KDC issue
Hi,
I'm new to KDC. Please help me with this...
kadmin.local[72550](info): No dictionary file specified, continuing without one
Thanks,
Gulab Pasha
The amazing response here has helped tremendously. I can see why Apple has such a large marketshare!
I resolved it by removing it from the domain and re-adding it.
We also deleted the following files (as part of the disjoining process): edu.mit.kerberos & krb5.keytab
Hope this helps someone in the future!
Similar Messages
-
Impact of decreasing Kerberos User Ticket Renewal Lifetime
In a Domain with mostly Windows 7 clients and Windows 2008 R + 2012 R2 servers, I'm interested in lowering the
User TGT renewal lifetime policy setting from the default (7 days) to the lowest possible value (1 day).
The aim is to limit the timeframe in which a stolen Kerberos ticket can be reused without having the principal's password for authentication.
My impression is that Windows 7 will handle ticket renewal seamlessly, and in the event that a domain user has an interactive session running for more than 24 hours without supplying a password, the user will (at most) get the "Windows need your current
credentials" popup balloon from the system tray when renewal lifetime is exceeded (just like when ticket validation fails due to password change).
Is this theory correct?
I just wan't to make sure that I cause as little disruption from a user perspective as possible.Renewable TGTs
When tickets are renewable, session keys are refreshed periodically without issuing a completely new ticket. If Kerberos policy permits renewable
tickets, the KDC sets a RENEWABLE flag in every ticket it issues and sets two expiration times in the ticket. One expiration time limits the life of the current instance of the ticket; the second expiration time sets a limit on the cumulative lifetime of all
instances of the ticket.
The expiration time for the current instance of the ticket is held in the End Time field. As with non-renewable tickets, the value in the End Time
field equals the value in the Start Time field plus the value of the maximum ticket life specified by Kerberos policy. A client holding a renewable ticket must send it—presenting a fresh authenticator as well—to the KDC for renewal before the end time is reached.
When the KDC receives a ticket for renewal, it checks the value of a second expiration time held in the Renew Till field. This value is set when the ticket is first issued. It equals the value in the tickets Start Time field plus the value of the maximum cumulative
ticket life specified by Kerberos policy. When the KDC renews the ticket, it checks to determine if the renew-till time has not yet arrived. If it has not, the KDC issues a new instance of the ticket with a later end time and a new session key.
This means that administrators can set Kerberos policy so that tickets must be renewed at relatively short intervals—every day, for example. When
tickets are renewed, a new session key is issued, minimizing the value of a compromised key. Administrators can also set cumulative ticket life for a relatively long period—one week or one month, for example. At the end of that time, the ticket expires and
is no longer valid forrenewal."
Source :
https://social.technet.microsoft.com/Forums/windowsserver/en-US/e0c6a401-1609-47c9-8f1c-6437b98bef2a/how-does-kerberos-ticket-or-tgt-get-renewed-or-refreshed?forum=winserversecurity
Regards,
Biswajit
MCTS, MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, Enterprise Admin, ITIL F 2011
Blog:
Script Gallary:
LinkedIn:
Note: Disclaimer: This posting is provided & with no warranties or guarantees and confers no rights.. -
HI
we have a sharepoint farm and in domain controller server, this error is in event viewer
Log Name: System
Source: Microsoft-Windows-Kerberos-Key-Distribution-Center
Date: 9/15/2014 10:44:15 PM
Event ID: 11
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: XXXAPP01.xxxportal.com
Description:
The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is HTTP/XXXWFE01.xxxportal.com (of type DS_SERVICE_PRINCIPAL_NAME). This may result in authentication failures or downgrades to NTLM. In order to prevent
this from occuring remove the duplicate entries for HTTP/XXXWFE01.xxxportal.com in Active Directory.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kerberos-Key-Distribution-Center" Guid="{3FD9DA1A-5A54-46C5-9A26-9BD7C0685056}" EventSourceName="KDC" />
<EventID Qualifiers="49152">11</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-09-15T19:44:15.000000000Z" />
<EventRecordID>131824</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>XXXAPP01.xxxportal.com</Computer>
<Security />
</System>
<EventData>
<Data Name="Name">HTTP/XXXWFE01.xxxportal.com</Data>
<Data Name="Type">DS_SERVICE_PRINCIPAL_NAME</Data>
<Binary>
</Binary>
</EventData>
</Event>
adilHi adil,
Service principal names (SPNs) are stored as a property of the associated account object in Active Directory
Domain Services (AD DS). I noticed that you have used setpn –X to identify the duplicate SPN. Please refer to following articles and check if help you to solve this issue.
Event ID 11 — Service Principal
Name Configuration
Event ID 11 in the System log of domain controllers
Please also refer to following article and check if can help you.
The problem with duplicate SPNs
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
does not guarantee the accuracy of this information.
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu -
I have two Domain Controllers Main ( Main DC ) and Second DC.
the date of some policies is not out of date....
please check these files to know the problem.
dcdiag.txt output:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine ASMDC, is a Directory Server.
Home Server = ASMDC
* Connecting to directory service on server ASMDC.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=buc,DC=edu,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=buc,DC=edu,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=BSMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ASMDC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Determining IP6 connectivity
* Active Directory RPC Services Check
......................... ASMDC passed test Connectivity
Testing server: Default-First-Site-Name\BSMDC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Determining IP6 connectivity
* Active Directory RPC Services Check
......................... BSMDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ASMDC
Starting test: Advertising
The DC ASMDC is advertising itself as a DC and having a DS.
The DC ASMDC is advertising as an LDAP server
The DC ASMDC is advertising as having a writeable directory
The DC ASMDC is advertising as a Key Distribution Center
The DC ASMDC is advertising as a time server
The DS ASMDC is advertising as a GC.
......................... ASMDC passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... ASMDC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... ASMDC passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... ASMDC passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... ASMDC passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Domain Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role PDC Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Rid Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Infrastructure Update Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
......................... ASMDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC ASMDC on DC ASMDC.
* SPN found :LDAP/ASMDC.buc.edu/buc.edu
* SPN found :LDAP/ASMDC.buc.edu
* SPN found :LDAP/ASMDC
* SPN found :LDAP/ASMDC.buc.edu/BUC
* SPN found :LDAP/5e88f85b-15a6-4ff5-b0fd-6df748df06fd._msdcs.buc.edu
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5e88f85b-15a6-4ff5-b0fd-6df748df06fd/buc.edu
* SPN found :HOST/ASMDC.buc.edu/buc.edu
* SPN found :HOST/ASMDC.buc.edu
* SPN found :HOST/ASMDC
* SPN found :HOST/ASMDC.buc.edu/BUC
* SPN found :GC/ASMDC.buc.edu/buc.edu
......................... ASMDC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC ASMDC.
* Security Permissions Check for
DC=ForestDnsZones,DC=buc,DC=edu
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=buc,DC=edu
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=buc,DC=edu
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=buc,DC=edu
(Configuration,Version 3)
* Security Permissions Check for
DC=buc,DC=edu
(Domain,Version 3)
......................... ASMDC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\ASMDC\netlogon
Verified share \\ASMDC\sysvol
......................... ASMDC passed test NetLogons
Starting test: ObjectsReplicated
ASMDC is in domain DC=buc,DC=edu
Checking for CN=ASMDC,OU=Domain Controllers,DC=buc,DC=edu in domain DC=buc,DC=edu on 2 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu in domain CN=Configuration,DC=buc,DC=edu on 2 servers
Object is up-to-date on all servers.
......................... ASMDC passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=buc,DC=edu
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
DC=DomainDnsZones,DC=buc,DC=edu
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
CN=Schema,CN=Configuration,DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
CN=Configuration,DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
* Replication Site Latency Check
......................... ASMDC passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 8604 to 1073741823
* ASMDC.buc.edu is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 7604 to 8103
* rIDPreviousAllocationPool is 7604 to 8103
* rIDNextRID: 7640
......................... ASMDC passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... ASMDC passed test Services
Starting test: SystemLog
* The System Event log test
An Warning Event occurred. EventID: 0x825A0024
Time Generated: 08/21/2014 00:22:16
Event String:
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system
time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources.
Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
An Warning Event occurred. EventID: 0x8000000E
Time Generated: 08/21/2014 00:32:29
Event String:
There were password errors using the Credential Manager. To remedy, launch the Stored User Names and Passwords control panel applet, and reenter the password for the credential BUC.EDU\administrator.
An Error Event occurred. EventID: 0x00000422
Time Generated: 08/21/2014 00:32:29
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\buc.edu\sysvol\buc.edu\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not
successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
......................... ASMDC failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=ASMDC,OU=Domain Controllers,DC=buc,DC=edu and backlink on
CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
are correct.
The system object reference (serverReferenceBL)
CN=ASMDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=buc,DC=edu
and backlink on
CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
are correct.
......................... ASMDC passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Testing server: Default-First-Site-Name\BSMDC
Starting test: Advertising
The DC BSMDC is advertising itself as a DC and having a DS.
The DC BSMDC is advertising as an LDAP server
The DC BSMDC is advertising as having a writeable directory
The DC BSMDC is advertising as a Key Distribution Center
The DC BSMDC is advertising as a time server
The DS BSMDC is advertising as a GC.
......................... BSMDC passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
......................... BSMDC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... BSMDC passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... BSMDC passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... BSMDC passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Domain Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role PDC Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Rid Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
Role Infrastructure Update Owner = CN=NTDS Settings,CN=ASMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
......................... BSMDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC BSMDC on DC BSMDC.
* SPN found :LDAP/BSMDC.buc.edu/buc.edu
* SPN found :LDAP/BSMDC.buc.edu
* SPN found :LDAP/BSMDC
* SPN found :LDAP/BSMDC.buc.edu/BUC
* SPN found :LDAP/93561cab-4fb3-421f-9a67-af6b4c280eca._msdcs.buc.edu
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/93561cab-4fb3-421f-9a67-af6b4c280eca/buc.edu
* SPN found :HOST/BSMDC.buc.edu/buc.edu
* SPN found :HOST/BSMDC.buc.edu
* SPN found :HOST/BSMDC
* SPN found :HOST/BSMDC.buc.edu/BUC
* SPN found :GC/BSMDC.buc.edu/buc.edu
......................... BSMDC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC BSMDC.
* Security Permissions Check for
DC=ForestDnsZones,DC=buc,DC=edu
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=buc,DC=edu
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=buc,DC=edu
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=buc,DC=edu
(Configuration,Version 3)
* Security Permissions Check for
DC=buc,DC=edu
(Domain,Version 3)
......................... BSMDC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\BSMDC\netlogon
Verified share \\BSMDC\sysvol
......................... BSMDC passed test NetLogons
Starting test: ObjectsReplicated
BSMDC is in domain DC=buc,DC=edu
Checking for CN=BSMDC,OU=Domain Controllers,DC=buc,DC=edu in domain DC=buc,DC=edu on 2 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=BSMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu in domain CN=Configuration,DC=buc,DC=edu on 2 servers
Object is up-to-date on all servers.
......................... BSMDC passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=buc,DC=edu
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
DC=DomainDnsZones,DC=buc,DC=edu
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
CN=Schema,CN=Configuration,DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
CN=Configuration,DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
DC=buc,DC=edu
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency
information (Win2K DC).
* Replication Site Latency Check
......................... BSMDC passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 8604 to 1073741823
* ASMDC.buc.edu is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 8104 to 8603
* rIDPreviousAllocationPool is 8104 to 8603
* rIDNextRID: 8106
......................... BSMDC passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... BSMDC passed test Services
Starting test: SystemLog
* The System Event log test
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:15
Event String:
Driver Send To Microsoft OneNote Driver required for printer Send To OneNote 2007 is unknown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:18
Event String:
Driver SolidPDF XChange required for printer SolidPDF XChange is unknown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:18
Event String:
Driver NRG SP 3400N PCL 6 required for printer !!net_pc5!NRG SP 3400N PCL 6 is unknown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:19
Event String:
Driver Send To Microsoft OneNote Driver required for printer !!BUCLAPTOP1!Send To OneNote 2007 is unknown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:20
Event String:
Driver NRG SP 3400N PCL 6 required for printer !!BUCLAPTOP1!NRG SP 3400N PCL 6 is unknown. Contact the administrator to install the driver before you log in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 08/20/2014 23:52:20
Event String:
The jobs in the print queue for printer Microsoft XPS Document Writer (redirected 2) were deleted. No user action is required.
To stop logging warning events for the print spooler, in Control Panel, open Printers, right-click a blank area of the window, click Run as Administrator, click Server Properties, click the
Advanced tab, and then clear the Log spooler warning events check box.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 08/20/2014 23:52:20
Event String:
Printer Microsoft XPS Document Writer (redirected 2) will be deleted. No user action is required.
To stop logging warning events for the print spooler, in Control Panel, open Printers, right-click a blank area of the window, click Run as Administrator, click Server Properties, click the
Advanced tab, and then clear the Log spooler warning events check box.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 08/20/2014 23:52:20
Event String:
Printer Microsoft XPS Document Writer (redirected 2) was deleted, and users will no longer be able to print to this printer. No user action is required.
To stop logging information events for the print spooler, in Control Panel, open Printers, right-click a blank area of the window, click Run as Administrator, click Server Properties, click
the Advanced tab, and then clear the Log spooler information events check box.
An Error Event occurred. EventID: 0x00000457
Time Generated: 08/20/2014 23:52:22
Event String:
Driver NRG SP 3400N PCL 6 required for printer !!BUCLAPTOP1!NRG SP 3400N PCL 6 (Copy 1) is unknown. Contact the administrator to install the driver before you log in again.
......................... BSMDC failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=BSMDC,OU=Domain Controllers,DC=buc,DC=edu and backlink on
CN=BSMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
are correct.
The system object reference (serverReferenceBL)
CN=BSMDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=buc,DC=edu
and backlink on
CN=NTDS Settings,CN=BSMDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=buc,DC=edu
are correct.
