)
0000001b`9069f398 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x000007ff`5e8d2cda
start end module name
fffff800`987b1000 fffff800`987ba000 kd kd.dll Thu Jul 26 03:30:34 2012 (5010ABCA)
fffff800`99800000 fffff800`99f4c000 nt ntkrnlmp.exe Sat Jun 01 04:13:17 2013 (51A966CD)
fffff800`99f4c000 fffff800`99fb8000 hal hal.dll Wed Oct 24 04:03:21 2012 (50875A79)
fffff880`00a00000 fffff880`00a34000 ataport ataport.SYS Thu Jul 26 03:29:04 2012 (5010AB70)
fffff880`00a34000 fffff880`00a51000 lsi_sas lsi_sas.sys Fri May 11 20:40:21 2012 (4FAD6B25)
fffff880`00a51000 fffff880`00a5e000 serenum serenum.sys Thu Jul 26 03:30:13 2012 (5010ABB5)
fffff880`00a5e000 fffff880`00a6c000 fdc fdc.sys Thu Jul 26 03:30:15 2012 (5010ABB7)
fffff880`00a7b000 fffff880`00adb000 volmgrx volmgrx.sys Thu Jul 26 03:29:59 2012 (5010ABA7)
fffff880`00adb000 fffff880`00ae4000 intelide intelide.sys Thu Jul 26 03:29:52 2012 (5010ABA0)
fffff880`00ae4000 fffff880`00af3000 PCIIDEX PCIIDEX.SYS Thu Jul 26 03:29:09 2012 (5010AB75)
fffff880`00af3000 fffff880`00b56000 md3dsm md3dsm.sys Wed Aug 22 22:14:46 2012 (50354BC6)
fffff880`00b56000 fffff880`00b87000 msdsm msdsm.sys Sat Oct 05 04:32:09 2013 (524F8839)
fffff880`00b87000 fffff880`00ba0000 vmci vmci.sys Tue May 01 02:14:27 2012 (4F9F38F3)
fffff880`00ba0000 fffff880`00bb5000 vsock vsock.sys Fri Aug 30 20:25:34 2013 (5220F1AE)
fffff880`00bb5000 fffff880`00bcf000 mountmgr mountmgr.sys Thu Jul 26 03:29:33 2012 (5010AB8D)
fffff880`00bcf000 fffff880`00bd9000 atapi atapi.sys Thu Jul 26 03:30:33 2012 (5010ABC9)
fffff880`00bd9000 fffff880`00bf0000 vmxnet3n61x64 vmxnet3n61x64.sys Fri Sep 27 10:40:11 2013 (5245527B)
fffff880`00bf0000 fffff880`00bfa000 pnpmem pnpmem.sys Thu Jul 26 03:30:11 2012 (5010ABB3)
fffff880`00c40000 fffff880`00c9f000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Thu Jul 26 03:30:12 2012 (5010ABB4)
fffff880`00c9f000 fffff880`00cfb000 CLFS CLFS.SYS Thu Jul 26 03:29:39 2012 (5010AB93)
fffff880`00cfb000 fffff880`00d1e000 tm tm.sys Thu Jul 26 03:29:01 2012 (5010AB6D)
fffff880`00d1e000 fffff880`00d33000 PSHED PSHED.dll Thu Jul 26 05:53:53 2012 (5010CD61)
fffff880`00d33000 fffff880`00d3d000 BOOTVID BOOTVID.dll Thu Jul 26 03:30:22 2012 (5010ABBE)
fffff880`00d3d000 fffff880`00dbc000 CI CI.dll Thu Mar 28 03:30:42 2013 (5153B962)
fffff880`00dbc000 fffff880`00de1000 rasl2tp rasl2tp.sys Thu Jul 26 03:23:16 2012 (5010AA14)
fffff880`00e00000 fffff880`00e49000 spaceport spaceport.sys Sat Oct 05 04:32:08 2013 (524F8838)
fffff880`00e49000 fffff880`00e61000 volmgr volmgr.sys Thu Jul 26 03:29:22 2012 (5010AB82)
fffff880`00e61000 fffff880`00ea9000 vm3dmp vm3dmp.sys Wed Oct 09 05:25:53 2013 (5254DAD1)
fffff880`00eb5000 fffff880`00f41000 cng cng.sys Thu Oct 11 06:17:34 2012 (5076566E)
fffff880`00f41000 fffff880`00f5b000 raspppoe raspppoe.sys Thu Jul 26 03:24:55 2012 (5010AA77)
