DNS (srv record missing for PDC)
Hi,
in our company we have a domain with 4 domain controller (all are Windows Server 2008 with domain functional level 2003).
In the DNS, under _msdcs.OURDOMAIN.priv -> _tcp there are only the SRV _ldap record related to 3 domain controller; there isn't the record related to domain controller that holds the PDC role.
From some months we have also issues about GPOs replicas between domain controller.
It makes sense to create the missing record ? There may be a valid reason because it is not present ?
Thank you.
Hi,
Did the PDC host the DNS role at the same time? If yes, please make sure that you have enabled secure dynamic updates on the DNS server. You can stop and restart
DNS server by running the command below at the command prompt:
net stop dns
net start dns
On the PDC, please stop and then restart the Netlogon service by running the commands below to see if the SRV record is created in the DNS server:
Net stop netlogon
Net start netlogon
If the above solution is not helpful, please try to
manually enter the SRV records from Netlogon.dns file in \Windows\System32\Config or create on the DNS console.
Best regards,
Susie
Similar Messages
-
SPA 5xx and 9xx phones registering to all proxies with DNS SRV records
A weird situation -- I use DNS SRV records to prioritize the two Asterisk servers to register to (east coast vs west coast). However it seems that phones are often registering to BOTH servers and show as live on both at the same time. There seems to be little rhyme or reason as to when it occurs, but it's weird. Fortunately the phone does seem to be preferring the higher priority SRV record but I can't figure out why it is registering to both.
This happens with SPA-942s (6.1.5a) and SPA504Gs (7.4.9c).
Any ideas what makes this happen? On the surface it seems like a good thing, but functionally the phones are registering the same port numbers and only the priority server can get through firewalls with traffic for the phones. This screws up my "presence" indicators within the system.
DNS SRV RECORDS:
_sip._udp.west.server.net (for west coast customers)
Priority 10: west coast machine
Priority 20: east coast machine
_sip._udp.east.server.net (for east coast customers)
Priority 10: east coast machine
Priority 20: west coast machineWe determined this was not actually happening. There was a syncing taking place in the background that was giving the impression this was happening but it really was not.
-
Installed Cisco Unity 7 on Windows Server 2000 and Unity Server is on Domain,and Exchange we are using is Exhcnage 2007. When we reach at Message Store Wizard it is showing some error at the end that " Failed reaching for Unity in Active Directory Global Catalog. The SVR Record may be missing in DNS Table" . It shows when we slected Exchange in Process and the Selected Storage Group. And the it takes time and then shows error. Please try to resolve this issue soon, we need this solution urgently. We have already spent several days on different issues regarding Unity.
If you need to talk regarding this matter, Please contact on +919780660619, and the conatct person name is Manav.
Thanks in Advance
RosyRosy,
We cannot call you from this forum. If you truly need a call, you can open a TAC case. The info I can tell you is that you need to fix this in your dns. A simple google search of "no SRV record Windows 2000 server" comes up with numerous resources that can help you fix this. Here is just one example.
http://support.microsoft.com/kb/241505
and
http://www.petri.co.il/active_directory_srv_records.htm
I would also advise you, if you are doing a new install with Unity 7 and that version of Exchange, that you use Windows 2003 as the OS. Even MS doesn't support Windows 2000 Server any more so if you end up having an OS issue on your Unity server, we will not be able to get MS to help you. From a support perspective, I would advise you to use Windows 2003 Server in this implimentation.
Thanks!
Tray -
Serious bug: call set-up problem in case of several DNS SRV records
Hello Cisco,
We have a MCU that consists of two servers in cluster. We have SIP SRV DNS records that point to both servers with equal priority and weight.
All applications work nice with such setup, except from Free Jabber. Jabber is unable to set up the connection most of the time. One time the connection is successful and 5, maybe even 10 times it is unsuccessful.
For testing, we removed SIP DNS records pointing to one server. This way Jabber works much better. There are some cases when the call set up fails but in most cases it works.
Looking the logs of the MCU, we can see three different ways, how call set-up may fail. It is probably unreasonable describe the details in this forum message. Anyway, it seems to be sure that in case there SIP SRV records point to one server then Jabber is able to connect the MCU, in case the records point to two servers equally then Jabber is pricnipally unable to connect the MCU. This bug should be fixed, IMHO.
Btw, what record does Jabber follow, is it _sips._tcp or _sip._tls?
Greetings and thank you in advance,
Marko LauritsHello Cisco,
We have a MCU that consists of two servers in cluster. We have SIP SRV DNS records that point to both servers with equal priority and weight.
All applications work nice with such setup, except from Free Jabber. Jabber is unable to set up the connection most of the time. One time the connection is successful and 5, maybe even 10 times it is unsuccessful.
For testing, we removed SIP DNS records pointing to one server. This way Jabber works much better. There are some cases when the call set up fails but in most cases it works.
Looking the logs of the MCU, we can see three different ways, how call set-up may fail. It is probably unreasonable describe the details in this forum message. Anyway, it seems to be sure that in case there SIP SRV records point to one server then Jabber is able to connect the MCU, in case the records point to two servers equally then Jabber is pricnipally unable to connect the MCU. This bug should be fixed, IMHO.
Btw, what record does Jabber follow, is it _sips._tcp or _sip._tls?
Greetings and thank you in advance,
Marko Laurits -
Hi,
We are having an issue where DNS Host records seem to be missing, a user logs on and they don't get their group policies. They can logon again and get their group policies. However the DNS Host record is still not created on the DNS Servers.
If we reboot the PC the DNS record is created. What is going on.
We have 2 DC's running DNS, and one of them runs DHCP.Hi,
According to your description, my understanding is that client does not registry record in DNS server when user logon. And the DNS record will be created after rebooting the client.
DNS updates can be sent for any of the following reasons or events:
1. An IP address is added, removed, or modified in the TCP/IP properties configuration for any one of the installed network connections.
2. An IP address lease changes or renews with the DHCP server any one of the installed network connections. For example, when the computer is started or if the
ipconfig /renew command is used.
3. The ipconfig /registerdns command is used to manually force a refresh of the client name registration in DNS.
4. At startup time, when the computer is turned on.
5. A member server is promoted to a domain controller.
A user logon behavior will not trigger DNS update/registry. You may Open CMD on client and type
ipconfig /registerdns command to manually force a refresh of the client name registration in DNS.