......................... BSMDC passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : buc
Starting test: CheckSDRefDom
......................... buc passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... buc passed test CrossRefValidation
Running enterprise tests on : buc.edu
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\ASMDC.buc.edu
Locator Flags: 0xe00013fd
PDC Name: \\ASMDC.buc.edu
Locator Flags: 0xe00013fd
Time Server Name: \\ASMDC.buc.edu
Locator Flags: 0xe00013fd
Preferred Time Server Name: \\ASMDC.buc.edu
Locator Flags: 0xe00013fd
KDC Name: \\ASMDC.buc.edu
Locator Flags: 0xe00013fd
......................... buc.edu passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... buc.edu passed test Intersite
====================================================================
Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\ASMDC
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 5e88f85b-15a6-4ff5-b0fd-6df748df06fd
DSA invocationID: 1355f657-cd24-4ad4-b890-f04f5c624acd
==== INBOUND NEIGHBORS ======================================
DC=buc,DC=edu
Default-First-Site-Name\BSMDC via RPC
DSA object GUID: 93561cab-4fb3-421f-9a67-af6b4c280eca
Last attempt @ 2014-08-21 00:43:56 was successful.
CN=Configuration,DC=buc,DC=edu
Default-First-Site-Name\BSMDC via RPC
DSA object GUID: 93561cab-4fb3-421f-9a67-af6b4c280eca
Last attempt @ 2014-08-21 00:41:11 was successful.
CN=Schema,CN=Configuration,DC=buc,DC=edu
Default-First-Site-Name\BSMDC via RPC
DSA object GUID: 93561cab-4fb3-421f-9a67-af6b4c280eca
Last attempt @ 2014-08-20 23:51:37 was successful.
DC=DomainDnsZones,DC=buc,DC=edu
Default-First-Site-Name\BSMDC via RPC
DSA object GUID: 93561cab-4fb3-421f-9a67-af6b4c280eca
Last attempt @ 2014-08-21 00:45:39 was successful.
DC=ForestDnsZones,DC=buc,DC=edu
Default-First-Site-Name\BSMDC via RPC
DSA object GUID: 93561cab-4fb3-421f-9a67-af6b4c280eca
Last attempt @ 2014-08-20 23:51:37 was successful.
Regards and thanks in advance
MhiarHi,
Based on the description, the Sysvol is replicated by FRS service.
>>some policies at the main DC are not updated like same policies in second DC.
In this case, we can do a non-authoritative restore on the main DC.
To do so:
Click Start, and then click
Run.
In the
Open box, type cmd and then press ENTER.
In the
Command box, type net stop ntfrs.
Click Start, and then click
Run.
In the
Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double-click
BurFlags.
In the
Edit DWORD Value dialog box, type D2 and then click OK.
Quit Registry Editor, and then switch to the
Command box.
In the
Command box, type net start ntfrs.
Quit the
Command box.
Regarding reinitializing File Replication Service replica sets, the following article can be referred to for more information.
Using the BurFlags registry key to reinitialize File Replication Service replica sets
http://support.microsoft.com/kb/290762/en-us
Best regards,
Frank Shen -
AD Replication issues, SYSVOL / NETLOGON not replicating
Hello Experts!
We have a client that recently called us for some assistance. The IT department had a new virtual environment stood up. They Created 3 new VMs and promoted them all to domain controllers. The current domain and forest functional levels are (and were) Server
2003. There were two existing domain controllers, both Server 2003. The new domain controllers are Server 2012 R2. After promoting the 3 new servers to DC’s, they demoted one of the old DC’s. Then they transferred FSMO roles to a new 2012 R2 DC. When they
went to demote the last server 2003 DC, it was giving them the error that it is the last DC in the domain. That’s when we were called to assist. I have since demoted 2 of the 3 new 2012 R2 DCs and transferred all FSMO roles back to the Server 2003 DC.
I have been running some tools to try and gather data. Here is the DCDIAG from the last Server 2003 DC:
C:\Documents and Settings\user>dcdiag /fix
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: domainname\server2003server
Starting test: Connectivity
......................... server2003server passed test Connectivity
Doing primary tests
Testing server: domainname\server2003server
Starting test: Replications
......................... server2003server passed test Replications
Starting test: NCSecDesc
......................... server2003server passed test NCSecDesc
Starting test: NetLogons
......................... server2003server passed test NetLogons
Starting test: Advertising
......................... server2003server passed test Advertising
Starting test: KnowsOfRoleHolders
......................... server2003server passed test KnowsOfRoleHolders
Starting test: RidManager
......................... server2003server passed test RidManager
Starting test: MachineAccount
......................... server2003server passed test MachineAccount
Starting test: Services
......................... server2003server passed test Services
Starting test: ObjectsReplicated
......................... server2003server passed test ObjectsReplicated
Starting test: frssysvol
......................... server2003server passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... server2003server failed test frsevent
Starting test: kccevent
......................... server2003server passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000410B
Time Generated: 02/18/2015 19:27:04
Event String: The request for a new account-identifier pool
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 19:28:22
Event String: Component: System Information Agent
An Error Event occured. EventID: 0xC00110CD
Time Generated: 02/18/2015 19:28:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 19:28:22
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0xC0060024
Time Generated: 02/18/2015 19:28:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 02/18/2015 19:32:26
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC25A001D
Time Generated: 02/18/2015 14:33:27
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:33:28
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:33:31
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410B
Time Generated: 02/18/2015 14:36:18
Event String: The request for a new account-identifier pool
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 14:38:48
Event String: Component: System Information Agent
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 14:38:48
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0xC4350505
Time Generated: 02/18/2015 14:38:54
Event String: NIC Agent: Connectivity has been lost for the NIC
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:39:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:39:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0xC25A001D
Time Generated: 02/18/2015 14:42:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:42:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:42:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 14:48:03
Event String: Component: System Information Agent
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 14:48:03
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x40000004
Time Generated: 02/18/2015 14:55:30
Event String: The kerberos client received a
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:36
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:39
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
......................... server2003server failed test systemlog
Starting test: VerifyReferences
Some objects relating to the DC server2003server have problems:
[1] Problem: Missing Expected Value
Base Object:
CN= server2003server,OU=Domain Controllers,DC=domainname,DC=com
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN= server2003server,CN=Servers,CN=domainname,CN=Sites,CN=C
onfiguration,DC=domainname,DC=com
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
......................... server2003server failed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domainname
Starting test: CrossRefValidation
......................... domainname passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domainname passed test CheckSDRefDom
Running enterprise tests on : domainname.com
Starting test: Intersite
......................... domainname.com passed test Intersite
Starting test: FsmoCheck
......................... domainname.com passed test FsmoCheck
C:\Documents and Settings\user>
Now the DCDIAG for the Server 2012 R2 DC.
2012R2DC
PS C:\Users\user > dcdiag /fix
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = 2012R2DC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: domainname\2012R2DC
Starting test: Connectivity
......................... 2012R2DC
passed test Connectivity
Doing primary tests
Testing server: domainname\2012R2DC
Starting test: Advertising
Warning: DsGetDcName returned information for \\server2003server.domainname.com, when we were trying to reach 2012R2DC.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... 2012R2DC
failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... 2012R2DC
passed test FrsEvent
Starting test: DFSREvent
......................... 2012R2DC passed test DFSREvent
Starting test: SysVolCheck
......................... 2012R2DC passed test SysVolCheck
Starting test: KccEvent
......................... 2012R2DC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... 2012R2DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... 2012R2DC passed test MachineAccount
Starting test: NCSecDesc
......................... 2012R2DC passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\2012R2DC \netlogon)
[2012R2DC] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... 2012R2DC failed test NetLogons
Starting test: ObjectsReplicated
......................... 2012R2DC passed test ObjectsReplicated
Starting test: Replications
[Replications Check, 2012R2DC] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105
"Replication access was denied."
......................... 2012R2DC failed test Replications
Starting test: RidManager
......................... 2012R2DC passed test RidManager
Starting test: Services
Could not open NTDS Service on 2012R2DC, error 0x5 "Access is denied."
......................... 2012R2DC failed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x0000041E
Time Generated: 02/18/2015 14:39:32
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could
be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x0000041E
Time Generated: 02/18/2015 14:44:34
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could
be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x40000004
Time Generated: 02/18/2015 14:47:09
Event String:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server cr-dc3$. The target name used was C
RDC02$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when t
he target server principal name (SPN) is registered on an account other than the account the target service is using. En
sure that the target SPN is only registered on the account used by the server. This error can also happen if the target
service account password is different than what is configured on the Kerberos Key Distribution Center for that target se
rvice. Ensure that the service on the server and the KDC are both configured to use the same password. If the server nam
e is not fully qualified, and the target domain (domainname.COM) is different from the client domain (domainname.COM),
check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify
the server.
......................... 2012R2DC failed test SystemLog
Starting test: VerifyReferences
......................... 2012R2DC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : domainname
Starting test: CheckSDRefDom
......................... domainname passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... domainname passed test CrossRefValidation
Running enterprise tests on : domainname.com
Starting test: LocatorCheck
......................... domainname.com passed test LocatorCheck
Starting test: Intersite
......................... domainname.com passed test Intersite
PS C:\Users\user>
From here I can see SYSVOL and NETLOGON are not replicating from server2003server. When I log on to server2003server and run ‘net share’ the SYSVOL and NETLOGON shares are shared. But, when I do the same on 2012R2DC there are no NETLOGON or SYSVOL shares.
I see ntfrs issues. So I ran ntfrsutl ds on server2003server and the results are here:
C:\Documents and Settings\user>ntfrsutl ds
NTFRS CONFIGURATION IN THE DS
SUBSTITUTE DCINFO FOR DC
FRS DomainControllerName: (null)
Computer Name : SERVER2003SERVER
Computer DNS Name : SERVER2003SERVER.domainname.com
BINDING TO THE DS:
ldap_connect : SERVER2003SERVER.domainname.com
DsBind : SERVER2003SERVER.domainname.com
NAMING CONTEXTS:
SitesDn : CN=Sites,cn=configuration,dc= domainname,dc=com
ServicesDn : CN=Services,cn=configuration,dc= domainname,dc=com
DefaultNcDn: DC= domainname,DC=com
ComputersDn: CN=Computers,DC= domainname,DC=com
DomainCtlDn: OU=Domain Controllers,DC= domainname,DC=com
Fqdn : CN= SERVER2003SERVER,OU=Domain Controllers,DC= domainname,DC=com
Searching : Fqdn
COMPUTER: SERVER2003SERVER
DN : cn= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : d3cfdf56-a013-40ab-a2e9ffc3d88896bd
UAC : 0x00082000
Server BL : CN= SERVER2003SERVER,CN=Servers,CN=domainname,CN=Sites,CN=Configuration,D
C= SERVER2003SERVER,DC=com
Settings : cn=ntds settings,cn= SERVER2003SERVER,cn=servers,cn= domainname,cn=sites,c
n=configuration,dc= domainname,dc=com
DNS Name : SERVER2003SERVER. domainname.com
WhenCreated : 5/29/2007 10:36:30 Eastern Standard Time Eastern Daylight Time
[300]
WhenChanged : 2/17/2015 11:21:58 Eastern Standard Time Eastern Daylight Time
[300]
SUBSCRIPTION: NTFRS SUBSCRIPTIONS
DN : cn=ntfrs subscriptions,cn= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : 5d0ca299-209d-4814-ae6d7acd9209e10a
Working : c:\windows\ntfrs
Actual Working: c:\windows\ntfrs
WhenCreated : 5/29/2007 10:50:26 Eastern Standard Time Eastern Daylight T
ime [300]
WhenChanged : 5/29/2007 10:50:26 Eastern Standard Time Eastern Daylight T
ime [300]
SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn
= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : fb56d707-3c40-429f-bd7c63d227b9fb5d
Member Ref: (null)
Root : c:\windows\sysvol\domain
Stage : c:\windows\sysvol\staging\domain
WhenCreated : 5/29/2007 10:50:26 Eastern Standard Time Eastern Dayligh
t Time [300]
WhenChanged : 5/29/2007 10:50:26 Eastern Standard Time Eastern Dayligh
t Time [300]
SERVER2003SERVER IS NOT A MEMBER OF ANY SET!
C:\Documents and Settings\user>
Also worth noting that when we power down SERVER2003SERVER no computer can contact a logon server.
The last line of this worries me as well. I am going to continue to work on this but I wanted to get these logs to some other eyes in case you have some ideas off the bat. Thanks in advance!I would first recommend to make sure that the new DCs are also global catalogs and to refer to IP setting recommendations I shared here: http://www.ahmedmalek.com/web/fr/home.asp
It is possible to do a non-authoritative restore of SYSVOL to make it appear on the other DCs: https://support.microsoft.com/kb/290762?wa=wsignin1.0
However, you would need to upgrade to DFSR.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
Mac OS 10.9 WiFi Issue: Safe boot needed
I started seeing a problem connecting to Wifi AP soon after the upgrade to 10.9. (A similar thread exists on the discussion groups but not quite the same)
Essentially the problem I see after having upgraded to OSX 10.9.4 is "Connecting to a new wifi access point requires a safe boot". Here is what I have to do in order to switch between two wifi APs -
1. Safe boot and connect to wifi AP1.
2. Then I can reboot normally any number of times and I will connect to AP!.
3. If I switch to AP2 now, I will get a "locally assigned IP". Nothing can fix this - deleting wifi interfaces, re-adding wifi APs etc.
4. Safe boot and connect to AP2.
5. Now I can re-connect to AP2 successfully after a reboot.
PS. I had to spend quite a few hours at the Apple genius bar to figure this workaround.