fffff880`00f5c000 fffff880`00f99000 mpio mpio.sys Sat Sep 28 04:37:24 2013 (52464EF4)
fffff880`00f99000 fffff880`00fd3000 md3utm md3utm.sys Wed Aug 22 22:14:56 2012 (50354BD0)
fffff880`00fd3000 fffff880`00fef000 intelppm intelppm.sys Tue Nov 06 03:55:02 2012 (50988A16)
fffff880`01000000 fffff880`0106d000 ACPI ACPI.sys Thu Sep 20 07:09:16 2012 (505AB30C)
fffff880`01075000 fffff880`010d8000 msrpc msrpc.sys Thu Jul 26 03:28:37 2012 (5010AB55)
fffff880`010d8000 fffff880`0119a000 Wdf01000 Wdf01000.sys Sat Jun 22 04:13:05 2013 (51C51641)
fffff880`0119a000 fffff880`011aa000 WDFLDR WDFLDR.SYS Sat Jun 22 04:14:38 2013 (51C5169E)
fffff880`011aa000 fffff880`011c1000 acpiex acpiex.sys Thu Jul 26 03:25:57 2012 (5010AAB5)
fffff880`011c1000 fffff880`011cc000 WppRecorder WppRecorder.sys Thu Jul 26 03:29:07 2012 (5010AB73)
fffff880`011cc000 fffff880`011d6000 WMILIB WMILIB.SYS Thu Jul 26 03:30:04 2012 (5010ABAC)
fffff880`011d6000 fffff880`011f7000 raspptp raspptp.sys Thu Jul 26 03:23:13 2012 (5010AA11)
fffff880`01400000 fffff880`0140d000 vdrvroot vdrvroot.sys Thu Jul 26 03:27:29 2012 (5010AB11)
fffff880`0140d000 fffff880`01424000 pdc pdc.sys Fri Mar 01 04:58:34 2013 (5130357A)
fffff880`01424000 fffff880`0143e000 partmgr partmgr.sys Wed Jan 09 04:01:42 2013 (50ECEBA6)
fffff880`01444000 fffff880`0153f000 NDIS NDIS.SYS Sat Jun 15 06:11:35 2013 (51BBF787)
fffff880`0153f000 fffff880`015ae000 NETIO NETIO.SYS Thu Oct 11 06:16:20 2012 (50765624)
fffff880`015ae000 fffff880`015b8000 msisadrv msisadrv.sys Thu Jul 26 03:28:02 2012 (5010AB32)
fffff880`015b8000 fffff880`015f5000 pci pci.sys Thu Jul 26 03:27:43 2012 (5010AB1F)
fffff880`01800000 fffff880`01816000 datascrn datascrn.sys Thu Jul 26 03:29:13 2012 (5010AB79)
fffff880`01816000 fffff880`01824000 cbafilt cbafilt.sys Thu Jul 26 03:29:05 2012 (5010AB71)
fffff880`01824000 fffff880`0186c000 msiscsi msiscsi.sys Mon Feb 03 16:23:09 2014 (52EFC26D)
fffff880`0186c000 fffff880`01877000 kdnic kdnic.sys Thu Jul 26 03:27:41 2012 (5010AB1D)
fffff880`01877000 fffff880`01889000 umbus umbus.sys Thu Jul 26 03:27:39 2012 (5010AB1B)
fffff880`01889000 fffff880`018a9000 i8042prt i8042prt.sys Thu Jul 26 03:28:50 2012 (5010AB62)
fffff880`018a9000 fffff880`018b8000 kbdclass kbdclass.sys Thu Jul 26 03:28:47 2012 (5010AB5F)
fffff880`018b8000 fffff880`018c7000 mouclass mouclass.sys Thu Jul 26 03:28:47 2012 (5010AB5F)
fffff880`018c7000 fffff880`018e5000 parport parport.sys Thu Jul 26 03:29:53 2012 (5010ABA1)
fffff880`018e5000 fffff880`018fd000 serial serial.sys Thu Jul 26 03:30:01 2012 (5010ABA9)
fffff880`018fd000 fffff880`01952000 storport storport.sys Mon Feb 03 16:23:24 2014 (52EFC27C)
fffff880`01952000 fffff880`019b2000 fltmgr fltmgr.sys Thu Jul 26 03:30:09 2012 (5010ABB1)
fffff880`019b2000 fffff880`019e0000 quota quota.sys Thu Jul 26 03:29:14 2012 (5010AB7A)