If I have any misunderstanding about your question, please correct.
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
SRV record required for sip communication?
I'm in the process of starting up a lync 2013 deployment while we have an existing OCS 2007 R1 environment running. I'm getting numerous errors and the Front end service won't start. Some errors report:
Cause: The Mediation Server service cannot communicate with the Front End Service over SIP due to network connectivity issues.
Currently in Lync 2013 I have A records and an alias as following pointing to a HLB VIP. All the following records are pointing to the same IP which is has all ports open.
Host
lyncpool01.domain.com
Alias (CNAME)
LyncDiscoverInternal.domain.com
A
meet.domain.com
A
dialin.domain.com
A
LyncAdmin.domain.com
Since I have an OCS 2007R1 environment running I can't use the same srv record for _sipinternalstls.ready.
I just got done running through the entire upgrade for everything including the BE DB. Stopped all services, ran the gui upgrade, broke the mirrored database and did the upgrade, reenabled it, etc.
So I verified my upgrade with my standard ed test environment and all version numbers look good now.
Still can't start services. RTCSRV failed to start within expected timeframe.
also:
Log Name: Lync Server
Source: LS Mediation Server
Date: 3/31/2014 3:27:31 PM
Event ID: 25053
Task Category: (1030)
Level: Error
Keywords: Classic
User: N/A
Computer: lvhlyncfe01.lvh.com
Description:
The description for Event ID 25053 from source LS Mediation Server cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
lyncpool01.lvh.com
False
Microsoft.Rtc.Signaling.ConnectionFailureException:Unable to establish a connection. ---> System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it 10.17.171.125:5061
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at Microsoft.Rtc.Internal.Sip.TcpTransport.OnConnected(Object arg)
--- End of inner exception stack trace ---
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.ThrowIfFailed()
at Microsoft.Rtc.Signaling.SipAsyncResultBase2.EndAsyncOperation[TResult](Object owner, IAsyncResult result)
at Microsoft.RTC.MediationServerCore.PeriodicOptionsSender.FinishSendOptionMessage(IAsyncResult ar)
Detected at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.Rtc.Signaling.RealTimeException..ctor(String message, Exception innerException)
at Microsoft.Rtc.Signaling.ExceptionUtilities.TryMapS4Exception(Exception s4Exception, SecurityAssociationContext securityContext, Boolean isSipEndpoint, String traceId, Object parentObject, Object childObject, RealTimeException& ex)
at Microsoft.Rtc.Signaling.SipTransactionAsyncResult`1.ConnectionConnectCompleted(IAsyncResult result)
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.MakeCallback()
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.Complete(TEx ex, Boolean synchronousCompletion)
at Microsoft.Rtc.Signaling.RealTimeConnection.CompletePendingConnects(IEnumerable`1 results, RealTimeException exception)
at Microsoft.Rtc.Signaling.RealTimeConnection.<.ctor>b__1(SipConnection sender, Object reason)
at Microsoft.Rtc.Internal.Sip.SipConnection.FireDisconnectedEvent(Object reason)
at Microsoft.Rtc.Internal.Sip.SingleThreadedDispatcherQueue.DispatcherCallback(Object queue)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
The handle is invalid
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="LS Mediation Server" />
<EventID Qualifiers="50182">25053</EventID>
<Level>2</Level>
<Task>1030</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-03-31T19:27:31.000000000Z" />
<EventRecordID>1466</EventRecordID>
<Channel>Lync Server</Channel>
<Computer>lvhlyncfe01.lvh.com</Computer>
<Security />
</System>
<EventData>
<Data>lyncpool01.lvh.com</Data>
<Data>False</Data>
<Data>Microsoft.Rtc.Signaling.ConnectionFailureException:Unable to establish a connection. ---> System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it 10.17.171.125:5061
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at Microsoft.Rtc.Internal.Sip.TcpTransport.OnConnected(Object arg)
--- End of inner exception stack trace ---
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.ThrowIfFailed()
at Microsoft.Rtc.Signaling.SipAsyncResultBase2.EndAsyncOperation[TResult](Object owner, IAsyncResult result)
at Microsoft.RTC.MediationServerCore.PeriodicOptionsSender.FinishSendOptionMessage(IAsyncResult ar)
Detected at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.Rtc.Signaling.RealTimeException..ctor(String message, Exception innerException)
at Microsoft.Rtc.Signaling.ExceptionUtilities.TryMapS4Exception(Exception s4Exception, SecurityAssociationContext securityContext, Boolean isSipEndpoint, String traceId, Object parentObject, Object childObject, RealTimeException& ex)
at Microsoft.Rtc.Signaling.SipTransactionAsyncResult`1.ConnectionConnectCompleted(IAsyncResult result)
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.MakeCallback()
at Microsoft.Rtc.Signaling.SipAsyncResult2`1.Complete(TEx ex, Boolean synchronousCompletion)
at Microsoft.Rtc.Signaling.RealTimeConnection.CompletePendingConnects(IEnumerable`1 results, RealTimeException exception)
at Microsoft.Rtc.Signaling.RealTimeConnection.<.ctor>b__1(SipConnection sender, Object reason)
at Microsoft.Rtc.Internal.Sip.SipConnection.FireDisconnectedEvent(Object reason)
at Microsoft.Rtc.Internal.Sip.SingleThreadedDispatcherQueue.DispatcherCallback(Object queue)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()</Data>
</EventData>
</Event> -
How do I correct this error pairing record missing for iPad in iTunes?
How do I correct the error pairing record missing in iTunes for my iPad?
Quit iTunes, restart your computer, restart the iPad and then try again. Try another USB port as well.
-
Hi
I have been doing an audit of our DNS zones and notice that some or other user has must have mistakenly registered their desktop as a kms host, since I see a DNS SRV record pointing to their pc on port 1688.
This has caused problems for us so much so that we now activate using another kms host that is not part of our domain. my question is this: can I go into dns and simply manually edit this incorrect SRV record to reflect the correct dns name of the working
kms host server?Hi,
Do you mean that you still cannot find out the host according to the record?
As a workaround, we can disable KMS host from publishing SRV record by creating a registry key via GPO. Even if someone configure a KMS host in your
environment, DNS record will not be published. Remember not to apply to your real KMS host.