From a previous thread, following is the output from "EtreCheck" as needed from a previous thread -
EtreCheck version: 1.9.12 (48)
Report generated July 23, 2014 at 1:48:25 AM EDT
Hardware Information:
MacBook Pro (15-inch, Mid 2012) (Verified)
MacBook Pro - model: MacBookPro9,1
1 2.3 GHz Intel Core i7 CPU: 4 cores
8 GB RAM
Video Information:
Intel HD Graphics 4000 - VRAM: (null)
NVIDIA GeForce GT 650M - VRAM: 512 MB
Color LCD 1680 x 1050
System Software:
OS X 10.9.4 (13E28) - Uptime: 0 days 4:39:33
Disk Information:
APPLE HDD HTS727575A9E362 disk0 : (750.16 GB)
EFI (disk0s1) <not mounted>: 209.7 MB
Macintosh HD (disk0s2) / [Startup]: 717.14 GB (138.34 GB free)
disk0s3 (disk0s3) <not mounted>: 254.8 MB
NO NAME (disk0s4) <not mounted>: 64 MB
disk0s5 (disk0s5) <not mounted>: 32.36 GB
MATSHITADVD-R UJ-8A8
USB Information:
Apple Inc. FaceTime HD Camera (Built-in)
Apple Computer, Inc. IR Receiver
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Thunderbolt Information:
Apple Inc. thunderbolt_bus
Configuration files:
/etc/hosts - Count: 1
Gatekeeper:
Anywhere
Kernel Extensions:
[not loaded] com.NovatelWireless.driver.NovatelWirelessUSBCDCECMControl (3.0.20) Support
[not loaded] com.NovatelWireless.driver.NovatelWirelessUSBCDCECMData (3.0.20) Support
[not loaded] com.cisco.cscotun (1.0) Support
[not loaded] com.cisco.nke.ipsec (2.0.1) Support
[not loaded] com.lct.driver.LJACDDriver (1.0.0d1) Support
[not loaded] com.lja.driver.LJACDDriver64 (1.0.1) Support
[not loaded] com.novatelwireless.driver.3G (3.0.20) Support
[not loaded] com.novatelwireless.driver.3GData (3.0.20) Support
[not loaded] com.novatelwireless.driver.DisableAutoInstall (3.0.20) Support
[not loaded] com.novatelwireless.driver.NWVBE (3.0.20) Support
[not loaded] com.novatelwireless.kext.wwan (3.0.20) Support
[not loaded] com.prolific.driver.PL2303 (1.2.1) Support
[not loaded] com.sierrawireless.driver.SierraDIPSupport (1.0.0) Support
[not loaded] com.sierrawireless.driver.SierraDevSupport (1.0.7) Support
[not loaded] com.sierrawireless.driver.SierraFSRSupport (1.0.1) Support
[not loaded] com.sierrawireless.driver.SierraHSRSupport (2.1.1) Support
[not loaded] com.sierrawireless.driver.SierraIPDirect (1.1.1) Support
[not loaded] lja.driver.USBModemCDC (1.0.0) Support
[not loaded] lja.driver.USBModemCDC64 (4.0.2) Support
[not loaded] lja.driver.USBModemData (1.0.0) Support
[not loaded] lja.driver.USBModemData64 (4.0.2) Support
[not loaded] nl.bjaelectronics.driver.PL2303 (1.0.0d1 - SDK 10.7) Support
[loaded] org.virtualbox.kext.VBoxDrv (4.2.16) Support
[not loaded] org.virtualbox.kext.VBoxNetAdp (4.2.16) Support
[not loaded] org.virtualbox.kext.VBoxNetFlt (4.2.16) Support
[loaded] org.virtualbox.kext.VBoxUSB (4.2.16) Support
Startup Items:
ciscod: Path: /System/Library/StartupItems/ciscod
CiscoVPN: Path: /System/Library/StartupItems/CiscoVPN
vpnagentd: Path: /System/Library/StartupItems/vpnagentd
AltirisAgent: Path: /Library/StartupItems/AltirisAgent
ChmodBPF: Path: /Library/StartupItems/ChmodBPF
VirtualBox: Path: /Library/StartupItems/VirtualBox
Launch Daemons:
[loaded] com.adobe.fpsaud.plist Support
[loaded] com.google.keystone.daemon.plist Support
[running] com.hitbliss.helper.plist Support
[invalid] com.mcafee.ssm.Eupdate.plist
[invalid] com.mcafee.ssm.ScanFactory.plist
[invalid] com.mcafee.ssm.ScanManager.plist
[running] com.mcafee.virusscan.fmpd.plist Support
[loaded] com.microsoft.office.licensing.helper.plist Support
[loaded] com.novatelwireless.NvtlServer.plist Support
[loaded] com.oracle.java.Helper-Tool.plist Support
[loaded] com.roamingclient.cell.mac.bell.roamingclient.plist Support
[loaded] com.sierrawireless.SWoCTool.plist Support
[loaded] org.macosforge.xquartz.privileged_startx.plist Support
Launch Agents:
[loaded] com.divx.dms.agent.plist Support
[loaded] com.divx.update.agent.plist Support
[running] com.epson.ecpd.launcher.plist Support
[loaded] com.google.keystone.agent.plist Support
[running] com.lja.startupAgent.plist Support
[running] com.mcafee.menulet.plist Support
[running] com.mcafee.reporter.plist Support
[loaded] com.oracle.java.Java-Updater.plist Support
[running] net.culater.SIMBL.Agent.plist Support
[loaded] org.macosforge.xquartz.startx.plist Support
User Launch Agents:
[loaded] com.adobe.ARM.[...].plist Support
[failed] com.apple.CSConfigDotMacCert-[...]@me.com-SharedServices.Agent.plist
[failed] com.facebook.videochat.[redacted].plist Support
[running] com.microsoft.LaunchAgent.SyncServicesAgent.plist Support
[not loaded] org.virtualbox.vboxwebsrv.plist Support
User Login Items:
Adium
Cisco Jabber
Microsoft Outlook
Internet Plug-ins:
JavaAppletPlugin: Version: Java 7 Update 60 Check version
o1dbrowserplugin: Version: 5.4.2.18903 Support
Google Earth Web Plug-in: Version: 6.1 Support
Default Browser: Version: 537 - SDK 10.9
Flip4Mac WMV Plugin: Version: 3.2.0.16 - SDK 10.8 Support
OfficeLiveBrowserPlugin: Version: 12.3.3 Support
OVSHelper: Version: 1.1 Support
AdobePDFViewerNPAPI: Version: 11.0.07 - SDK 10.6 Support
FlashPlayer-10.6: Version: 14.0.0.145 - SDK 10.6 Support
DivX Web Player: Version: 3.2.1.977 - SDK 10.6 Support
Silverlight: Version: 5.1.30317.0 - SDK 10.6 Support
Flash Player: Version: 14.0.0.145 - SDK 10.6 Support
iPhotoPhotocast: Version: 7.0
googletalkbrowserplugin: Version: 5.4.2.18903 Support
QuickTime Plugin: Version: 7.7.3
AdobePDFViewer: Version: 11.0.07 - SDK 10.6 Support
GarminGpsControl: Version: 4.2.0.0 - SDK 10.8 Support
SharePointBrowserPlugin: Version: 14.2.3 - SDK 10.6 Support
DirectorShockwave: Version: 11.6.5r635 Support
Safari Extensions:
Conduit Search for Safari: Version: 1.0
Audio Plug-ins:
BluetoothAudioPlugIn: Version: 1.0 - SDK 10.9
AirPlay: Version: 2.0 - SDK 10.9
AppleAVBAudio: Version: 203.2 - SDK 10.9
iSightAudio: Version: 7.7.3 - SDK 10.9
iTunes Plug-ins:
Quartz Composer Visualizer: Version: 1.4 - SDK 10.9
User Internet Plug-ins:
ATTConnectEventEntry: Version: 1.0.3 - SDK 10.8
ConduitNPAPIPlugin: Version: 1.0 - SDK 10.6 Support
WebEx64: Version: 1.0 - SDK 10.6 Support
WebEx: Version: 1.0 Support
Google Earth Web Plug-in: Version: 7.1 Support
Picasa: Version: 1.0 Support
RealPlayer Plugin: Version: (null) Support
3rd Party Preference Panes:
Flash Player Support
Flip4Mac WMV Support
FUSE for OS X (OSXFUSE) Support
Growl Support
Java Support
Launch Webex Support
Time Machine:
Skip System Files: NO
Mobile backups: ON
Auto backup: YES
Volumes being backed up:
Macintosh HD: Disk size: 667.88 GB Disk used: 539.05 GB
Destinations:
Iomega HDD [Local] (Last used)
Total size: 931.39 GB
Total number of backups: 7
Oldest backup: 2014-02-05 21:54:35 +0000
Last backup: 2014-07-18 13:21:29 +0000
Size of backup disk: Too small
Backup size 931.39 GB < (Disk used 539.05 GB X 3)
Time Machine details may not be accurate.
All volumes being backed up may not be listed.
Top Processes by CPU:
15% Cisco Jabber
9% coreaudiod
8% WindowServer
7% Meeting Center
5% mds
Top Processes by Memory:
336 MB AdobeReader
279 MB WindowServer
254 MB mds_stores
229 MB Microsoft Outlook
221 MB Cisco Jabber
Virtual Memory Information:
1.64 GB Free RAM
4.59 GB Active RAM
756 MB Inactive RAM
1.03 GB Wired RAM
11.74 GB Page-ins
0 B Page-outsStart time: 10:05:41 07/31/14
Model Identifier: MacBookPro9,1
Sudden Motion Sensor:
System Version: OS X 10.9.4 (13E28)
Kernel Version: Darwin 13.3.0
Boot Mode: Normal
Time since boot: 1:08
USB
Hub (Alcor Micro, Corp.)
Iomega HDD (Iomega Corporation)
Diagnostic reports
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 Menulet crash
2014-07-30 fmpd crash
2014-07-30 fmpd crash
2014-07-30 fmpd crash
2014-07-30 fmpd crash
2014-07-30 fmpd crash
2014-07-31 fmpd crash
2014-07-31 fmpd crash
Log
Jul 31 08:58:23 CODE SIGNING: cs_invalid_page(0x1000): p=75[hitbliss-helper] final status 0x0, allowing (remove VALID) page
Jul 31 08:58:28 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 08:58:29 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 08:58:29 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 08:58:34 SIOCPROTODETACH_IN6: utun0 error=6
Jul 31 08:58:34 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 08:58:34 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 09:03:39 SIOCPROTODETACH_IN6: fw0 error=6
Jul 31 09:05:57 process Cisco Jabber[695] caught causing excessive wakeups. Observed wakeups rate (per sec): 258; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 47705
Jul 31 09:05:58 CODE SIGNING: cs_invalid_page(0x11452e000): p=1478[spindump] final status 0x0, allowing (remove VALID) page
Jul 31 09:07:12 process Microsoft Outloo[908] thread 7914 caught burning CPU! It used more than 50% CPU (Actual recent usage: 83%) over 180 seconds. thread lifetime cpu usage 90.073081 seconds, (81.151972 user, 8.921109 system) ledger info: balance: 90008969897 credit: 90008969897 debit: 0 limit: 90000000000 (50%) period: 180000000000 time since last refill (ns): 107607405422
Jul 31 09:07:12 CODE SIGNING: cs_invalid_page(0x115c8f000): p=1795[spindump] final status 0x0, allowing (remove VALID) page
Jul 31 09:49:13 ip4_output (ipsec): error code 22
Jul 31 09:49:13 ip4_output (ipsec): error code 22
Jul 31 09:49:30 ip4_output (ipsec): error code 22
Jul 31 09:58:36 ip4_output (ipsec): error code 22
Jul 31 09:58:55 SerialATAPI device reconfiguration did not complete successfully. (failedCommandInfo = 0x1)
Jul 31 09:59:58 ip4_output (ipsec): error code 22
Jul 31 09:59:58 ip4_output (ipsec): error code 22
Jul 31 09:59:59 ip4_output (ipsec): error code 22
Jul 31 09:59:59 ip4_output (ipsec): error code 22
Jul 31 09:59:59 ip4_output (ipsec): error code 22
Jul 31 09:59:59 ip4_output (ipsec): error code 22
Jul 31 09:59:59 ip4_output (ipsec): error code 22
Jul 31 10:01:16 SerialATAPI device reconfiguration did not complete successfully. (failedCommandInfo = 0x1)
kexts
org.virtualbox.kext.VBoxDrv (4.2.16)
org.virtualbox.kext.VBoxUSB (4.2.16)
com.mcafee.kext.Virex (1.1.0d1)
Daemons
org.macosforge.xquartz.privileged_startx
com.sierrawireless.SWoCTool
com.roamingclient.cell.mac.bell.roamingclient
com.oracle.java.JavaUpdateHelper
com.oracle.java.Helper-Tool
com.novatelwireless.NvtlServer
com.microsoft.office.licensing.helper
com.mcafee.virusscan.fmpd
com.mcafee.ssm.ScanManager
com.mcafee.virusscan.ssm.ScanFactory
com.mcafee.ssm.Eupdate
com.jamfsoftware.task.Every
com.jamfsoftware.jamf.daemon
com.hitbliss.helper
com.google.keystone.daemon
com.cisco.casperdaemon
com.adobe.fpsaud
Agents
org.macosforge.xquartz.startx
net.culater.SIMBL.Agent
com.oracle.java.Java-Updater
com.mcafee.reporter
com.mcafee.menulet
com.lja.startupAgent
com.jamfsoftware.jamf.agent
com.google.keystone.system.agent
com.epson.ecpd.launcher.plist
com.divx.update.agent
com.divx.dms.agent
com.microsoft.SyncServicesAgent
com.facebook.videochat.updater
com.adobe.ARM.UUID
launchd
/Library/LaunchAgents/com.divx.dms.agent.plist
- com.divx.dms.agent
/Library/LaunchAgents/com.divx.update.agent.plist
- com.divx.update.agent
/Library/LaunchAgents/com.epson.ecpd.launcher.plist
- com.epson.ecpd.launcher.plist