fffff880`019e0000 fffff880`019f4000 dfsrro dfsrro.sys Thu Jul 26 03:29:13 2012 (5010AB79)
fffff880`019f4000 fffff880`01a00000 BATTC BATTC.SYS Thu Oct 11 06:19:58 2012 (507656FE)
fffff880`01a00000 fffff880`01a2c000 tunnel tunnel.sys Thu Jul 26 03:23:04 2012 (5010AA08)
fffff880`01a2c000 fffff880`01a3b000 CompositeBus CompositeBus.sys Thu Jul 26 03:28:03 2012 (5010AB33)
fffff880`01a3b000 fffff880`01a45000 vmgencounter vmgencounter.sys Thu Jul 26 03:27:58 2012 (5010AB2E)
fffff880`01a45000 fffff880`01c2a000 Ntfs Ntfs.sys Sun Jan 26 23:28:35 2014 (52E59A23)
fffff880`01c2a000 fffff880`01c45000 ksecdd ksecdd.sys Thu Sep 20 07:09:16 2012 (505AB30C)
fffff880`01c45000 fffff880`01c56000 pcw pcw.sys Thu Jul 26 03:28:44 2012 (5010AB5C)
fffff880`01c56000 fffff880`01c60000 Fs_Rec Fs_Rec.sys Thu Jul 26 03:30:08 2012 (5010ABB0)
fffff880`01c60000 fffff880`01c8f000 ksecpkg ksecpkg.sys Thu Oct 11 06:16:46 2012 (5076563E)
fffff880`01c8f000 fffff880`01cc0000 cdrom cdrom.sys Thu Jul 26 03:26:36 2012 (5010AADC)
fffff880`01cc0000 fffff880`01d2b000 dedup dedup.sys Sat Oct 05 04:31:38 2013 (524F881A)
fffff880`01d2b000 fffff880`01d3a000 vmrawdsk vmrawdsk.sys Sun Dec 15 03:36:38 2013 (52AD23C6)
fffff880`01d3a000 fffff880`01d47000 BasicRender BasicRender.sys Thu Jul 26 03:28:51 2012 (5010AB63)
fffff880`01d47000 fffff880`01d53000 mssmbios mssmbios.sys Thu Jul 26 03:29:19 2012 (5010AB7F)
fffff880`01d53000 fffff880`01d64000 discache discache.sys Thu Jul 26 03:28:23 2012 (5010AB47)
fffff880`01d64000 fffff880`01d85000 dfsc dfsc.sys Wed Jan 15 23:42:58 2014 (52D71D02)
fffff880`01d85000 fffff880`01d91000 ndistapi ndistapi.sys Thu Sep 20 07:09:19 2012 (505AB30F)
fffff880`01d91000 fffff880`01dc0000 ndiswan ndiswan.sys Thu Jul 26 03:23:13 2012 (5010AA11)
fffff880`01dc0000 fffff880`01dde000 rassstp rassstp.sys Thu Jul 26 03:23:59 2012 (5010AA3F)
fffff880`01dde000 fffff880`01df6000 AgileVpn AgileVpn.sys Thu Jul 26 03:23:11 2012 (5010AA0F)
fffff880`01df6000 fffff880`01dfc400 CmBatt CmBatt.sys Thu Jul 26 03:29:20 2012 (5010AB80)
fffff880`01e00000 fffff880`01e54000 CLASSPNP CLASSPNP.SYS Sat Jun 29 04:07:45 2013 (51CE4F81)
fffff880`01e54000 fffff880`01e68000 crashdmp crashdmp.sys Fri Aug 30 04:11:28 2013 (52200D60)
fffff880`01e75000 fffff880`01e7e000 Null Null.SYS Thu Jul 26 03:30:16 2012 (5010ABB8)
fffff880`01e81000 fffff880`020ba000 tcpip tcpip.sys Wed Jan 22 04:28:22 2014 (52DF48E6)
fffff880`020ba000 fffff880`02122000 fwpkclnt fwpkclnt.sys Fri Mar 01 04:55:54 2013 (513034DA)
fffff880`02122000 fffff880`0213d000 wfplwfs wfplwfs.sys Thu Oct 10 04:32:19 2013 (52561FC3)
fffff880`0213d000 fffff880`02191000 volsnap volsnap.sys Sat Jun 01 04:10:22 2013 (51A9661E)
fffff880`02191000 fffff880`021a8000 mup mup.sys Thu Jul 26 03:30:00 2012 (5010ABA8)
fffff880`021a8000 fffff880`021b4000 npsvctrig npsvctrig.sys Thu Jul 26 03:27:33 2012 (5010AB15)