Edit the GPO with the following:
Computer Configuration>Preferences>Windows Settings>Registry
Create a new
DWORD value called
DisableDnsPublishing in the registry, and set its value to
1. This value is at
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform in the registry. To re-enable the default behavior for publishing of KMS SRV records to DNS,
set the value to 0.
Hope this helps. -
SRV Record for TC Software(SX20,C20)
Hi all,
We tested DNS SRV record for two VCS-Cs that are not clustered.
MCU works fine with those SRV records, but C20, SX20 do not work.
Can't TC endpoints receive SRV records?
VCS:X8.2.1
MCU5300:4.5(1.45)
C20,SX20:TC7.2.0
Best Regards,
KotaroHi Patrick,
Sorry for the late reply.
I mentioned "MCU works fine with those SRV records, " but actually it didn't work.
The MCU just received two GKs IP addresses as Alternative Gatekeeper.
Now we use records below.
We configure "vcs1.test.local" as an SX20's Gatekeeper.
But when "vcs1.test.local" fails, the SX20 never register with "vcs2.test.local".
=====DNS Records=====
vcs1.test.local(A) and its Pointer record.
vcs2.test.local(A) and its Pointer record.
_h323cs._tcp.test.local
priority=1
weight=0
port=1720
svr hostname=vcs1.test.local
_h323cs._tcp.test.local
priority=10
weight=0
port=1720
svr hostname=vcs2.test.local
_h323ls._udp.test.local
priority=1
weight=0
port=1719
svr hostname=vcs1.test.local
_h323ls._udp.test.local
priority=10
weight=0
port=1719
svr hostname=vcs2.test.local
_h323rs._udp.test.local
priority=1
weight=0
port=1719
svr hostname=vcs1.test.local
_h323rs._udp.test.local
priority=10
weight=0
port=1719
svr hostname=vcs2.test.local
Best Regards,
Kotaro -
Does iOS support SRV records for Active Sync autodiscovery?
See http://support.microsoft.com/kb/940881#
From my testing, the answer is "no". I'm sure my SRV records are correct, but when adding an account in iOS the user is still prompted for a server address. Has anyone made this work?Hello!
The GSS itself only supports A records, meaning it only responds to that type of query from a client. You can configure an NS forwarder to push non-A records to another server that can handle it. As well, you can run CNR in conjunction with the GSS which will respond to MX, SRV, and NS records. Some versions of GSS code allowed you to run CNR on the GSS itself. (CNR = Cisco Network Registrar).
More specifically to your question - CNR supports RFC 2052 (SRV records) and is fully interoperable with Dynamic DNS SRV records (RFC 2782).
Regards,
Chris Higgins -
Lync on premises with Exchange online UM SRV record
Hi,
We have Lync 2013 on premises and we have Hybrid exchange deployment, recently we have integrated Lync on premises with Exchange online UM, we have configured subscriber access and I have done all configuration, created hosted voice mail policy, created
Subscriber access UM contact.
Problem is that if a user dials from Lync client to voice mail (Exchange online UM Subscriber Access number) the call successfully establish, if the same user is outside the organization and wants to call the Exchange online UM Subscriber
Access number from his mobile or from his home phone number the call doesn't connect, this problem is not from the same user any one from outside the organization can not call to subscriber access number from his mobile or from his landline (outside the organization
numbers)
I have done some logging on Lync Edge server and found two things:
When a user calls from Lync client to O365 UM Subscriber access the call establish successfully and when I see the call logs I am seeing the
[email protected] and SRV record for the domain.com is verified
When a user calls from outside the organization (Landline or mobile) to O365 UM subscriber access the call doesn't establish and when I see the call logs I am seeing
[email protected] and subscriber access number as
[email protected] and the error says Unable to resolve DNS SRV record for domain it.domain.com.
Please note our internal domain is it.domain.com and our external or smtp domain is domain.com
In Lync 2013 the default sip domain is also it.domain.com and additional sip domain is domain.com
Pleasae help me to resolve the issue.
If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft LyncThe issue is that your default domain is it.domain.com. I suspect that even if your Edge server is able to route this call back to Exchange online, that tenant will reject this call as it will not be able to find it.domain.com or federation SRV record associated
with it.
You will need to change your default SIP domain to your public SIP domain. If you decide to do this, please note that you will also need to review any impact on the simple URLs (and certificates if applicable).
It is also recommended to perform an export-csconfiguration command to backup the topology before making these changes.
Hope this helps.
SinghP80 -
Can Cisco SPA phones use DNS SRV record to find and select outbound proxy even if there are 3 or 4 answered from the DNS query?
Is there a way to over-ride the cost and weight with custom selection method?If implemented according RFC2782 the device should contact proxy1.doman.com, then proxy2.doman.com then either proxy3.doman.com or proxy4.doman.com with probability 50:50.
So what's your question ? Are you asking if particular device's resolver follow the RFC2782 correctly ? You didn't specified device nor exact firmware version so it's not possible to answer. And implementation may vary between product's model and firmware version.
Just try it on your particular hardware and firmware - it's simple test. It should work if implemented correctly ...
Sorry if it's not the answer you wished for ... -
so we currently have three domain controllers set up, two of them on 2012r2 and one of them on 2008r2. prior to any of these domain controllers being added to the domain there was only one, running on 2003r2. the 2003r2 server was up and running when the
first 2012r2 was added and that's when running 'dcdiag /e /c /v' would yield an issue with "_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local" in the DNS portion of the diagnostics, specifically:
TEST: Records registration (RReg)
Network Adapter [00000010] Microsoft Hyper-V Network Adapter:
Error:
Missing SRV record at DNS server 192.168.22.4:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
after adding the second 2012r2 to the domain, this issue is still there... adding the 2008r2 server to the domain and running BPA it gives the following:
Title:
This domain controller must register a DNS SRV resource record, which is required for replication to function correctly
Severity:
Error
Date:
7/3/2014 11:24:48 AM
Category:
Configuration
Issue:
The "DcByGuid" DNS service (SRV) resource record that advertises this server as an available domain controller in the domain and ensures correct replication is not registered. All domain controllers (but not RODCs) in the domain must register this record.
Impact:
Other member computers and domain controllers in the domain or forest will not be able to locate this domain controller. This domain controller will not be able to provide a full suite of services.