/Library/LaunchAgents/com.google.keystone.agent.plist
- com.google.keystone.system.agent
/Library/LaunchAgents/com.jamfsoftware.jamf.agent.plist
- com.jamfsoftware.jamf.agent
/Library/LaunchAgents/com.lja.startupAgent.plist
- com.lja.startupAgent
/Library/LaunchAgents/com.mcafee.menulet.plist
- com.mcafee.menulet
/Library/LaunchAgents/com.mcafee.reporter.plist
- com.mcafee.reporter
/Library/LaunchAgents/com.oracle.java.Java-Updater.plist
- com.oracle.java.Java-Updater
/Library/LaunchAgents/net.culater.SIMBL.Agent.plist
- net.culater.SIMBL.Agent
/Library/LaunchAgents/org.macosforge.xquartz.startx.plist
- org.macosforge.xquartz.startx
/Library/LaunchDaemons/com.adobe.fpsaud.plist
- com.adobe.fpsaud
/Library/LaunchDaemons/com.apple.cdm.airport_ibss.plist
- N/A
/Library/LaunchDaemons/com.apple.cdm.bless.plist
- N/A
/Library/LaunchDaemons/com.apple.cdm.byhost.plist
- N/A
/Library/LaunchDaemons/com.apple.cdm.install-pkgs.plist
- com.apple.cdm.install-pkgs
/Library/LaunchDaemons/com.apple.cdm.locsetup.plist
- N/A
/Library/LaunchDaemons/com.apple.cdm.networksetup.plist
- com.apple.cdm.networksetup
/Library/LaunchDaemons/com.apple.cdm.set-time-zone-and-server.plist
- com.apple.cdm.set-time-zone-and-server
/Library/LaunchDaemons/com.apple.cdm.set_ipfw.plist
- com.apple.cdm.set_ipfw
/Library/LaunchDaemons/com.apple.cdm.set_screen_sharing_acl.plist
- com.apple.cdm.set_screen_sharing_acl
/Library/LaunchDaemons/com.apple.cdm.setcomputername.plist
- com.apple.cdm.setcomputername
/Library/LaunchDaemons/com.apple.cdm.setenergysaver.plist
- com.apple.cdm.setenergysaver
/Library/LaunchDaemons/com.apple.cdm.sethostname.plist
- com.apple.cdm.sethostname
/Library/LaunchDaemons/com.apple.cdm.sid.plist
- N/A
/Library/LaunchDaemons/com.apple.cdm.start_sshd.plist
- com.apple.cdm.start_sshd
/Library/LaunchDaemons/com.apple.cdm.startssh.plist
- com.apple.cdm.startssh
/Library/LaunchDaemons/com.apple.cdm.xquartz.font_cache.plist
- com.apple.cdm.xquartz.font_cache
/Library/LaunchDaemons/com.apple.cdm.xquartz.xquartz_postinst.plist
- com.apple.cdm.xquartz.xquartz_postinst
/Library/LaunchDaemons/com.cisco.casperdaemon.plist
- com.cisco.casperdaemon
/Library/LaunchDaemons/com.google.keystone.daemon.plist
- com.google.keystone.daemon
/Library/LaunchDaemons/com.hitbliss.helper.plist
- com.hitbliss.helper
/Library/LaunchDaemons/com.jamfsoftware.jamf.daemon.plist
- com.jamfsoftware.jamf.daemon
/Library/LaunchDaemons/com.jamfsoftware.task.1.plist
- N/A
/Library/LaunchDaemons/com.mcafee.ssm.Eupdate.plist
- N/A
/Library/LaunchDaemons/com.mcafee.ssm.ScanFactory.plist
- N/A
/Library/LaunchDaemons/com.mcafee.ssm.ScanManager.plist
- N/A
/Library/LaunchDaemons/com.mcafee.virusscan.fmpd.plist
- com.mcafee.virusscan.fmpd
/Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
- com.microsoft.office.licensing.helper
/Library/LaunchDaemons/com.novatelwireless.NvtlServer.plist
- com.novatelwireless.NvtlServer
/Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist
- com.oracle.java.Helper-Tool
/Library/LaunchDaemons/com.oracle.java.JavaUpdateHelper.plist
- com.oracle.java.JavaUpdateHelper
/Library/LaunchDaemons/com.roamingclient.cell.mac.bell.roamingclient.plist
- com.roamingclient.cell.mac.bell.roamingclient
/Library/LaunchDaemons/com.sierrawireless.SWoCTool.plist
- com.sierrawireless.SWoCTool
/Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist
- org.macosforge.xquartz.privileged_startx
Library/LaunchAgents/com.adobe.ARM.UUID.plist
- com.adobe.ARM.UUID
Library/LaunchAgents/com.apple.FolderActions.enabled.plist
- com.apple.FolderActions.enabled
Library/LaunchAgents/com.apple.FolderActions.folders.plist
- com.apple.FolderActions.folders
Library/LaunchAgents/com.facebook.videochat.plist
- com.facebook.videochat.updater
Library/LaunchAgents/com.microsoft.LaunchAgent.SyncServicesAgent.plist
- com.microsoft.SyncServicesAgent
Library/LaunchAgents/org.virtualbox.vboxwebsrv.plist
- org.virtualbox.vboxwebsvc
Startup items
/System/Library/StartupItems/ciscod/ciscod
/System/Library/StartupItems/ciscod/StartupParameters.plist
/System/Library/StartupItems/CiscoVPN/CiscoVPN
/System/Library/StartupItems/CiscoVPN/StartupParameters.plist
/System/Library/StartupItems/vpnagentd/StartupParameters.plist
/System/Library/StartupItems/vpnagentd/vpnagentd
/Library/StartupItems/ChmodBPF/ChmodBPF
/Library/StartupItems/ChmodBPF/StartupParameters.plist
/Library/StartupItems/cma/StartupParameters.plist: Permission denied
/Library/StartupItems/VirtualBox/StartupParameters.plist
/Library/StartupItems/VirtualBox/VirtualBox
Bundles
/System/Library/Extensions/CiscoVPN.kext
- com.cisco.nke.ipsec
/System/Library/Extensions/LJACDDriver.kext
- com.lct.driver.LJACDDriver
/System/Library/Extensions/LJACDDriver64.kext
- com.lja.driver.LJACDDriver64
/System/Library/Extensions/LJAUSBModemCDC.kext
- lja.driver.USBModemCDC
/System/Library/Extensions/LJAUSBModemCDC64.kext
- lja.driver.USBModemCDC64
/System/Library/Extensions/LJAUSBModemData.kext
- lja.driver.USBModemData
/System/Library/Extensions/LJAUSBModemData64.kext
- lja.driver.USBModemData64
/System/Library/Extensions/NovatelWirelessWWAN.kext
- com.novatelwireless.kext.wwan
/System/Library/Extensions/osx-pl2303.kext
- nl.bjaelectronics.driver.PL2303
/System/Library/Extensions/ProlificUsbSerial.kext
- com.prolific.driver.PL2303
/System/Library/Extensions/SierraDevSupport.kext
- com.sierrawireless.driver.SierraDevSupport
/System/Library/Extensions/SierraDIPSupport.kext
- com.sierrawireless.driver.SierraDIPSupport
/System/Library/Extensions/SierraFSRSupport.kext
- com.sierrawireless.driver.SierraFSRSupport
/System/Library/Extensions/SierraHSRSupport.kext
- com.sierrawireless.driver.SierraHSRSupport
/System/Library/Extensions/SierraIPDirect.kext
- com.sierrawireless.driver.SierraIPDirect
/System/Library/Extensions/tun.kext
- com.cisco.cscotun
/Library/Audio/MIDI Drivers/EmagicUSBMIDIDriver.plugin
- info.emagic.driver.unitor
/Library/Audio/Plug-Ins/Components/Flip4Mac WMA Import.component
- net.telestream.wmv.import
/Library/Extensions/VBoxDrv.kext
- org.virtualbox.kext.VBoxDrv
/Library/Extensions/VBoxNetAdp.kext
- org.virtualbox.kext.VBoxNetAdp
/Library/Extensions/VBoxNetFlt.kext
- org.virtualbox.kext.VBoxNetFlt
/Library/Extensions/VBoxUSB.kext
- org.virtualbox.kext.VBoxUSB
/Library/Internet Plug-Ins/AdobePDFViewer.plugin
- com.adobe.acrobat.pdfviewer
/Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
- com.adobe.acrobat.pdfviewerNPAPI
/Library/Internet Plug-Ins/DirectorShockwave.plugin
- com.adobe.shockwave.pluginshim
/Library/Internet Plug-Ins/DivX Web Player.plugin
- com.divx.DivXWebPlayer
/Library/Internet Plug-Ins/Flash Player.plugin
- N/A
/Library/Internet Plug-Ins/Flip4Mac WMV Plugin.plugin
- net.telestream.wmv.plugin
/Library/Internet Plug-Ins/GarminGpsControl.plugin
- com.garmin.GarminGpsControl
/Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin
- com.Google.GoogleEarthPlugin.plugin
/Library/Internet Plug-Ins/googletalkbrowserplugin.plugin
- com.google.googletalkbrowserplugin
/Library/Internet Plug-Ins/iPhotoPhotocast.plugin
- com.apple.plugin.iPhotoPhotocast
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin
- com.oracle.java.JavaAppletPlugin
/Library/Internet Plug-Ins/o1dbrowserplugin.plugin
- com.google.o1dbrowserplugin
/Library/Internet Plug-Ins/OfficeLiveBrowserPlugin.plugin
- com.microsoft.officelive.browserplugin
/Library/Internet Plug-Ins/OVSHelper.plugin
- com.divx.OVSHelper
/Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
- com.microsoft.sharepoint.browserplugin
/Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin
- com.microsoft.sharepoint.webkitplugin
/Library/Internet Plug-Ins/Silverlight.plugin
- com.microsoft.SilverlightPlugin
/Library/Internet Plug-Ins (Disabled)/Flash Player.plugin
- N/A
/Library/PreferencePanes/Flash Player.prefPane
- com.adobe.flashplayerpreferences
/Library/PreferencePanes/Flip4Mac WMV.prefPane
- net.telestream.wmv.prefpane
/Library/PreferencePanes/Growl.prefPane
- com.growl.prefpanel
/Library/PreferencePanes/JavaControlPanel.prefPane
- com.oracle.java.JavaControlPanel
/Library/PreferencePanes/Launch Webex.prefPane
- com.laurenson.Launch_Webex
/Library/PreferencePanes/OSXFUSE.prefPane
- com.github.osxfuse.OSXFUSEPrefPane
/Library/QuickTime/Flip4Mac WMV Advanced.component
- net.telestream.wmv.advanced
/Library/QuickTime/Flip4Mac WMV Export.component
- net.telestream.wmv.export
/Library/QuickTime/Flip4Mac WMV Import.component
- net.telestream.wmv.import
/Library/ScriptingAdditions/SIMBL.osax
- net.culater.SIMBL.osax
/Library/Spotlight/GBSpotlightImporter.mdimporter
- com.apple.garageband.spotlightimporter
/Library/Widgets/CI Filter Browser.wdgt
- com.apple.CIFilterBrowser
/Library/Widgets/LaunchWebex.wdgt
- com.laurenson.widget.LaunchWebex
Library/Address Book Plug-Ins/CiscoJabberABDialer.bundle
- com.cisco.CiscoJabberABDialer
Library/Address Book Plug-Ins/SkypeABDialer.bundle
- com.skype.skypeabdialer
Library/Address Book Plug-Ins/SkypeABSMS.bundle
- com.skype.skypeabsms
Library/Address Book Plug-Ins/YMsgrCallABPlugin.bundle
- com.yahoo.YMsgrCallABPlugin
Library/Address Book Plug-Ins/YMsgrMsnABPlugin.bundle
- com.yahoo.YMsgrMsnABPlugin
Library/Address Book Plug-Ins/YMsgrSmsABPlugin.bundle
- com.yahoo.YMsgrSmsABPlugin
Library/Address Book Plug-Ins/YMsgrYimABPlugin.bundle
- com.yahoo.YMsgrYimABPlugin
Library/Internet Plug-Ins/ATTConnectEventEntry.plugin
- N/A
Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
- com.conduit.ConduitNPAPIPlugin
Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin
- com.Google.GoogleEarthPlugin.plugin
Library/Internet Plug-Ins/Picasa.plugin
- com.google.PicasaPlugin
Library/Internet Plug-Ins/RealPlayer Plugin.plugin
- com.RealNetworks.RealPlayerPlugin
Library/Internet Plug-Ins/WebEx.plugin
- com.webex.WebEx
Library/Internet Plug-Ins/WebEx.plugin/Contents/Resources
- com.webex.WebEx
Library/Internet Plug-Ins/WebEx64.plugin
- com.cisco_webex.plugin.gpc64
Library/Services/test automated mail to self.workflow
- N/A
dylibs
/usr/lib/libgutenprint.2.0.3.dylib
/usr/lib/libsvn_client-1.0.0.0.dylib
/usr/lib/libsvn_delta-1.0.0.0.dylib
/usr/lib/libsvn_diff-1.0.0.0.dylib
/usr/lib/libsvn_fs-1.0.0.0.dylib
/usr/lib/libsvn_fs_fs-1.0.0.0.dylib
/usr/lib/libsvn_fs_util-1.0.0.0.dylib
/usr/lib/libsvn_ra-1.0.0.0.dylib
/usr/lib/libsvn_ra_local-1.0.0.0.dylib
/usr/lib/libsvn_ra_neon-1.0.0.0.dylib
/usr/lib/libsvn_ra_svn-1.0.0.0.dylib
/usr/lib/libsvn_repos-1.0.0.0.dylib
/usr/lib/libsvn_subr-1.0.0.0.dylib
/usr/lib/libsvn_wc-1.0.0.0.dylib
Apps
/Applications/Dropbox.app
Contents of /etc/hosts
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost
172.18.106.82 mac-wiki.com
Contents of /etc/syslog.conf
install.* @127.0.0.1:32376
local7.info /var/log/McAfeeSecurity.log
Contents of /etc/ssh_config
Host *
SendEnv LANG LC_*
Host *
XAuthLocation /opt/X11/bin/xauth
Contents of /etc/sshd_config
SyslogFacility AUTHPRIV
AuthorizedKeysFile .ssh/authorized_keys
UsePrivilegeSeparation sandbox # Default for new installations.