fffff880`021b4000 fffff880`021d0000 disk disk.sys Sat Oct 12 07:31:15 2013 (5258ECB3)
fffff880`021ed000 fffff880`021ff000 dfs dfs.sys Thu Jul 26 03:28:21 2012 (5010AB45)
fffff880`03800000 fffff880`03863000 mrxsmb mrxsmb.sys Tue Feb 05 22:29:08 2013 (511187B4)
fffff880`0389c000 fffff880`038eb000 ks ks.sys Sat Feb 02 07:25:50 2013 (510CBF7E)
fffff880`038eb000 fffff880`038f6000 rdpbus rdpbus.sys Thu Jul 26 03:28:19 2012 (5010AB43)
fffff880`038f6000 fffff880`0390a000 NDProxy NDProxy.SYS Tue Apr 09 03:33:41 2013 (51637E05)
fffff880`0390a000 fffff880`03915000 flpydisk flpydisk.sys Thu Jul 26 03:30:15 2012 (5010ABB7)
fffff880`03915000 fffff880`03922000 dump_diskdump dump_diskdump.sys Thu Jul 26 03:29:58 2012 (5010ABA6)
fffff880`03922000 fffff880`0393f000 dump_LSI_SAS dump_LSI_SAS.sys Fri May 11 20:40:21 2012 (4FAD6B25)
fffff880`0393f000 fffff880`03947000 HIDPARSE HIDPARSE.SYS Sat Jun 29 04:08:18 2013 (51CE4FA2)
fffff880`03947000 fffff880`03955000 monitor monitor.sys Fri Mar 01 04:56:18 2013 (513034F2)
fffff880`03955000 fffff880`0397d000 luafv luafv.sys Thu Jul 26 03:29:13 2012 (5010AB79)
fffff880`0397d000 fffff880`03991000 lltdio lltdio.sys Thu Jul 26 03:24:02 2012 (5010AA42)
fffff880`03991000 fffff880`039a9000 rspndr rspndr.sys Thu Jul 26 03:24:06 2012 (5010AA46)
fffff880`039a9000 fffff880`039c9000 bowser bowser.sys Thu Jul 26 03:28:01 2012 (5010AB31)
fffff880`039c9000 fffff880`039e0000 mpsdrv mpsdrv.sys Thu Oct 31 03:42:19 2013 (5271D19B)
fffff880`03c00000 fffff880`03c73000 rdbss rdbss.sys Sat May 04 05:47:00 2013 (518492C4)
fffff880`03c73000 fffff880`03c8d000 wanarp wanarp.sys Tue Apr 09 03:31:00 2013 (51637D64)
fffff880`03c8d000 fffff880`03c9b000 nsiproxy nsiproxy.sys Thu Jul 26 03:25:00 2012 (5010AA7C)
fffff880`03c9b000 fffff880`03ca3000 vmmouse vmmouse.sys Mon Jun 04 10:34:25 2012 (4FCC8121)
fffff880`03ca3000 fffff880`03e0c000 dxgkrnl dxgkrnl.sys Thu Sep 19 04:16:23 2013 (523A6C87)
fffff880`03e0c000 fffff880`03e1d000 watchdog watchdog.sys Thu Jul 26 03:29:05 2012 (5010AB71)
fffff880`03e1d000 fffff880`03e6b000 dxgmms1 dxgmms1.sys Wed Jan 09 03:58:58 2013 (50ECEB02)
fffff880`03e6b000 fffff880`03e7c000 BasicDisplay BasicDisplay.sys Thu Jul 26 03:29:08 2012 (5010AB74)
fffff880`03e7c000 fffff880`03e8e000 Npfs Npfs.SYS Thu Jul 26 03:30:26 2012 (5010ABC2)
fffff880`03e8e000 fffff880`03e9a000 Msfs Msfs.SYS Thu Jul 26 03:30:24 2012 (5010ABC0)
fffff880`03e9a000 fffff880`03ebc000 tdx tdx.sys Thu Jul 26 03:24:58 2012 (5010AA7A)
fffff880`03ebc000 fffff880`03eca000 TDI TDI.SYS Thu Jul 26 03:27:59 2012 (5010AB2F)
fffff880`03eca000 fffff880`03ed6000 ws2ifsl ws2ifsl.sys Thu Sep 20 07:09:50 2012 (505AB32E)
fffff880`03ed6000 fffff880`03f2e000 netbt netbt.sys Thu Jul 26 03:24:26 2012 (5010AA5A)
fffff880`03f2e000 fffff880`03fc4000 afd afd.sys Wed Sep 04 04:11:20 2013 (5226A4D8)