Resolution:
Ensure that "DcByGuid" is not configured in the "DnsAvoidRegisteredRecords" list, either through Group Policy or through the registry. Restart the Netlogon service. Verify that the DNS service (SRV) resource record "_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local", pointing to the local domain controller "CM-DC4-NY01.cmedia.local", is registered in DNS.
More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=126968
I've tried scanning and then re-scanning every single entry in DNS Manager and do not see any reference to this specific GUID mentioned, nor do I see any other domain controllers referenced that should not be in there. The two 2012r2 and the 2008r2 domain
controllers are the only ones listed in DNS Manager... the 2003r2 mentioned earlier failed and was removed.Just to chime in, I noticed that you said you have one 2008 R2 DC, and two 2012 DCs.
I also noticed in the ipconfig /all that all DCs are pointint to themselves for DNS. We usually like to see them point to a partner, then itslelf as the second entry, w hether loopback or by its own IP.
Based on that, what I suggest to level the playing field by choosing the WIndows 2008 R2 DC as the first DNS on all DCs and only administer DNS using that DC. The reason I chose that is because of the least common denominator is what we rather use so we
don't invoke any new features in the newer 2012 DNS console that 2008 R2 may not understand. After that's done, on each DC run (and you can use a PowerShell window to run this):
Rename the system32\config\netlogon.dns and netlogon.dnb files by suffixing ".old" to the file.
ipconfig /registerdns
net stop netlogon
net start netlogon
Then re-run the dcdiag /e /c /v.
Post your results, please.
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
I thought the DNS entries were supposed to be the other way around? point to themselves first and a partner as secondary? regardless, as requested, I've changed it to what you've prescribed where they point to the 2008r2 server as the primary with themselves
as the secondary. I've also followed the steps to what seems like refreshing the DNS? on each of the DCs. Here's the output from dcdiag /e /c /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine CM-DC1-NY01, is a Directory Server.
Home Server = CM-DC1-NY01
* Connecting to directory service on server CM-DC1-NY01.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=cmedia,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory
=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cmedia
,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=cmedia,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=nt
DSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites
,CN=Configuration,DC=cmedia,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CM-DC3-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites
,CN=Configuration,DC=cmedia,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CM-DC4-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites
,CN=Configuration,DC=cmedia,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 3 DC(s). Testing 3 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\CM-DC1-NY01
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... CM-DC1-NY01 passed test Connectivity
Testing server: Default-First-Site-Name\CM-DC3-NY01
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... CM-DC3-NY01 passed test Connectivity
Testing server: Default-First-Site-Name\CM-DC4-NY01
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... CM-DC4-NY01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CM-DC1-NY01
Starting test: Advertising
The DC CM-DC1-NY01 is advertising itself as a DC and having a DS.
The DC CM-DC1-NY01 is advertising as an LDAP server
The DC CM-DC1-NY01 is advertising as having a writeable directory
The DC CM-DC1-NY01 is advertising as a Key Distribution Center
The DC CM-DC1-NY01 is advertising as a time server
The DS CM-DC1-NY01 is advertising as a GC.
......................... CM-DC1-NY01 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CM-DC1-NY01 for domain cmedia.local in site Default-First-Site-Name
Checking machine account for DC CM-DC1-NY01 on DC CM-DC1-NY01.
* SPN found :LDAP/CM-DC1-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC1-NY01.cmedia.local
* SPN found :LDAP/CM-DC1-NY01
* SPN found :LDAP/CM-DC1-NY01.cmedia.local/cmedia
* SPN found :LDAP/a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/a29d12f1-2869-44bf-8e43-adf7ddf33865/cmedia.local
* SPN found :HOST/CM-DC1-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC1-NY01.cmedia.local
* SPN found :HOST/CM-DC1-NY01
* SPN found :GC/CM-DC1-NY01.cmedia.local/cmedia.local
[CM-DC1-NY01] No security related replication errors were found on this DC! To target the connection to a
specific source DC use /ReplSource:<DC>.
......................... CM-DC1-NY01 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC1-NY01 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... CM-DC1-NY01 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... CM-DC1-NY01 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC1-NY01 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC1-NY01 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... CM-DC1-NY01 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role Domain Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role PDC Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Rid Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=cmedia,DC=local
......................... CM-DC1-NY01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC CM-DC1-NY01 on DC CM-DC1-NY01.
* SPN found :LDAP/CM-DC1-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC1-NY01.cmedia.local
* SPN found :LDAP/CM-DC1-NY01
* SPN found :LDAP/CM-DC1-NY01.cmedia.local/cmedia
* SPN found :LDAP/a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/a29d12f1-2869-44bf-8e43-adf7ddf33865/cmedia.local
* SPN found :HOST/CM-DC1-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC1-NY01.cmedia.local
* SPN found :HOST/CM-DC1-NY01
* SPN found :HOST/CM-DC1-NY01.cmedia.local/cmedia
* SPN found :GC/CM-DC1-NY01.cmedia.local/cmedia.local
......................... CM-DC1-NY01 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CM-DC1-NY01.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=cmedia,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=cmedia,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=cmedia,DC=local
(Domain,Version 3)
......................... CM-DC1-NY01 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CM-DC1-NY01\netlogon
Verified share \\CM-DC1-NY01\sysvol
......................... CM-DC1-NY01 passed test NetLogons
Starting test: ObjectsReplicated
CM-DC1-NY01 is in domain DC=cmedia,DC=local
Checking for CN=CM-DC1-NY01,OU=Domain Controllers,DC=cmedia,DC=local in domain DC=cmedia,DC=local o
n 3 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuratio
n,DC=cmedia,DC=local in domain CN=Configuration,DC=cmedia,DC=local on 3 servers
Object is up-to-date on all servers.
......................... CM-DC1-NY01 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
......................... CM-DC1-NY01 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... CM-DC1-NY01 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 16109 to 1073741823
* CM-DC1-NY01.cmedia.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 4609 to 5108
* rIDPreviousAllocationPool is 4609 to 5108
* rIDNextRID: 4629
......................... CM-DC1-NY01 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CM-DC1-NY01 passed test Services
Starting test: SystemLog
* The System Event log test
A warning event occurred. EventID: 0x0000002F
Time Generated: 07/08/2014 13:19:14
Event String:
Time Provider NtpClient: No valid response has been received from manually configured peer 0.ca.pool.ntp.org
after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a n
ew peer with this DNS name. The error was: The peer is unreachable.