AcceptEnv LANG LC_*
Subsystem sftp /usr/libexec/sftp-server
XAuthLocation /opt/X11/bin/xauth
Contents of /System/Library/LaunchDaemons/com.apple.rpmuxd.plist (Apple binary property list)
bplist00” \MachServices_ ProgramArgumentsULabel— _ com.apple.rpmuxd ° _ /usr/libexec/rpmuxd /58KLN
Root crontab
45 16 * * * /usr/local/McAfee/AntiMalware/VShieldTaskManager 4 >> /dev/null 2>&1
Profiles: 1
Font issues: 42
Bad plists
/Library/Preferences/com.epson.Epson Customer Participation.UnInstallList.plist
/Library/Preferences/com.epson.Epson Scanner ICA Driver.UnInstallList.plist
/Library/Preferences/com.epson.Inkjet Printer Driver.UnInstallList.plist
/Library/Preferences/com.epson.PC-FAX Driver.UnInstallList.plist
Library/Preferences/com.apple.iphotomosaic.plist
DNS: 64.102.6.247 (static)
Listeners
launchd: afpovertcp
launchd: ssh
httpd: http
kdc: kerberos
httpd: http
Hidden apps
.HitBliss/Player/HitBliss.app.bak/Contents/MacOS/HitBliss Profile Builder.app
.x2go/client/x2goclient.app
Restricted files: 20519
Elapsed time (s): 602 -
Display issue coming out of sleep (w/ external display)
Hey everyone,
I've a MacBook Pro with Retina display. running 10.8.2 (and Win7 x64, via Bootcamp).
I somtimes experience trouble coming out of sleep with no external display connected, if the MacBook was connected to an external display when I sent it to sleep and the integrated display's brightness was turned all the way down. Basically, the MacBook's integrated display won't light up. I then need to hold down the power button until the machine powers off, and start it up again. Only then will the display come on, and the machine start normally.
I've been observing this with both an external Thunderbolt Display, and a TV connected through the HDMI port. I don't think this is a Mac OS issue, as I've seen similar behavior on this same machine, running Windows, under Bootcamp.
An example scenario: I'll be using the Thunderbolt Display, or watching a movie on my TV, with the integrated display's brightness turned all the way down, and then, while the display is still connected, I will close the lid - The machine will go to sleep. I will then come the next day, and while the computer is asleep, disconnect the external display, and open the lid. The MacBook's integrated display will not light up, the brightness keys will not respond, and I will need to force-shutdown the machine, and start it again - it will then start up, and usually fall back to the lowest display resolution setting (even though I always use much higher resolutions on both the integrated and external displays).
I'm guessing this is happening because the computer is expecting the external display that was connected to it, during its last operation, to still be available, and when it's not - it panics!
Also, I had times where this happened, and a force-shutdown would not do the trick. I had to actually connect back to the external display, wait for the machine to start normally, take the integrated display's brightness back up, and disconnect the external display. The machine would then resume normal operation, and I would be able to disconnect the external display and work on the integrated display.
Has anyone else experienced this, or anything similar?There we go. Here's the complete Console report, up until the reboot, which fixed things. I can't make anything out of this, but perhaps someone else can.
13/10/12 8:37:29.010 AM loginwindow[535]: ERROR | -[LWScreenLock(Private) screenIsLockedTimeExpired:] | No lock state found, use built in check
13/10/12 8:37:29.041 AM com.apple.launchd[1]: (com.apple.emond.aslmanager[2845]) Exited with code: 255
13/10/12 8:37:29.468 AM hidd[540]: MultitouchHID: device bootloaded
13/10/12 8:37:29.000 AM kernel[0]: Wake reason: EC.LidOpen EHC1 (User)
13/10/12 8:37:29.000 AM kernel[0]: AirPort_Brcm43xx::powerChange: System Wake - Full Wake/ Dark Wake / Maintenance wake
13/10/12 8:37:29.000 AM kernel[0]: RTC: PowerByCalendarDate setting ignored
13/10/12 8:37:29.000 AM kernel[0]: Previous Sleep Cause: 5
13/10/12 8:37:29.000 AM kernel[0]: The USB device HubDevice (Port 1 of Hub at 0x1d000000) may have caused a wake by issuing a remote wakeup (2)
13/10/12 8:37:29.000 AM kernel[0]: IOThunderboltSwitch(0x0)::listenerCallbackStatic - Thunderbolt HPD packet for route = 0x0 port = 11 unplug = 0
13/10/12 8:37:29.000 AM kernel[0]: IOThunderboltSwitch(0x0)::listenerCallbackStatic - Thunderbolt HPD packet for route = 0x0 port = 12 unplug = 0
13/10/12 8:37:29.000 AM kernel[0]: The USB device HubDevice (Port 8 of Hub at 0x1d100000) may have caused a wake by issuing a remote wakeup (3)
13/10/12 8:37:29.000 AM kernel[0]: TBT W (2): 0x0100 [x]
13/10/12 8:37:29.000 AM kernel[0]: The USB device BRCM20702 Hub (Port 1 of Hub at 0x1d180000) may have caused a wake by issuing a remote wakeup (3)
13/10/12 8:37:29.000 AM kernel[0]: The USB device Bluetooth USB Host Controller (Port 3 of Hub at 0x1d181000) may have caused a wake by issuing a remote wakeup (3)
13/10/12 8:37:29.000 AM kernel[0]: AppleUSBMultitouchDriver::checkStatus - received Status Packet, Payload 2: device was reinitialized
13/10/12 8:37:30.000 AM kernel[0]: MacAuthEvent en0 Auth result for: 68:7f:74:a1:24:96 MAC AUTH succeeded
13/10/12 8:37:30.000 AM kernel[0]: wlEvent: en0 en0 Link UP virtIf = 0
13/10/12 8:37:30.000 AM kernel[0]: AirPort: Link Up on en0
13/10/12 8:37:30.000 AM kernel[0]: en0: BSSID changed to 68:7f:74:a1:24:96
13/10/12 8:37:30.000 AM kernel[0]: en0::IO80211Interface::postMessage bssid changed
13/10/12 8:37:31.000 AM kernel[0]: AirPort: RSN handshake complete on en0
13/10/12 8:37:31.982 AM airportd[2838]: _doAutoJoin: Already associated to “w00***”. Bailing on auto-join.
13/10/12 8:37:32.459 AM configd[17]: network changed: v4(en0+:192.168.1.104) DNS+ Proxy+ SMB
13/10/12 8:37:32.498 AM UserEventAgent[11]: Captive: en0: Not probing 'w00***' (protected network)
13/10/12 8:37:32.514 AM configd[17]: network changed: v4(en0!:192.168.1.104) DNS Proxy SMB
13/10/12 8:37:35.780 AM com.apple.usbmuxd[518]: SCEDeviceSocketCallback USBMuxRecvWithTimeout failed for 0x10020cb90-iTunes/com.apple.iTunes:0->0x3d-192.168.1.101:0:0: 54 - Connection reset by peer
13/10/12 8:37:35.781 AM iTunes[2272]: _receive_message (thread 0x117992000): Could not securely receive message size: SSL_ERROR_SYSCALL (Early EOF reached)
13/10/12 8:37:36.284 AM iTunes[2272]: _send_message (thread 0x117992000): Could not securely send message size 406: SSL_ERROR_SYSCALL errno (Broken pipe).
13/10/12 8:37:36.286 AM iTunes[2272]: AMDeviceStopSession (thread 0x117992000): Could not stop session with device 61: kAMDSendMessageError
13/10/12 8:37:57.165 AM com.apple.usbmuxd[518]: _handle_timer heartbeat detected detach for device 0x3d-192.168.1.101:0!
13/10/12 8:38:14.000 AM kernel[0]: NVDA::setPowerState(0xffffff8026183800, 0 -> 2) timed out after 45406 ms
13/10/12 8:39:25.000 AM bootlog[0]: BOOT_TIME 1350110365 0
13/10/12 8:39:30.000 AM kernel[0]: PMAP: PCID enabled
13/10/12 8:39:30.000 AM kernel[0]: PMAP: Supervisor Mode Execute Protection enabled
13/10/12 8:39:30.000 AM kernel[0]: Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64
13/10/12 8:39:30.000 AM kernel[0]: vm_page_bootstrap: 4043614 free pages and 117922 wired pages
13/10/12 8:39:30.000 AM kernel[0]: kext submap [0xffffff7f80741000 - 0xffffff8000000000], kernel text [0xffffff8000200000 - 0xffffff8000741000]
13/10/12 8:39:30.000 AM kernel[0]: zone leak detection enabled
13/10/12 8:39:30.000 AM kernel[0]: standard timeslicing quantum is 10000 us
13/10/12 8:39:30.000 AM kernel[0]: standard background quantum is 2500 us
13/10/12 8:39:30.000 AM kernel[0]: mig_table_max_displ = 74
13/10/12 8:39:30.000 AM kernel[0]: TSC Deadline Timer supported and enabled
13/10/12 8:39:30.000 AM kernel[0]: corecrypto kext started!
13/10/12 8:39:30.000 AM kernel[0]: Running kernel space in FIPS MODE
13/10/12 8:39:30.000 AM kernel[0]: Plist hmac value is 735d392b68241ef173d81097b1c8ce9ba283521626d1c973ac376838c466757d
13/10/12 8:39:30.000 AM kernel[0]: Computed hmac value is 735d392b68241ef173d81097b1c8ce9ba283521626d1c973ac376838c466757d
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS integrity POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS AES CBC POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS TDES CBC POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS AES ECB AESNI POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS AES XTS AESNI POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS SHA POST test passed!
13/10/12 8:39:28.977 AM com.apple.launchd[1]: *** launchd[1] has started up. ***
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS HMAC POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS ECDSA POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS DRBG POST test passed!
13/10/12 8:39:30.000 AM kernel[0]: corecrypto.kext FIPS POST passed!
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=1 LocalApicId=0 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=2 LocalApicId=2 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=3 LocalApicId=4 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=4 LocalApicId=6 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=5 LocalApicId=1 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=6 LocalApicId=3 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=7 LocalApicId=5 Enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleACPICPU: ProcessorId=8 LocalApicId=7 Enabled
13/10/12 8:39:30.000 AM kernel[0]: calling mpo_policy_init for TMSafetyNet
13/10/12 8:39:30.000 AM kernel[0]: Security policy loaded: Safety net for Time Machine (TMSafetyNet)
13/10/12 8:39:30.000 AM kernel[0]: calling mpo_policy_init for Sandbox
13/10/12 8:39:30.000 AM kernel[0]: Security policy loaded: Seatbelt sandbox policy (Sandbox)
13/10/12 8:39:30.000 AM kernel[0]: calling mpo_policy_init for Quarantine
13/10/12 8:39:30.000 AM kernel[0]: Security policy loaded: Quarantine policy (Quarantine)
13/10/12 8:39:30.000 AM kernel[0]: Copyright (c) 1982, 1986, 1989, 1991, 1993
13/10/12 8:39:30.000 AM kernel[0]: The Regents of the University of California. All rights reserved.
13/10/12 8:39:30.000 AM kernel[0]: MAC Framework successfully initialized
13/10/12 8:39:30.000 AM kernel[0]: using 16384 buffer headers and 10240 cluster IO buffer headers
13/10/12 8:39:30.000 AM kernel[0]: IOAPIC: Version 0x20 Vectors 64:87
13/10/12 8:39:30.000 AM kernel[0]: ACPI: System State [S0 S3 S4 S5]
13/10/12 8:39:30.000 AM kernel[0]: AppleIntelCPUPowerManagement: Turbo Ratios 889A
13/10/12 8:39:30.000 AM kernel[0]: AppleIntelCPUPowerManagement: (built 23:03:24 Jun 24 2012) initialization complete
13/10/12 8:39:30.000 AM kernel[0]: PFM64 (36 cpu) 0xf80000000, 0x80000000
13/10/12 8:39:30.000 AM kernel[0]: [ PCI configuration begin ]
13/10/12 8:39:30.000 AM kernel[0]: Sleep failure code 0x00000002 0x27006c00
13/10/12 8:39:30.000 AM kernel[0]: console relocated to 0xfd0020000
13/10/12 8:39:30.000 AM kernel[0]: PCI configuration changed (bridge=17 device=5 cardbus=0)
13/10/12 8:39:30.000 AM kernel[0]: [ PCI configuration end, bridges 12 devices 16 ]
13/10/12 8:39:30.000 AM kernel[0]: AppleThunderboltNHIType2::setupPowerSavings - GPE based runtime power management
13/10/12 8:39:30.000 AM kernel[0]: AppleThunderboltNHIType2::start - type 2 sleep enabled
13/10/12 8:39:30.000 AM kernel[0]: AppleThunderboltNHIType2::start - SXFP method found
13/10/12 8:39:30.000 AM kernel[0]: mbinit: done [128 MB total pool size, (85/42) split]
13/10/12 8:39:30.000 AM kernel[0]: Pthread support ABORTS when sync kernel primitives misused
13/10/12 8:39:30.000 AM kernel[0]: rooting via boot-uuid from /chosen: D6807041-7128-30C2-9A2D-BFEEC3331CEE
13/10/12 8:39:30.000 AM kernel[0]: Waiting on <dict ID="0"><key>IOProviderClass</key><string ID="1">IOResources</string><key>IOResourceMatch</key><string ID="2">boot-uuid-media</string></dict>
13/10/12 8:39:30.000 AM kernel[0]: com.apple.AppleFSCompressionTypeZlib kmod start
13/10/12 8:39:30.000 AM kernel[0]: com.apple.AppleFSCompressionTypeDataless kmod start
13/10/12 8:39:30.000 AM kernel[0]: com.apple.AppleFSCompressionTypeZlib load succeeded
13/10/12 8:39:30.000 AM kernel[0]: com.apple.AppleFSCompressionTypeDataless load succeeded
13/10/12 8:39:30.000 AM kernel[0]: AppleIntelCPUPowerManagementClient: ready
13/10/12 8:39:30.000 AM kernel[0]: Got boot device = IOService:/AppleACPIPlatformExpert/PCI0@0/AppleACPIPCI/SATA@1F,2/AppleIntelPchS eriesAHCI/PRT0@0/IOAHCIDevice@0/AppleAHCIDiskDriver/IOAHCIBlockStorageDevice/IOB lockStorageDriver/APPLE SSD SM768E Media/IOGUIDPartitionScheme/Customer@2
13/10/12 8:39:30.000 AM kernel[0]: BSD root: disk0s2, major 1, minor 3
13/10/12 8:39:30.000 AM kernel[0]: jnl: unknown-dev: replay_journal: from: 4020736 to: 10443264 (joffset 0x12ada000)
13/10/12 8:39:30.000 AM kernel[0]: BTCOEXIST off
13/10/12 8:39:30.000 AM kernel[0]: BRCM tunables:
13/10/12 8:39:30.000 AM kernel[0]: pullmode[1] txringsize[ 256] reapmin[ 32] reapcount[ 128]
13/10/12 8:39:30.000 AM kernel[0]: highWaterMark: VO[ 192] VI[ 192] BE[ 192] BK[ 192]
13/10/12 8:39:30.000 AM kernel[0]: jnl: unknown-dev: examining extra transactions starting @ 10443264 / 0x9f5a00
13/10/12 8:39:30.000 AM kernel[0]: jnl: unknown-dev: Extra txn replay stopped @ 11364864 / 0xad6a00
13/10/12 8:39:30.000 AM kernel[0]: IOThunderboltSwitch(0x0)::listenerCallbackStatic - Thunderbolt HPD packet for route = 0x0 port = 11 unplug = 0
13/10/12 8:39:30.000 AM kernel[0]: IOThunderboltSwitch(0x0)::listenerCallbackStatic - Thunderbolt HPD packet for route = 0x0 port = 12 unplug = 0
13/10/12 8:39:30.000 AM kernel[0]: AppleUSBMultitouchDriver::checkStatus - received Status Packet, Payload 2: device was reinitialized
13/10/12 8:39:30.000 AM kernel[0]: jnl: unknown-dev: journal replay done.