fffff880`03fc4000 fffff880`03fee000 pacer pacer.sys Thu Jul 26 03:23:05 2012 (5010AA09)
fffff880`03fee000 fffff880`03ffe000 netbios netbios.sys Thu Jul 26 03:28:19 2012 (5010AB43)
fffff880`03ffe000 fffff880`03fff480 swenum swenum.sys Thu Jul 26 03:28:53 2012 (5010AB65)
fffff880`0ac00000 fffff880`0acdf000 HTTP HTTP.sys Fri Mar 15 00:17:15 2013 (5142688B)
fffff880`0acdf000 fffff880`0ace7000 vmmemctl vmmemctl.sys Sun Dec 15 03:36:24 2013 (52AD23B8)
fffff880`0acf8000 fffff880`0ad43000 mrxsmb10 mrxsmb10.sys Thu Jul 26 03:23:06 2012 (5010AA0A)
fffff880`0ad43000 fffff880`0ad7e000 mrxsmb20 mrxsmb20.sys Tue Feb 05 22:28:36 2013 (51118794)
fffff880`0b200000 fffff880`0b20d000 condrv condrv.sys Thu Jul 26 03:30:08 2012 (5010ABB0)
fffff880`0b20d000 fffff880`0b2ae000 srv2 srv2.sys Tue Apr 09 03:33:02 2013 (51637DDE)
fffff880`0b2cd000 fffff880`0b399000 peauth peauth.sys Tue Apr 09 03:32:01 2013 (51637DA1)
fffff880`0b399000 fffff880`0b3a4000 secdrv secdrv.SYS Wed Sep 13 14:18:38 2006 (4508052E)
fffff880`0b3a4000 fffff880`0b3e8000 srvnet srvnet.sys Tue Apr 09 03:31:13 2013 (51637D71)
fffff880`0b3e8000 fffff880`0b3fa000 tcpipreg tcpipreg.sys Thu Jul 26 03:23:13 2012 (5010AA11)
fffff880`0b4e3000 fffff880`0b570000 srv srv.sys Thu Jul 26 03:25:28 2012 (5010AA98)
fffff880`0b570000 fffff880`0b57b000 rdpvideominiport rdpvideominiport.sys Fri Oct 12 06:48:28 2012 (5077AF2C)
fffff880`0b57b000 fffff880`0b5ac000 rdpdr rdpdr.sys Thu Jul 26 03:25:18 2012 (5010AA8E)
fffff880`0b5ac000 fffff880`0b5b9000 terminpt terminpt.sys Thu Jul 26 03:28:53 2012 (5010AB65)
fffff960`00118000 fffff960`00508000 win32k win32k.sys Sat Feb 08 04:34:05 2014 (52F5B3BD)
fffff960`006cb000 fffff960`006d4000 TSDDD TSDDD.dll Thu Jul 26 03:30:25 2012 (5010ABC1)
fffff960`00879000 fffff960`008af000 cdd cdd.dll Thu Jul 26 05:49:37 2012 (5010CC61)
fffff960`00a21000 fffff960`00a60000 RDPUDD RDPUDD.dll Fri Oct 12 06:50:01 2012 (5077AF89)
Unloaded modules:
fffff880`01e68000 fffff880`01e75000 dump_storport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000D000
fffff880`021d0000 fffff880`021ed000 dump_LSI_SAS.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0001D000
fffff880`021a8000 fffff880`021b4000 hwpolicy.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000C000
fffff880`00f41000 fffff880`00f5c000 sacdrv.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0001B000
fffff880`00c33000 fffff880`00c40000 ApiSetSchema.dll
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000D000
I have searched for others having a similar problem but have not managed to find much.
The memory dump at the time of the crash does seem to hint at a problem with DFSR.exe.
The setup seems to be running fine again now and is going through its consistency checks, it is just a major inconvenience and will only get worse as the DFS becomes busier and approaches capacity.