Found no errors in "System" Event log in the last 60 minutes.
......................... CM-DC1-NY01 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC1-NY01 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... CM-DC1-NY01 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=CM-DC1-NY01,OU=Domain Controllers,DC=cmedia,DC=local
and backlink on
CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cmedia,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=CM-DC1-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on
CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chiefmed
ia,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=CM-DC1-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on CN=CM-DC1-NY01,OU=Domain Controllers,DC=cmedia,DC=local are correct.
......................... CM-DC1-NY01 passed test VerifyReferences
Starting test: VerifyReplicas
......................... CM-DC1-NY01 passed test VerifyReplicas
Testing server: Default-First-Site-Name\CM-DC3-NY01
Starting test: Advertising
The DC CM-DC3-NY01 is advertising itself as a DC and having a DS.
The DC CM-DC3-NY01 is advertising as an LDAP server
The DC CM-DC3-NY01 is advertising as having a writeable directory
The DC CM-DC3-NY01 is advertising as a Key Distribution Center
The DC CM-DC3-NY01 is advertising as a time server
The DS CM-DC3-NY01 is advertising as a GC.
......................... CM-DC3-NY01 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CM-DC1-NY01 for domain cmedia.local in site Default-First-Site-Name
Checking machine account for DC CM-DC3-NY01 on DC CM-DC1-NY01.
* SPN found :LDAP/CM-DC3-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC3-NY01.cmedia.local
* SPN found :LDAP/CM-DC3-NY01
* SPN found :LDAP/CM-DC3-NY01.cmedia.local/cmedia
* SPN found :LDAP/5e9d1971-39ca-484c-922d-411c2364c96e._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5e9d1971-39ca-484c-922d-411c2364c96e/cmedia.local
* SPN found :HOST/CM-DC3-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC3-NY01.cmedia.local
* SPN found :HOST/CM-DC3-NY01
* SPN found :HOST/CM-DC3-NY01.cmedia.local/cmedia
* SPN found :GC/CM-DC3-NY01.cmedia.local/cmedia.local
Checking for CN=CM-DC3-NY01,OU=Domain Controllers,DC=cmedia,DC=local in domain DC=cmedia,DC=local o
n 2 servers
Object is up-to-date on all servers.
[CM-DC3-NY01] No security related replication errors were found on this DC! To target the connection to a
specific source DC use /ReplSource:<DC>.
......................... CM-DC3-NY01 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC3-NY01 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... CM-DC3-NY01 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... CM-DC3-NY01 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC3-NY01 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC3-NY01 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... CM-DC3-NY01 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role Domain Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role PDC Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Rid Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=cmedia,DC=local
......................... CM-DC3-NY01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC CM-DC3-NY01 on DC CM-DC3-NY01.
* SPN found :LDAP/CM-DC3-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC3-NY01.cmedia.local
* SPN found :LDAP/CM-DC3-NY01
* SPN found :LDAP/CM-DC3-NY01.cmedia.local/cmedia
* SPN found :LDAP/5e9d1971-39ca-484c-922d-411c2364c96e._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5e9d1971-39ca-484c-922d-411c2364c96e/cmedia.local
* SPN found :HOST/CM-DC3-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC3-NY01.cmedia.local
* SPN found :HOST/CM-DC3-NY01
* SPN found :HOST/CM-DC3-NY01.cmedia.local/cmedia
* SPN found :GC/CM-DC3-NY01.cmedia.local/cmedia.local
......................... CM-DC3-NY01 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CM-DC3-NY01.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=cmedia,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=cmedia,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=cmedia,DC=local
(Domain,Version 3)
......................... CM-DC3-NY01 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CM-DC3-NY01\netlogon
Verified share \\CM-DC3-NY01\sysvol
......................... CM-DC3-NY01 passed test NetLogons
Starting test: ObjectsReplicated
CM-DC3-NY01 is in domain DC=cmedia,DC=local
Checking for CN=CM-DC3-NY01,OU=Domain Controllers,DC=cmedia,DC=local in domain DC=cmedia,DC=local o
n 3 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CM-DC3-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuratio
n,DC=cmedia,DC=local in domain CN=Configuration,DC=cmedia,DC=local on 3 servers
Object is up-to-date on all servers.
......................... CM-DC3-NY01 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
......................... CM-DC3-NY01 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... CM-DC3-NY01 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 16109 to 1073741823
* CM-DC1-NY01.cmedia.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 15109 to 15608
* rIDPreviousAllocationPool is 15109 to 15608
* rIDNextRID: 15110
......................... CM-DC3-NY01 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CM-DC3-NY01 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... CM-DC3-NY01 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC3-NY01 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... CM-DC3-NY01 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=CM-DC3-NY01,OU=Domain Controllers,DC=cmedia,DC=local
and backlink on
CN=CM-DC3-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cmedia,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=CM-DC3-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on
CN=NTDS Settings,CN=CM-DC3-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chiefmed
ia,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=CM-DC3-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on CN=CM-DC3-NY01,OU=Domain Controllers,DC=cmedia,DC=local are correct.
......................... CM-DC3-NY01 passed test VerifyReferences
Starting test: VerifyReplicas
......................... CM-DC3-NY01 passed test VerifyReplicas
Testing server: Default-First-Site-Name\CM-DC4-NY01
Starting test: Advertising
The DC CM-DC4-NY01 is advertising itself as a DC and having a DS.
The DC CM-DC4-NY01 is advertising as an LDAP server
The DC CM-DC4-NY01 is advertising as having a writeable directory
The DC CM-DC4-NY01 is advertising as a Key Distribution Center
The DC CM-DC4-NY01 is advertising as a time server
The DS CM-DC4-NY01 is advertising as a GC.
......................... CM-DC4-NY01 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CM-DC1-NY01 for domain cmedia.local in site Default-First-Site-Name
Checking machine account for DC CM-DC4-NY01 on DC CM-DC1-NY01.
* SPN found :LDAP/CM-DC4-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC4-NY01.cmedia.local
* SPN found :LDAP/CM-DC4-NY01
* SPN found :LDAP/CM-DC4-NY01.cmedia.local/cmedia
* SPN found :LDAP/37830012-1f10-43c9-a0ff-2a0e8a912187._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/37830012-1f10-43c9-a0ff-2a0e8a912187/cmedia.local
* SPN found :HOST/CM-DC4-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC4-NY01.cmedia.local
* SPN found :HOST/CM-DC4-NY01
* SPN found :HOST/CM-DC4-NY01.cmedia.local/cmedia
* SPN found :GC/CM-DC4-NY01.cmedia.local/cmedia.local
Checking for CN=CM-DC4-NY01,OU=Domain Controllers,DC=cmedia,DC=local in domain DC=cmedia,DC=local o
n 2 servers
Object is up-to-date on all servers.