13/10/12 8:39:30.000 AM kernel[0]: Kernel is LP64
13/10/12 8:39:30.000 AM kernel[0]: hfs: Removed 27 orphaned / unlinked files and 2233 directories
13/10/12 8:39:28.977 AM com.apple.launchd[1]: *** Shutdown logging is enabled. ***
13/10/12 8:39:30.783 AM com.apple.launchd[1]: (com.apple.automountd) Unknown key for boolean: NSSupportsSuddenTermination
13/10/12 8:39:31.000 AM kernel[0]: AirPort_Brcm4331: Ethernet address 20:c9:d0:48:ea:41
13/10/12 8:39:31.000 AM kernel[0]: IO80211Controller::dataLinkLayerAttachComplete(): adding AppleEFINVRAM notification
13/10/12 8:39:31.000 AM kernel[0]: IO80211Interface::efiNVRAMPublished():
13/10/12 8:39:32.037 AM airportd[25]: _processDLILEvent: en0 attached (down)
13/10/12 8:39:32.000 AM kernel[0]: createVirtIf(): ifRole = 1
13/10/12 8:39:32.000 AM kernel[0]: in func createVirtualInterface ifRole = 1
13/10/12 8:39:32.000 AM kernel[0]: AirPort_Brcm4331_P2PInterface::init name <p2p0> role 1 this 0xffffff802247e400
13/10/12 8:39:32.000 AM kernel[0]: AirPort_Brcm4331_P2PInterface::init() <p2p> role 1
13/10/12 8:39:32.000 AM kernel[0]: Created virtif 0xffffff802247e400 p2p0
13/10/12 8:39:32.080 AM com.apple.SecurityServer[15]: Session 100000 created
13/10/12 8:39:32.000 AM kernel[0]: AirPort: Link Down on en0. Reason 1 (Unspecified).
13/10/12 8:39:32.000 AM kernel[0]: en0::IO80211Interface::postMessage bssid changed
13/10/12 8:39:32.101 AM configd[17]: network changed.
13/10/12 8:39:32.103 AM configd[17]: setting hostname to "w00fa.local"
13/10/12 8:39:32.112 AM com.apple.SecurityServer[15]: Entering service
13/10/12 8:39:32.193 AM UserEventAgent[11]: Captive: [HandleNetworkInformationChanged:2435] nwi_state_copy returned NULL
13/10/12 8:39:32.000 AM kernel[0]: Previous Shutdown Cause: 3
13/10/12 8:39:32.000 AM kernel[0]: IOBluetoothUSBDFU::probe
13/10/12 8:39:32.000 AM kernel[0]: IOBluetoothUSBDFU::probe ProductID - 0x8286 FirmwareVersion - 0x0097
13/10/12 8:39:32.000 AM kernel[0]: [BroadcomBluetoothHCIControllerUSBTransport][start] -- completed
13/10/12 8:39:32.000 AM kernel[0]: AGC: 3.2.11, HW version=3.2.19 [3.2.8], flags:0, features:20600
13/10/12 8:39:32.000 AM kernel[0]: NVDAGK100HAL loaded and registered.
13/10/12 8:39:32.586 AM fseventsd[144]: event logs in /.fseventsd out of sync with volume. destroying old logs. (87566 7 87588)
13/10/12 8:39:32.586 AM fseventsd[144]: log dir: /.fseventsd getting new uuid: A93F6A97-D1D4-4728-9B86-3AB73E58340C
13/10/12 8:39:32.599 AM mDNSResponder[146]: mDNSResponder mDNSResponder-379.32.1 (Aug 31 2012 19:05:06) starting OSXVers 12
13/10/12 8:39:32.645 AM systemkeychain[148]: done file: /var/run/systemkeychaincheck.done
13/10/12 8:39:32.652 AM configd[17]: network changed: DNS*
13/10/12 8:39:32.654 AM mDNSResponder[146]: D2D_IPC: Loaded
13/10/12 8:39:32.654 AM mDNSResponder[146]: D2DInitialize succeeded
13/10/12 8:39:33.245 AM tuxera_ntfs[509]: Version 2012.3.3 (Jul 26 2012 08:57:03) external FUSE 27
13/10/12 8:39:33.245 AM tuxera_ntfs[509]: Mounted /dev/rdisk0s4 (Read-Write, label "BOOTCAMP", NTFS 3.1)
13/10/12 8:39:33.245 AM tuxera_ntfs[509]: Cmdline options: recover,cbcio,sfmconv,streams_interface=openxattr,native_xattr,nfconv,aligned_i o,fstypename=txantfs,fssubtype=0,iosize=1048576,local,adaptiveuid,adaptivegid
13/10/12 8:39:33.246 AM tuxera_ntfs[509]: Mount options: native_xattr,fstypename=txantfs,fssubtype=0,iosize=1048576,local,allow_other,no nempty,relatime,fsname=/dev/disk0s4,volname=BOOTCAMP
13/10/12 8:39:33.000 AM kernel[0]: DSMOS has arrived
13/10/12 8:39:33.000 AM kernel[0]: [IOBluetoothHCIController][staticBluetoothHCIControllerTransportShowsUp] -- Received Bluetooth Controller register service notification
13/10/12 8:39:33.000 AM kernel[0]: [IOBluetoothHCIController][start] -- completed
13/10/12 8:39:33.000 AM kernel[0]: Universal Audio Apollo - 4.0.0.13440 (x86_64) Mar 12 2012 20:19:07
13/10/12 8:39:33.000 AM kernel[0]: [IOBluetoothHCIController::setConfigState] calling registerService
13/10/12 8:39:33.000 AM kernel[0]: TUFS: starting (version 2012.4.17, x86_64 (10.6+), built Apr 17 2012, 11:40:41)
13/10/12 8:39:33.246 AM tuxera_ntfs[509]: License: Valid.
13/10/12 8:39:33.246 AM tuxera_ntfs[509]: Ownership and permissions disabled, configuration type 1
13/10/12 8:39:33.301 AM fseventsd[144]: check_vol_last_mod_time:XXX failed to get mount time (22; &mount_time == 0x10ee45528)
13/10/12 8:39:33.301 AM fseventsd[144]: log dir: /Volumes/BOOTCAMP/.fseventsd getting new uuid: C0009105-8F61-43E9-8563-1BB388632E71
13/10/12 8:39:33.393 AM hidd[540]: Posting 'com.apple.iokit.hid.displayStatus' notifyState=1
13/10/12 8:39:33.409 AM kdc[538]: label: default
13/10/12 8:39:33.409 AM kdc[538]: dbname: od:/Local/Default
13/10/12 8:39:33.409 AM kdc[538]: mkey_file: /var/db/krb5kdc/m-key
13/10/12 8:39:33.409 AM kdc[538]: acl_file: /var/db/krb5kdc/kadmind.acl
13/10/12 8:39:33.432 AM appleeventsd[545]: main: Starting up
13/10/12 8:39:33.435 AM kdc[538]: WARNING Found KDC certificate (O=System Identity,CN=com.apple.kerberos.kdc)is missing the PK-INIT KDC EKU, this is bad for interoperability.
13/10/12 8:39:33.451 AM com.apple.usbmuxd[518]: usbmuxd-296.3 on Jul 25 2012 at 00:28:37, running 64 bit
13/10/12 8:39:33.507 AM loginwindow[535]: Login Window Application Started
13/10/12 8:39:33.508 AM kdc[538]: KDC started
13/10/12 8:39:33.510 AM awacsd[549]: Starting awacsd connectivity-78 (Jul 26 2012 14:37:46)
13/10/12 8:39:33.512 AM apsd[551]: CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102)
13/10/12 8:39:33.513 AM apsd[551]: CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102)
13/10/12 8:39:33.000 AM kernel[0]: macx_swapon SUCCESS
13/10/12 8:39:33.513 AM awacsd[549]: InnerStore CopyAllZones: no info in Dynamic Store
13/10/12 8:39:33.520 AM aosnotifyd[552]: bootstrap_look_up failed (44e)
13/10/12 8:39:33.539 AM locationd[536]: NOTICE,Location icon should now be in state 0
13/10/12 8:39:33.539 AM locationd[536]: locationd was started after an unclean shutdown
13/10/12 8:39:33.611 AM apsd[551]: CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102)
13/10/12 8:39:33.613 AM coreservicesd[27]: FindBestLSSession(), no match for inSessionID 0xfffffffffffffffc auditTokenInfo( uid=0 euid=0 auSessionID=100000 create=false
13/10/12 8:39:33.615 AM mds[532]: (Normal) FMW: FMW 0 0
13/10/12 8:39:33.619 AM WindowServer[567]: Server is starting up
13/10/12 8:39:33.624 AM WindowServer[567]: Session 256 retained (2 references)
13/10/12 8:39:33.624 AM WindowServer[567]: Session 256 released (1 references)
13/10/12 8:39:33.635 AM WindowServer[567]: Session 256 retained (2 references)
13/10/12 8:39:33.636 AM WindowServer[567]: init_page_flip: page flip mode is on
13/10/12 8:39:33.000 AM kernel[0]: en0: 802.11d country code set to 'US'.
13/10/12 8:39:33.000 AM kernel[0]: en0: Supported channels 1 2 3 4 5 6 7 8 9 10 11 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 149 153 157 161 165
13/10/12 8:39:33.898 AM fseventsd[144]: Logging disabled completely for device:1: /Volumes/Recovery HD
13/10/12 8:39:34.000 AM kernel[0]: nspace-handler-set-snapshot-time: 1350110375
13/10/12 8:39:34.000 AM kernel[0]: MacAuthEvent en0 Auth result for: 68:7f:74:a1:24:96 MAC AUTH succeeded
13/10/12 8:39:34.831 AM WindowServer[567]: mux_initialize: Mode is dynamic
13/10/12 8:39:34.847 AM WindowServer[567]: GLCompositor enabled for tile size [256 x 256]
13/10/12 8:39:34.847 AM WindowServer[567]: CGXGLInitMipMap: mip map mode is on
13/10/12 8:39:34.933 AM WindowServer[567]: WSMachineUsesNewStyleMirroring: true
13/10/12 8:39:34.933 AM WindowServer[567]: Display 0x042803c0: GL mask 0x11; bounds (0, 0)[840 x 525], 54 modes available
Main, Active, on-line, enabled, built-in, boot, Vendor 610, Model a00f, S/N 0, Unit 0, Rotation 0
UUID 0x000006100000a00f00000000042803c0
13/10/12 8:39:34.933 AM WindowServer[567]: Display 0x003f003f: GL mask 0x8; bounds (0, 0)[0 x 0], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 3, Rotation 0
UUID 0xffffffffffffffffffffffff003f003f
13/10/12 8:39:34.933 AM WindowServer[567]: Display 0x003f003e: GL mask 0x4; bounds (0, 0)[0 x 0], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 2, Rotation 0
UUID 0xffffffffffffffffffffffff003f003e
13/10/12 8:39:34.933 AM WindowServer[567]: Display 0x003f003d: GL mask 0x2; bounds (0, 0)[0 x 0], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 1, Rotation 0
UUID 0xffffffffffffffffffffffff003f003d
13/10/12 8:39:34.934 AM WindowServer[567]: Created shield window 0x5 for display 0x042803c0
13/10/12 8:39:34.934 AM WindowServer[567]: Created shield window 0x6 for display 0x003f003f
13/10/12 8:39:34.934 AM WindowServer[567]: Created shield window 0x7 for display 0x003f003e
13/10/12 8:39:34.934 AM WindowServer[567]: Created shield window 0x8 for display 0x003f003d
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x042803c0: GL mask 0x11; bounds (0, 0)[840 x 525], 54 modes available
Main, Active, on-line, enabled, built-in, boot, Vendor 610, Model a00f, S/N 0, Unit 0, Rotation 0
UUID 0x000006100000a00f00000000042803c0
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003f: GL mask 0x8; bounds (1864, 0)[1 x 1], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 3, Rotation 0
UUID 0xffffffffffffffffffffffff003f003f
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003e: GL mask 0x4; bounds (1865, 0)[1 x 1], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 2, Rotation 0
UUID 0xffffffffffffffffffffffff003f003e
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003d: GL mask 0x2; bounds (1866, 0)[1 x 1], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 1, Rotation 0
UUID 0xffffffffffffffffffffffff003f003d
13/10/12 8:39:34.936 AM WindowServer[567]: CGXPerformInitialDisplayConfiguration
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x042803c0: MappedDisplay Unit 0; Alias(0, 0x11); Vendor 0x610 Model 0xa00f S/N 0 Dimensions 13.03 x 8.15; online enabled built-in, Bounds (0,0)[840 x 525], Rotation 0, Resolution 2
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003f: MappedDisplay Unit 3; Vendor 0xffffffff Model 0xffffffff S/N -1 Dimensions 0.00 x 0.00; offline enabled, Bounds (1864,0)[1 x 1], Rotation 0, Resolution 1
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003e: MappedDisplay Unit 2; Vendor 0xffffffff Model 0xffffffff S/N -1 Dimensions 0.00 x 0.00; offline enabled, Bounds (1865,0)[1 x 1], Rotation 0, Resolution 1
13/10/12 8:39:34.936 AM WindowServer[567]: Display 0x003f003d: MappedDisplay Unit 1; Vendor 0xffffffff Model 0xffffffff S/N -1 Dimensions 0.00 x 0.00; offline enabled, Bounds (1866,0)[1 x 1], Rotation 0, Resolution 1
13/10/12 8:39:34.936 AM WindowServer[567]: CGXMuxBoot: Boot normal
13/10/12 8:39:34.998 AM WindowServer[567]: GLCompositor: GL renderer id 0x01022647, GL mask 0x0000000f, accelerator 0x00004733, unit 0, caps QEX|QGL|MIPMAP, vram 1024 MB
13/10/12 8:39:35.001 AM WindowServer[567]: GLCompositor: GL renderer id 0x01022647, GL mask 0x0000000f, texture units 8, texture max 16384, viewport max {16384, 16384}, extensions FPRG|NPOT|GLSL|FLOAT
13/10/12 8:39:35.001 AM WindowServer[567]: GLCompositor: GL renderer id 0x01024400, GL mask 0x00000010, accelerator 0x00004d23, unit 4, caps QEX|QGL|MIPMAP, vram 580 MB
13/10/12 8:39:35.003 AM WindowServer[567]: GLCompositor: GL renderer id 0x01024400, GL mask 0x00000010, texture units 8, texture max 16384, viewport max {16384, 16384}, extensions FPRG|NPOT|GLSL|FLOAT
13/10/12 8:39:35.006 AM loginwindow[535]: **DMPROXY** Found `/System/Library/CoreServices/DMProxy'.