The plan was to put this setup into production however with the unpredictability of blue screen reboots I cannot see this happening until I can find a fix or work around.
I have yet to see this problem occur on the other (physical) server, this is pretty much identical in configuration apart from its storage access.
My thoughts are a possible bug in the DFSR component or a bug in the DSM Drivers used for the iSCSI SAN connection or maybe a combination of the two.
Any help, thoughts or suggestions greatly appreciated
ThanksHi,
Please install the current version of Dfssvc.exe Dfsc.sys Dfsrs.exe for Windows Server 2012.
List of currently available hotfixes for Distributed File System (DFS) technologies in Windows Server 2012 and Windows Server 2012 R2
http://support.microsoft.com/kb/2951262
The issue may be due to the DFSRoot folder has lost NTFS permission. Some reasons why DFS root lose ACLs Links are listed in the article below:
How to implement Windows Server 2003 Access-based Enumeration in a DFS environment
http://support.microsoft.com/kb/907458/en-us
You could use dfsutil to set NTFS permission: dfsutil property ACL \\DFS-namespace
Using the Windows Server 2008 DFSUTIL.EXE command line to manage DFS-Namespaces
http://blogs.technet.com/b/josebda/archive/2009/05/01/using-the-windows-server-2008-dfsutil-exe-command-line-to-manage-dfs-namespaces.aspx
To narrow down the issue, you could remove the DFS role to check if the issue related to the dfs namespace and dfs replication roles.
Regards,
Mandy
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
How to check DFS replication status in windows 2008 r2 file server
Hi,
I have created File server DFS namespace between 2 windows 2008 R2 server. namespace mode is 2008. I have copied 3 TB data on file server 1. now it is getting replicated from file server 1 to file server 2. till now the data is not fully replicated.
My question is how can I check the status of DFS replication? how will I come to know that the initial replication is completed.Scorpio. Yes you are right. Microsoft officially says it will not work. My apologies. Thanks for the correction.
Do Ultrasound and Sonar work with DFS Replication?
No. DFS Replication has its own set of monitoring and diagnostics tools. Ultrasound and Sonar are only capable of monitoring FRS.
Is there a way to know the state of replication?
Yes. There are a number of ways to monitor replication:
DFS Replication has a management pack for System Center Operations Manager 2007 that provides proactive monitoring.
DFS Replication has an in-box diagnostic report for the replication backlog, replication efficiency, and the number of files and folders in a given replication group.
Dfsrdiag.exe is a command-line tool that can generate a backlog count or trigger a propagation test. Both show the state of replication. Propagation shows you if files are being replicated to all nodes. Backlog shows you how many files still need to replicate
before two computers are in sync. The backlog count is the number of updates that a replication group member has not processed. On computers running Windows Server 2008 R2, Dfsrdiag.exe can also display the updates that DFS Replication is currently
replicating.
Scripts can use WMI to collect backlog information—manually or through MOM.
Miguel Fra /
Falcon IT Services
Computer & Network Support, Miami, FL
Visit our Knowledgebase and Support Sharepoint Site
Maybe you are looking for
-
Calendar portlet to display by week instead of by month
Hi, Does anyone know how to setup the calendar portlet to display only 7 days at a time, or if this is even possible at all? cheers, Kim
-
Videos won't play in my admin account but will in the user account?
why won't some videos play in my admin account but will in the user account using Safari or FireFox? I have a mid-year 2012 MBP w/Mt Lion OS X10.8.2, I believe all s/w is current. Have deleted cache, reset safari and just about everything I can find
-
I recently received a pop up from 'euro-pol' asking me to pay money to unlock my safari.
I recently received a pop up from 'euro-pol' asking me to pay money to unlock my safari. I searched google on another computer and found it is quite a common malware issue. I found instructions of unlocking safari by resetting safari completely. Safa
-
Federated Portal Network EP7 SP19 Problem
Hi, I've got the following problem regarding FPN: When I click on the Portal in "NetWeaver Content Producers" to open the producer, the following message apears: 13:45:44 - Could not load or refresh node Tree creation failed on node: pcd:NetWeaver_co
-
I have a string by as follows: String name = "aaaaaaaaaahgcnjcdcd";I am trying to validate the above string. When the number of "a" in the string excceds 5 and above, I need to throw an error. I tried as follos: if (name.matches("A{5,}")){ system.out