[CM-DC4-NY01] No security related replication errors were found on this DC! To target the connection to a
specific source DC use /ReplSource:<DC>.
......................... CM-DC4-NY01 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC4-NY01 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... CM-DC4-NY01 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... CM-DC4-NY01 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC4-NY01 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CM-DC4-NY01 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... CM-DC4-NY01 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role Domain Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=cmedia,DC=local
Role PDC Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Rid Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configur
ation,DC=cmedia,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CM-DC1-NY01,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=cmedia,DC=local
......................... CM-DC4-NY01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC CM-DC4-NY01 on DC CM-DC4-NY01.
* SPN found :LDAP/CM-DC4-NY01.cmedia.local/cmedia.local
* SPN found :LDAP/CM-DC4-NY01.cmedia.local
* SPN found :LDAP/CM-DC4-NY01
* SPN found :LDAP/CM-DC4-NY01.cmedia.local/cmedia
* SPN found :LDAP/37830012-1f10-43c9-a0ff-2a0e8a912187._msdcs.cmedia.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/37830012-1f10-43c9-a0ff-2a0e8a912187/cmedia.local
* SPN found :HOST/CM-DC4-NY01.cmedia.local/cmedia.local
* SPN found :HOST/CM-DC4-NY01.cmedia.local
* SPN found :HOST/CM-DC4-NY01
* SPN found :HOST/CM-DC4-NY01.cmedia.local/cmedia
* SPN found :GC/CM-DC4-NY01.cmedia.local/cmedia.local
......................... CM-DC4-NY01 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CM-DC4-NY01.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=cmedia,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=cmedia,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=cmedia,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=cmedia,DC=local
(Domain,Version 3)
......................... CM-DC4-NY01 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CM-DC4-NY01\netlogon
Verified share \\CM-DC4-NY01\sysvol
......................... CM-DC4-NY01 passed test NetLogons
Starting test: ObjectsReplicated
CM-DC4-NY01 is in domain DC=cmedia,DC=local
Checking for CN=CM-DC4-NY01,OU=Domain Controllers,DC=cmedia,DC=local in domain DC=cmedia,DC=local o
n 3 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CM-DC4-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuratio
n,DC=cmedia,DC=local in domain CN=Configuration,DC=cmedia,DC=local on 3 servers
Object is up-to-date on all servers.
......................... CM-DC4-NY01 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
......................... CM-DC4-NY01 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=cmedia,DC=local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's
no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... CM-DC4-NY01 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 16109 to 1073741823
* CM-DC1-NY01.cmedia.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 15609 to 16108
* rIDPreviousAllocationPool is 15609 to 16108
* rIDNextRID: 15609
......................... CM-DC4-NY01 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CM-DC4-NY01 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... CM-DC4-NY01 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=cmedia,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CM-DC4-NY01 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... CM-DC4-NY01 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=CM-DC4-NY01,OU=Domain Controllers,DC=cmedia,DC=local
and backlink on
CN=CM-DC4-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cmedia,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=CM-DC4-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on
CN=NTDS Settings,CN=CM-DC4-NY01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chiefmed
ia,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=CM-DC4-NY01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cmedia,D
C=local
and backlink on CN=CM-DC4-NY01,OU=Domain Controllers,DC=cmedia,DC=local are correct.
......................... CM-DC4-NY01 passed test VerifyReferences
Starting test: VerifyReplicas
......................... CM-DC4-NY01 passed test VerifyReplicas -
in an attempt to transfer FSMO roles to the 2012r2 DC the first thing I ran was dcdiag /e /c /v and after correcting some minor errors, I came upon this one in the DNS portion where a SRV record is missing and I have no idea how to fix/remove this. there's
only two DCs, 200.5 and 200.6 where the former is a Hyper-V VM running 2012r2 and the latter is a physical 2003r2 machine. I was able to successfully raise the levels to 2003 and join the 2012r2 DC. this missing SRV record does not look fatal and only warrants
a warning from dcdiag, however I would like to fix this so there's no trouble down the road. I've tried ipconfig /registerdns, but no dice. here is the message I'm concerned about:
Error:
Missing SRV record at DNS server 192.168.200.5:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
the bottom portion of the DNS section that contains this message is in the RReg section and is as follows:
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone cmedia.local
Test record dcdiag-test-record deleted successfully in zone cmedia.local
TEST: Records registration (RReg)
Network Adapter [00000010] Microsoft Hyper-V Network Adapter:
Matching CNAME record found at DNS server 192.168.200.5:
a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
CM-DC1-HV-NYC01.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.5:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Matching CNAME record found at DNS server 192.168.200.6:
a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
CM-DC1-HV-NYC01.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.6:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Warning: Record Registrations not found in some network adaptersHi Ace Fekay, thank you for your help. I hope you're still with me despite my lack of responding. I needed time to move the VPN server from the DC to a separate VM and then following your instructions to disable WINS Proxy and IP routing. Some of the delay
was when I had to restart the 2003r2 server after disabling those two items since that cause DNS queries to the Internet to go unresolved with only the 2012r2 server. That's been corrected, but running dcdiag /c /e /v still gives some DNS problems. Here's
the latest run of that...