13/10/12 8:39:35.014 AM hidd[540]: void __IOHIDLoadBundles(): Loaded 0 HID plugins
13/10/12 8:39:35.050 AM WindowServer[567]: Unable to open IOHIDSystem (e00002bd)
13/10/12 8:39:35.092 AM WindowServer[567]: Created shield window 0x9 for display 0x042803c0
13/10/12 8:39:35.092 AM WindowServer[567]: Display 0x042803c0: MappedDisplay Unit 0; ColorProfile { 2, "Color LCD"}; TransferFormula (1.000000, 1.000000, 1.000000)
13/10/12 8:39:35.108 AM launchctl[585]: com.apple.findmymacmessenger: Already loaded
13/10/12 8:39:35.124 AM com.apple.SecurityServer[15]: Session 100005 created
13/10/12 8:39:35.146 AM hidd[540]: CGSShutdownServerConnections: Detaching application from window server
13/10/12 8:39:35.146 AM hidd[540]: CGSDisplayServerShutdown: Detaching display subsystem from window server
13/10/12 8:39:35.163 AM loginwindow[535]: Login Window Started Security Agent
13/10/12 8:39:35.223 AM SecurityAgent[594]: This is the first run
13/10/12 8:39:35.223 AM SecurityAgent[594]: MacBuddy was run = 0
13/10/12 8:39:35.249 AM WindowServer[567]: MPAccessSurfaceForDisplayDevice: Set up page flip mode on display 0x042803c0 device: 0x10158a320 isBackBuffered: 1 numComp: 3 numDisp: 3
13/10/12 8:39:35.281 AM coreaudiod[592]: 2012-10-13 08:39:35.280987 AM [AirPlay] Started browsing for _airplay._tcp.
13/10/12 8:39:35.281 AM coreaudiod[592]: 2012-10-13 08:39:35.281405 AM [AirPlay] Started browsing for _raop._tcp.
13/10/12 8:39:35.000 AM kernel[0]: virtual bool IOHIDEventSystemUserClient::initWithTask(task_t, void *, UInt32): Client task not privileged to open IOHIDSystem for mapping memory (e00002c1)
13/10/12 8:39:35.965 AM UserEventAgent[587]: cannot find useragent 1102
13/10/12 8:39:36.935 AM WindowServer[567]: **DMPROXY** (2) Found `/System/Library/CoreServices/DMProxy'.
13/10/12 8:39:36.955 AM WindowServer[567]: Display 0x042803c0: MappedDisplay Unit 0; ColorProfile { 2, "Color LCD"}; TransferFormula (1.000000, 1.000000, 1.000000)
13/10/12 8:39:36.965 AM WindowServer[567]: Display 0x042803c0: MappedDisplay Unit 0; ColorProfile { 2, "Color LCD"}; TransferFormula (1.000000, 1.000000, 1.000000)
13/10/12 8:39:37.000 AM kernel[0]: directed SSID scan fail
13/10/12 8:39:39.274 AM SecurityAgent[594]: User info context values set for w00fa
13/10/12 8:39:39.000 AM kernel[0]: MacAuthEvent en0 Auth result for: 68:7f:74:a1:24:96 MAC AUTH succeeded
13/10/12 8:39:39.432 AM SecurityAgent[594]: Login Window login proceeding
13/10/12 8:39:39.618 AM loginwindow[535]: Login Window - Returned from Security Agent
13/10/12 8:39:39.631 AM loginwindow[535]: ERROR | ScreensharingLoginNotification | Failed sending message to screen sharing GetScreensharingPort, err: 1102
13/10/12 8:39:39.657 AM loginwindow[535]: USER_PROCESS: 535 console
13/10/12 8:39:39.000 AM kernel[0]: wlEvent: en0 en0 Link UP virtIf = 0
13/10/12 8:39:39.000 AM kernel[0]: AirPort: Link Up on en0
13/10/12 8:39:39.000 AM kernel[0]: en0: BSSID changed to 68:7f:74:a1:24:96
13/10/12 8:39:39.000 AM kernel[0]: en0::IO80211Interface::postMessage bssid changed
13/10/12 8:39:39.706 AM com.apple.launchd.peruser.501[610]: (com.apple.gamed) Ignored this key: UserName
13/10/12 8:39:39.706 AM com.apple.launchd.peruser.501[610]: (com.apple.gamed) Ignored this key: GroupName
13/10/12 8:39:39.708 AM com.apple.launchd.peruser.501[610]: (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
13/10/12 8:39:39.712 AM loginwindow[535]: Connection with distnoted server was invalidated
13/10/12 8:39:39.717 AM distnoted[615]: # distnote server agent absolute time: 15.385943220 civil time: Sat Oct 13 08:39:39 2012 pid: 615 uid: 501 root: no
13/10/12 8:39:39.000 AM kernel[0]: AirPort: RSN handshake complete on en0
13/10/12 8:39:39.967 AM WindowServer[567]: Received display connect changed for display 0x42803c0
13/10/12 8:39:39.998 AM WindowServer[567]: MPAccessSurfaceForDisplayDevice: Set up page flip mode on display 0x042803c0 device: 0x10158a320 isBackBuffered: 1 numComp: 3 numDisp: 3
Thanks!
-w00f -
Network Client-login Issues...
I have DNS running and tested successfully and Open Directory set up. However, I'm having troubles logging into a client computer from the user workgroup.
My first issue I encountered was with Directory Utility on the client machine. It wouldn't recognize my DNS to add it as a directory server. Let's say its called 'ns1.mydomain.com' ... I get 'no response from server' error. To get around this I used the IP address and it went through.
I then bound the client computer to the directory server. Then, set the login access from the server and set the client computer to allow network login.
When I start up the client computer I can see all of the users from the workgroup directory. But, when I click the name and enter the password, I get an error that the login-name or password is invalid. I am using the correct password and if they username didn't exist, it would show in the login screen.
Am I missing a step or has anyone else had this problem?
Thanks!!Hi Corey
Client machines would need to use the Server as their DNS Server if you want to use the Server's FQDN to join clients to the Server in Directory Utility. I would not use authenticated binding either, at the point where you get presented with fields for user name and passwords etc, don't fill these in. Simply leave the client's bonjour name in the first field and progress past that point.
I'm assuming you created a Computer List (try not to use the default ones) and added the client computers to that list using their MAC addresses?
Next have you shared the sharepoint you are using for Home Folder Creation (the default one is Users) as well as enabling it for automounting home folders? Finally have you created home folders for users in the LDAP node?
If everything else checks out yet users are still failing to authenticate it could be down to a time sync issue? Kerberos tickets are timestamped and if server and client are out by 5 minutes it could explain the invalid log in problem. You could scrub the setting in Directory Utility and try again? But this time have /Library/Preferences open and see if the edu.mit.Kerberos file gets created. Inspect this file and verify that the details are correct for your KDC. Alternatively you could have the Kerberos application open (/System/Library/CoreServices) and see if the client picks up a day ticket.
Tony -
DC Demoted, now issues siezing roles. AD Broken.
Hello,
I've taken ownership of yet another troubled network. This time, the issue is that the server 2012 domain controller was expereincing hardware failure. I set up another Server 2012 machine, managed to add it to the forest, and then demoted the old DC using
dcpromo.
That was a few months ago. Now it appears that I am experiencing some issues with the new domain controller. I noticed issues when I was having trouble logging in. My password no longer works, but I managed to get into the DC using a colleagues' password. Upon
launching Active Directory Users & Computers, I get "Naming information cannot be located because: The specified domain either does not exist or could not be contacted."
Then, I realised that when I go to \\DC2, I don't see any netlogon or sysvol shares. So as I was diagnosing it, I went to check which server holds all the FSMO roles. It looks like DC1 (the old DC which was decomissioned) still held all the roles! I'm not sure
why demotion process didn't shift the roles from the old failing DC to the new DC. So, I went sieze all the roles using ntdsutil. Everything was going smoothly until I went to seize the schema master role using the "sieze schema master" -- at this
point I got an error stating:
Win32 error returned is 0x2098(Insufficient access rights to perform the operati
on.)
Depending on the error code this may indicate a connection,
ldap, or role transfer error.
Transfer of schema FSMO failed, proceeding with seizure ...
ldap_modify of SD failed with 0x32(50 (Insufficient Rights).
Ldap extended error message is 00000005: SecErr: DSID-031521E1, problem 4003 (IN
SUFF_ACCESS_RIGHTS), data 0
Win32 error returned is 0x5(Access is denied.)
So naturally I google it, and it appears the issue here is that the account I am using to do the role siezing has insufficient permissions (i.e. not member of Enterprise Admins/Schema Admins) to conduct this role siezure. However, I have successfully siezed
the Naming Master, PDC, RID, and Infrastructure roles.
Now I am stuck in a chicken and egg situation -- I can't give the account I'm using the correct group permissions beause AD is broken; I can't fix AD because I don't have the permissions.
How can I fix this? Any insight appreciated. I'd like to avoid rebuilding the DC if possible.Hi,
Alright -- I thought the root issue was that I couldn't sieze the roles. After further research it appears there are 2 issues.
1. Netlogon/Sysvol are missing (All the steps I can find on the internet pertaining to restoring Netlogon/Sysvol require the use of FRS, however on my system teh FRS service is set to 'disabled' -- I understand FRS was only used in server 2003 and earlier,
everything after that uses DFS?)
2. There are remnants of the old DC still left behind. Here is the output of dcdiag /E:
3. I can't launch ADUC, Sites & Services or anything like that to fix anything.
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC2
* Identified AD Forest.
Ldap search capability attribute search failed on server DC1, return value = 81
Got error while checking if the DC is using FRS or DFSR. Error: Win32 Error 81The VerifyReferences, FrsEvent and DfsrEvent tests might fail because of this error.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
The host 0478fe4a-28c5-4151-894a-06c5b32bf1a0._msdcs.mydomain.com.au could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc.
Neither the the server name (DC1.mydomain.com.au) nor the Guid DNS name (0478fe4a-28c5-4151-894a-06c5b32bf1a0._msdcs.mydomain.com.au) could be resolved by DNS. Check that the server is
up and is registered correctly with the DNS server.
Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
......................... DC1 failed test Connectivity
Testing server: Default-First-Site-Name\DC2
Starting test: Connectivity
......................... DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Skipping all tests, because server DC1 is not responding to directory service requests.
Testing server: Default-First-Site-Name\DC2
Starting test: Advertising
Fatal Error:DsGetDcName (DC2) call failed, error 1355
The Locator could not find the server.
......................... DC2 failed test Advertising
Starting test: FrsEvent
......................... DC2 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
......................... DC2 failed test DFSREvent
Starting test: SysVolCheck
......................... DC2 passed test SysVolCheck
Starting test: KccEvent
An error event occurred. EventID: 0xC0000466
Time Generated: 06/12/2014 08:57:14
Event String: Active Directory Domain Services was unable to establish a connection with the global catalog.
An error event occurred. EventID: 0xC0000827
Time Generated: 06/12/2014 08:57:21
Event String:
Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Act
ive Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between
domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
A warning event occurred. EventID: 0x8000082C
Time Generated: 06/12/2014 08:58:14
Event String:
......................... DC2 failed test KccEvent
Starting test: KnowsOfRoleHolders
[DC1] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Warning: DC1 is the Schema Owner, but is not responding to DS RPC Bind.
Warning: DC1 is the Schema Owner, but is not responding to LDAP Bind.
......................... DC2 failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC2 passed test MachineAccount
Starting test: NCSecDesc
......................... DC2 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\DC2\netlogon)
[DC2] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... DC2 failed test NetLogons
Starting test: ObjectsReplicated
......................... DC2 passed test ObjectsReplicated
Starting test: Replications
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: DC=ForestDnsZones,DC=mydomain,DC=com,DC=au
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2014-06-12 08:57:21.
The last success occurred at 2013-11-14 00:56:59.
5057 failures have occurred since the last success.
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: DC=DomainDnsZones,DC=mydomain,DC=com,DC=au
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2014-06-12 08:57:21.