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
Starting test: DNS
See DNS test in enterprise tests section for results
......................... CM-DC-NY01 passed test DNS
See DNS test in enterprise tests section for results
......................... CM-DC1-NY01 passed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : cmedia
Starting test: CheckSDRefDom
......................... cmedia passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... cmedia passed test CrossRefValidation
Running enterprise tests on : cmedia.local
Starting test: DNS
Test results for domain controllers:
DC: cm-dc-NY01.cmedia.local
Domain: cmedia.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS Microsoft(R) Windows(R) Server 2003, Standard Edition (Service Pack level: 2.0) is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] HP NC373i Multifunction Gigabit Server Adapter:
MAC address is 00:00:00:00:00:00
IP Address is static
IP address: 192.168.200.6
DNS servers:
192.168.200.6 (cm-dc-NY01.cmedia.local.) [Valid]
192.168.200.5 (CM-DC1-NY01) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders are not configured on this DNS server
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Valid]
Name: a.root-servers.net. IP: 2001:503:ba3e::2:30 [Invalid (unreachable)]
Name: b.root-servers.net. IP: 192.228.79.201 [Valid]
Name: b.root-servers.net. IP: 2001:500:84::b [Invalid (unreachable)]
Name: c.root-servers.net. IP: 192.33.4.12 [Valid]
Name: c.root-servers.net. IP: 2001:500:2::c [Invalid (unreachable)]
Name: d.root-servers.net. IP: 199.7.91.13 [Valid]
Name: d.root-servers.net. IP: 2001:500:2d::d [Invalid (unreachable)]
Name: e.root-servers.net. IP: 192.203.230.10 [Valid]
Name: f.root-servers.net. IP: 192.5.5.241 [Valid]
Name: g.root-servers.net. IP: 192.112.36.4 [Valid]
Name: h.root-servers.net. IP: 128.63.2.53 [Valid]
Name: h.root-servers.net. IP: 2001:500:1::803f:235 [Invalid (unreachable)]
Name: i.root-servers.net. IP: 192.36.148.17 [Valid]
Name: j.root-servers.net. IP: 192.58.128.30 [Valid]
Name: j.root-servers.net. IP: 2001:503:c27::2:30 [Invalid (unreachable)]
Name: k.root-servers.net. IP: 193.0.14.129 [Valid]
Name: k.root-servers.net. IP: 2001:7fd::1 [Invalid (unreachable)]
Name: l.root-servers.net. IP: 198.32.64.12 [Invalid (unreachable)]
Name: l.root-servers.net. IP: 199.7.83.42 [Valid]
Name: m.root-servers.net. IP: 202.12.27.33 [Valid]
TEST: Delegations (Del)
Delegation information for the zone: cmedia.local.
Delegated domain name: _msdcs.cmedia.local.
DNS server: cm-dc-NY01.cmedia.local. IP:192.168.200.6 [Valid]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone cmedia.local
Test record dcdiag-test-record deleted successfully in zone cmedia.local
TEST: Records registration (RReg)
Network Adapter [00000001] HP NC373i Multifunction Gigabit Server Adapter:
Matching CNAME record found at DNS server 192.168.200.6:
406b42db-de80-4d11-bc18-c68074007a76._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
cm-dc-NY01.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.6:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.pdc._msdcs.cmedia.local
Matching CNAME record found at DNS server 192.168.200.5:
406b42db-de80-4d11-bc18-c68074007a76._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
cm-dc-NY01.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.5:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.pdc._msdcs.cmedia.local
Warning: Record Registrations not found in some network adapters
DC: CM-DC1-NY01.cmedia.local
Domain: cmedia.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS Microsoft Windows Server 2012 Standard (Service Pack level: 0.0) is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000010] Microsoft Hyper-V Network Adapter:
MAC address is 00:00:00:00:00:00
IP Address is static
IP address: 192.168.200.5, 0000::0000:0000:0000:0000
DNS servers:
192.168.200.5 (CM-DC1-NY01) [Valid]
192.168.200.6 (cm-dc-NY01.cmedia.local.) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders are not configured on this DNS server
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Valid]
Name: a.root-servers.net. IP: 2001:503:ba3e::2:30 [Invalid (unreachable)]
Name: b.root-servers.net. IP: 128.9.0.107 [Invalid (unreachable)]
Name: b.root-servers.net. IP: 192.228.79.201 [Valid]
Name: b.root-servers.net. IP: 2001:500:84::b [Invalid (unreachable)]
Name: c.root-servers.net. IP: 192.33.4.12 [Valid]
Name: c.root-servers.net. IP: 2001:500:2::c [Invalid (unreachable)]
Name: d.root-servers.net. IP: 128.8.10.90 [Invalid (unreachable)]
Name: d.root-servers.net. IP: 199.7.91.13 [Valid]
Name: d.root-servers.net. IP: 2001:500:2d::d [Invalid (unreachable)]
Name: e.root-servers.net. IP: 192.203.230.10 [Valid]
Name: f.root-servers.net. IP: 192.5.5.241 [Valid]
Name: f.root-servers.net. IP: 2001:500:2f::f [Invalid (unreachable)]
Name: g.root-servers.net. IP: 192.112.36.4 [Valid]
Name: h.root-servers.net. IP: 128.63.2.53 [Valid]
Name: h.root-servers.net. IP: 2001:500:1::803f:235 [Invalid (unreachable)]
Name: i.root-servers.net. IP: 192.36.148.17 [Valid]
Name: i.root-servers.net. IP: 2001:7fe::53 [Invalid (unreachable)]
Name: j.root-servers.net. IP: 192.58.128.30 [Valid]
Name: j.root-servers.net. IP: 2001:503:c27::2:30 [Invalid (unreachable)]
Name: k.root-servers.net. IP: 193.0.14.129 [Valid]
Name: k.root-servers.net. IP: 2001:7fd::1 [Invalid (unreachable)]
Name: l.root-servers.net. IP: 198.32.64.12 [Invalid (unreachable)]
Name: l.root-servers.net. IP: 199.7.83.42 [Valid]
Name: l.root-servers.net. IP: 2001:500:3::42 [Invalid (unreachable)]
Name: m.root-servers.net. IP: 2001:dc3::35 [Invalid (unreachable)]
Name: m.root-servers.net. IP: 202.12.27.33 [Valid]
TEST: Delegations (Del)
Delegation information for the zone: cmedia.local.
Delegated domain name: _msdcs.cmedia.local.
DNS server: cm-dc-NY01.cmedia.local. IP:192.168.200.6 [Valid]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone cmedia.local
Test record dcdiag-test-record deleted successfully in zone cmedia.local
TEST: Records registration (RReg)
Network Adapter [00000010] Microsoft Hyper-V Network Adapter:
Matching CNAME record found at DNS server 192.168.200.5:
a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
CM-DC1-NY01.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.5:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.5:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.5:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Matching CNAME record found at DNS server 192.168.200.6:
a29d12f1-2869-44bf-8e43-adf7ddf33865._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
CM-DC1-NY01.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.cmedia.local
Error:
Missing SRV record at DNS server 192.168.200.6:
_ldap._tcp.9a5f3c17-e7ac-48f7-ab42-bf1ea621a6f5.domains._msdcs.cmedia.local
[Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._udp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kpasswd._tcp.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_kerberos._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.gc._msdcs.cmedia.local
Matching A record found at DNS server 192.168.200.6:
gc._msdcs.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_gc._tcp.Default-First-Site-Name._sites.cmedia.local
Matching SRV record found at DNS server 192.168.200.6:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.cmedia.local
Warning: Record Registrations not found in some network adapters
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 198.32.64.12 (l.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12 [Err
or details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 2001:500:1::803f:235 (h.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:1::803f:235 [Error details: 1460 (Type: Win32 - Description: This operation ret
urned because the timeout period expired.)]
DNS server: 2001:500:2::c (c.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:2::c [Error details: 1460 (Type: Win32 - Description: This operation returned b
ecause the timeout period expired.)]
DNS server: 2001:500:2d::d (d.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:2d::d [Error details: 1460 (Type: Win32 - Description: This operation returned
because the timeout period expired.)]
DNS server: 2001:500:84::b (b.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:84::b [Error details: 1460 (Type: Win32 - Description: This operation returned
because the timeout period expired.)]
DNS server: 2001:503:ba3e::2:30 (a.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:503:ba3e::2:30 [Error details: 1460 (Type: Win32 - Description: This operation retu
rned because the timeout period expired.)]
DNS server: 2001:503:c27::2:30 (j.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:503:c27::2:30 [Error details: 1460 (Type: Win32 - Description: This operation retur
ned because the timeout period expired.)]
DNS server: 2001:7fd::1 (k.root-servers.net.)
2 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:7fd::1 [Error details: 1460 (Type: Win32 - Description: This operation returned bec
ause the timeout period expired.)]
DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90 [Erro
r details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107 [Erro
r details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 2001:500:2f::f (f.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:2f::f [Error details: 1460 (Type: Win32 - Description: This operation returned
because the timeout period expired.)]
DNS server: 2001:500:3::42 (l.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:500:3::42 [Error details: 1460 (Type: Win32 - Description: This operation returned
because the timeout period expired.)]
DNS server: 2001:7fe::53 (i.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:7fe::53 [Error details: 1460 (Type: Win32 - Description: This operation returned be
cause the timeout period expired.)]
DNS server: 2001:dc3::35 (m.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed
on the DNS server 2001:dc3::35 [Error details: 1460 (Type: Win32 - Description: This operation returned be
cause the timeout period expired.)]
DNS server: 128.63.2.53 (h.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.112.36.4 (g.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.168.200.5 (CM-DC1-NY01)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS server: 192.168.200.6 (cm-dc-NY01.cmedia.local.)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.cmedia.local. is operational on IP 192.168.200.6
DNS server: 192.203.230.10 (e.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.228.79.201 (b.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.33.4.12 (c.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.36.148.17 (i.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.5.5.241 (f.root-servers.net.)
All tests passed on this DNS server
DNS server: 192.58.128.30 (j.root-servers.net.)
All tests passed on this DNS server
DNS server: 193.0.14.129 (k.root-servers.net.)
All tests passed on this DNS server
DNS server: 198.41.0.4 (a.root-servers.net.)
All tests passed on this DNS server
DNS server: 199.7.83.42 (l.root-servers.net.)
All tests passed on this DNS server
DNS server: 199.7.91.13 (d.root-servers.net.)
All tests passed on this DNS server
DNS server: 202.12.27.33 (m.root-servers.net.)
All tests passed on this DNS server
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: cmedia.local
cm-dc-NY01 PASS PASS PASS PASS PASS WARN n/a
CM-DC1-NY01 PASS PASS PASS PASS PASS WARN n/a
......................... cmedia.local passed test DNS
Starting test: LocatorCheck
GC Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
PDC Name: \\cm-dc-NY01.cmedia.local
Locator Flags: 0xe00003fd
Time Server Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
Preferred Time Server Name: \\cm-dc-NY01.cmedia.local
Locator Flags: 0xe00003fd
KDC Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
......................... cmedia.local passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
PDC Name: \\cm-dc-NY01.cmedia.local
Locator Flags: 0xe00003fd
Time Server Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
Preferred Time Server Name: \\cm-dc-NY01.cmedia.local
Locator Flags: 0xe00003fd
KDC Name: \\CM-DC1-NY01.cmedia.local
Locator Flags: 0xe00071fc
......................... cmedia.local passed test FsmoCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
provided.
......................... cmedia.local passed test Intersite -
How do I add SRV record to my DNS for Office 365?
How do I add the following record?
Add the SIP SRV record for Lync web conferencing.
Create a new SRV record.
In the new record, make sure that the fields are set to precisely the following values:
Record Type: SRV
Service: _sip
Protocol: _tls
Port: 443
Weight: 1
Priority: 100
TTL: Set this value to 1 hour or to the equivalent in minutes (60), seconds (3600), etc.
Name: @
Target: sipdir.online.lync.com
Save the record.
Need help ASAP because my clients Email is down when I changed Domain Name Servers to Business Catalyst.
All Office 365 functions were lost.
Thank you for some assistance - URGENT,
Jim Vernon
Hopegate SoftwareHere is an image of the settings that Office 365 says i need to correct in my DNS settings on Business Catalyst:
Maybe you are looking for
-
Max. J.peg file size in photoshop ps
What is the maximum file size I can work with in photoshop ps?
-
DREAMWEAVER - PHP - Attach Documents
Hello, I'm quite new to the idea of PHP - but what I'm trying to do is allow users to enter their name, their email address, then select a drop down (which would be a pre-selcted email "subject" option), then attach photos - attaching two or three in
-
I get a message saying my Os X doesn't support iPhoto. When I click the icon, en error window pops up. Message was edited by: SeasonedMacUser Problem solved: downloaded updates for iPhoto 9.2.3 from apple website.
-
this method is part of my lab, it should sort words in alphabetical order from from A to Z . . i don;t undersatand why did we use .compareTo in this method?? could someone explain what does this method mean public static void sortList() Str
-
Firefox Mobile 18a1 crashes all the time
I have been testing Nightly builds of Firefox Mobile for Android for some time now. Recently (after Ion landed), the browser crashes all the time. I can't even get into about:config or about:crashes long enough to get any useful information or try an