The last success occurred at 2013-11-14 01:10:06.
5057 failures have occurred since the last success.
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: CN=Schema,CN=Configuration,DC=mydomain,DC=com,DC=au
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2014-06-12 08:57:33.
The last success occurred at 2013-11-14 00:49:16.
5054 failures have occurred since the last success.
The guid-based DNS name 0478fe4a-28c5-4151-894a-06c5b32bf1a0._msdcs.mydomain.com.au
is not registered on one or more DNS servers.
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: CN=Configuration,DC=mydomain,DC=com,DC=au
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2014-06-12 08:57:27.
The last success occurred at 2013-11-14 00:56:53.
5054 failures have occurred since the last success.
The guid-based DNS name 0478fe4a-28c5-4151-894a-06c5b32bf1a0._msdcs.mydomain.com.au
is not registered on one or more DNS servers.
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: DC=mydomain,DC=com,DC=au
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2014-06-12 08:57:21.
The last success occurred at 2013-11-14 01:34:40.
5056 failures have occurred since the last success.
The guid-based DNS name 0478fe4a-28c5-4151-894a-06c5b32bf1a0._msdcs.mydomain.com.au
is not registered on one or more DNS servers.
......................... DC2 failed test Replications
Starting test: RidManager
......................... DC2 passed test RidManager
Starting test: Services
......................... DC2 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00038D6
Time Generated: 06/12/2014 08:47:34
Event String:
The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data
A warning event occurred. EventID: 0xC000042B
Time Generated: 06/12/2014 08:50:30
Event String:
The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or
could not be contacted.
......................... DC2 failed test SystemLog
Starting test: VerifyReferences
......................... DC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : mydomain
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... mydomain passed test CrossRefValidation
Running enterprise tests on : mydomain.com.au
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... mydomain.com.au failed test LocatorCheck
Starting test: Intersite
......................... mydomain.com.au passed test Intersite
and the result of repadmin /showreps:
C:\Windows\system32>repadmin /showreps
Default-First-Site-Name\DC2
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 219d0225-9342-49c5-a00d-e233b042e075
DSA invocationID: 3587d588-d03b-47e1-81ce-88d14d99a052
==== INBOUND NEIGHBORS ======================================
DC=mydomain,DC=com,DC=au
Default-First-Site-Name\DC1 via RPC
DSA object GUID: 0478fe4a-28c5-4151-894a-06c5b32bf1a0
Last attempt @ 2014-06-12 08:57:21 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
5056 consecutive failure(s).
Last success @ 2013-11-14 01:34:40.
CN=Configuration,DC=mydomain,DC=com,DC=au
Default-First-Site-Name\DC1 via RPC
DSA object GUID: 0478fe4a-28c5-4151-894a-06c5b32bf1a0
Last attempt @ 2014-06-12 08:57:27 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
5054 consecutive failure(s).
Last success @ 2013-11-14 00:56:53.
CN=Schema,CN=Configuration,DC=mydomain,DC=com,DC=au
Default-First-Site-Name\DC1 via RPC
DSA object GUID: 0478fe4a-28c5-4151-894a-06c5b32bf1a0
Last attempt @ 2014-06-12 08:57:33 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
5054 consecutive failure(s).
Last success @ 2013-11-14 00:49:16.
DC=DomainDnsZones,DC=mydomain,DC=com,DC=au
Default-First-Site-Name\DC1 via RPC
DSA object GUID: 0478fe4a-28c5-4151-894a-06c5b32bf1a0
Last attempt @ 2014-06-12 08:57:21 failed, result 1256 (0x4e8):
The remote system is not available. For information about network troubleshooting, see Windows Help.
5057 consecutive failure(s).
Last success @ 2013-11-14 01:10:06.
DC=ForestDnsZones,DC=mydomain,DC=com,DC=au
Default-First-Site-Name\DC1 via RPC
DSA object GUID: 0478fe4a-28c5-4151-894a-06c5b32bf1a0
Last attempt @ 2014-06-12 08:57:21 failed, result 1256 (0x4e8):
The remote system is not available. For information about network troubleshooting, see Windows Help.
5057 consecutive failure(s).
Last success @ 2013-11-14 00:56:59.
Source: Default-First-Site-Name\DC1
******* 5057 CONSECUTIVE FAILURES since 2013-11-14 01:34:40
Last error: 1256 (0x4e8):
The remote system is not available. For information about network troubleshooting, see Windows Help.
DC1 is long gone -- since 2013-11-14 as shown on the last lines of the above output of repadmin. How can I remove all remnants of this old DC?
I have tried to follow steps in this KB article http://support.microsoft.com/kb/315457/en-gb but the FRS service will not start on my server at all (probably as I'm using DFS). Are there special steps needed to be taken on a server if the SYSVOL/NETLOGON folders
are using DFS rather than FRS? That article appears to be for Win server 2003 and not 2012. -
Com.apple.kerberos.kdc certificate
The com.apple.kerberos.kdc certificate is a self signed root certificate(atleast it claims to be so) and is from a non trusted source. Should i keep it? Also, there is(was) another certificate that i accidentally deleted that too claims to be related to apple. Anyone have any opinion on these certificates? Only these two are set to expire in 2028. Rest of the certificates are all trusted and have no expiry dates.
I am having issue with com.apple.kerberos.kdc certificate(s) as well. I recently setup OS X Server 10.5 with updates to v10.5.2. I cannot get Mail, iCal/CalDAV, Sharing, and other serves to work from my client computers. It appears the issue is related to security and certficates named com.apple.kerberos.kdc & com.apple.systemdefault where the root certificates are self-signed and have the error message, "This root certificate is not trusted". Currently working to resolve this issue. So far it looks like I need to use Certificate Assistant to setup myself as CA (certificate authority) on my server and then set the trust values for the certificate. Since I'm a new comer to OS X Server I am still researching and looking for direction prior to proceeding. I setup OS X 10.5.x server in standard mode using Server Assistant, but expect to eventual switch to advanced mode when I get up to speed with server setting and preferences.
Anyone have any advise on how to resolve this certificate problem? -
Error "kdc: Server not found in database" on attempted connections using Network User Credentials
I am rebuilding my system after a recent debacle with Time Machine, which resulted in a complete wiping of my Open Directory contents. At this point, users can log into various computers on the network, when the hosts have been reconnected to the newly formed Open Directory and the trust certificate has been authorized. However, when users attempt to connect to any file share, the Network User Account credentials fail to gain access.
I am running Mac OS X 10.9.4 on all systems. Two mac-mini's are running OS X Server 3.1.2. One of these servers (mavericks1.pediatricheartcenter.org) is the Open Directory. While testing the system, I am using the console on "Mavericks1," so the following discussion involves communication between the two server hosts only.
From Mavericks1, I open the console and attempt to connect to my file server, named fileserver.pediatricheartcenter.org. I clear the console just prior to sending a "registered user" request to "FileServer" to gain access. Careful examination of the console records shows the following:
1. The Network User is authorized with a message "ENC-TS pre-authentication succeeded".
2. Mavericks1 lists a console message that reads "kdc: Server not found in database: krbtgt/[email protected]:no such entry found in hdb"
3. Mavericks1 lists a console message that reads "kdc: Server not found in database: cifs/[email protected]: no such entry found in hdb"
4. The process registers what appears to be a final failure before trying again with "kdc: Failed building TGS-REP to 127.0.0.1:64390"
FileStorage.local does not exist in the DNS, nor does it exist on FileStorage.pediatricheartcenter.org. That (local) host name was removed when the domain host name for filestorage.pediatricheartcenter.org was created.
1. Why does the kerberos process reference a host name that does not exist?
2. What might be causing the failed authentication exchange?
3. What can be done to remedy the issue?I spent some time on the phone with Apple Support on Friday. Thank you to Linc Davis for providing some insights into the issues.
As a result of the conversation with Apple Support we learned the following, which I will report here for those who might find this page again:
First, OpenDirectories are extremely fragile. Once you have turned on your OpenDirectory, do not do any of the following:
Do NOT change the host name.
Do NOT change the IP address.
If you are going to attempt either of these things, you should make a clone of your drive (not just a TimeMachine backup, a fully bootable clone, just in case).
Performing these activities (particularly the changing of the host name) will "break" your open directory, and the only way to rebuild the open directory is first to fully destroy the original. Several services are also destroyed when OpenDirectory is broken, the most notable is Profile Manager.
DESTROYING OPEN DIRECTORY
To fully destroy OpenDirectory, it is more complex than simply turning off the OpenDirectory and turning it back on again. Perform the following steps:
Install WorkGroup Manager (it is depricated, but Apple still has a version available for use with OS X Mavericks to handle functions that the Server App does not perform like exporting users and groups).
Sign into WorkGroup Manager as the directory administrator (user name defaults to "diradmin" the password is defined on OpenDirectory creation).
Export the Users, Groups, Computers and Computer Groups to the Desktop or another safe location.
Close WorkGroup Manager
Turn off the OpenDirectory in Server App.
Delete the Server App from the Applications folder and put it in the Trash. (This will disable any active services that are marking various files as being currently in use. Don't worry, we will restore it from the Trash when we are done).
In the terminal, run the following command: sudo slapconfig -destroyldapserver
Make a backup of all website files (just in case)
Navigate to the folder /Library/Server and delete the ProfileManager folder. (If you willing to do so, delete the whole Server folder).
After deleting various folders in the /Library/Server directory, restore the Server.app from the Trash.
Run the Server App.
Set the computer's network connection and host name.
Create a new OpenDirectory.
Use WorkGroup Manager to import any exported files from Step 3.
If you deleted the entire Server directory, use the website backup to retrieve the files that comprise your web site(s) and use the Server App to link the file directories to the Web site's domain name(s).
Personal Note: These instructions got me farther than any other tips I had received previously. After following these instructions, I was able to rebuild my Open Directory. During the process of copying files from the old user home folders into the new user home folders, the computer froze and when it rebooted, all the users and groups I had created during the day had disappeared. Rather than trouble-shooting it again, I decided to do a fresh installation.
A NOTE ON HOME FOLDERS
PER APPLE SUPPORT: Do NOT use the default /Users directory for Network users. Apple Support wanted me to rebuild the home directory, but they noted I was not able to do this, because I had used /Users. This folder ("/Users") is a critical component of the OS X system, and will cause additional problems if the folder is destroyed and rebuilt. The directory id and permissions must remain unchanged from the original installation.
For this reason, Server administrators (like yourself) should use File Sharing in the Server App to create a new anchor point for home directories. Create a shared folder. Ensure that it is shared over the protocols that you will be using (AFP, SMB, WebDav), and then after selecting these values, check the box that allows the folder to be used as a home directory at the bottom of this list. This box will be greyed out if the system is not already bound to an OpenDirectory. If you have activated OpenDirectory on the same machine, the machine will operate as if bound to itself, and this field will be active. If the FileShare server is NOT an OpenDirectory master or replica, then bind the machine to an OpenDirectory via the "System Preferences > Users & Groups > Login Options".
If the local area network has FileShares that are enabled for home directory use, the folders will appear in the User Profile editor under the Home Folder list (See image)
In the screenshot above, I have selected a shared directory named "HomeFolders". By using specially defined home folder directory, the server administrator has the option of deleting and modifying the home folder if necessary. Creating a home folder directory in a location other than "/Users" is the recommended best practice by Apple Support.
If you are inserting files into the home folders, you will need to change the owner and the group to the new owners names. I copied files from the old user directories into the new user directories so that the users would have access to their old files. When my OpenDirectory crashed, and all the users were recreated, they were recreated with different system level user id's. The system therefore maintains a memory that the file was owned by the original owner, even though the system administrator has put it in the new user profile's folder. To fix this, do the following:
1. Prior to making the copy, run "ls -al" from the terminal on the new home directory root. You are looking for the default folder owner and default folder group. On my system it was the user name and a group named "staff".
2. When making the copy, do not replace the user folder. Copy the files into the file folder, not over it.
3. After you have moved files into the user's folders, you can use "sudo chown -R [owner]:[group] [homeFolderPath]/*" and "sudo chmod -R 700 [homeFolderPath]/*" (replace the [owner] and [group] portions of these commands with the owners and groups identified by the command in step 1, and replace [homeFolderPath] with a path to the user directory created for the specific user.
For example:
For the user johnnybgood, we might see the following:
1. We run "ls -al" on the newly created home folder and find that the folder /Volumes/HomeFolders/johnnybgood is owned by johnnybgood and the group "staff".
2. We copy or move files from the old locations using commands similar to the following:
sudo mv /OldFolderLocation/johnnybgood/Documents/* /Volumes/HomeFolders/johnnybgood/Documents
sudo mv /OldFolderLocation/johnnybgood/Desktop/* /Volumes/HomeFolders/johnnybgood/Desktop
sudo mv /OldFolderLocation/johnnybgood/Music/* /Volumes/HomeFolders/johnnybgood/Music
....etc....
(notice how we are not just moving the old johnnybgood folder to the new location.)
3. Next, we change the ownership and file permissions:
sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Documents
sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Desktop
sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Music
...etc...
sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Documents
sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Desktop
sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Music
...etc...
4. Let the user log in and use the system normally. -
MBAM 2.5 - Websites on Port 81 - SPN Question / Kerberos Issues?
Because I'm installing the websites on a server that also has a ConfigMgr DP and MP, I'm picking a custom port during installation (port 81). I pre-created the SPN with http/my.server.name:81 but I'm still having issues.
The installer still complains about not being able to create the SPN itself since I'm not installing as a domain administrator. However, the warnings and log messages all say it is trying to create an SPN without the port number (http:/my.server.name).
Unfortunately, the MBAM clients are not able to check in and show errors with Event ID 2 and 4 the MBAM logs:
An error occurred while applying MBAM policies.
Volume ID:\\?\Volume{7c3de574-d716-11e3-810f-f8b156dde320}\
Error code:
0x803d0005
Details:
Access was denied by the remote endpoint.
And
An error occurred while sending encryption status data.
Error code:
0x803d0005
Details:
Access was denied by the remote endpoint.
I also get a Security-Kerberos error eventID 4 in the System Log:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server mbam-apppooluser. The target name used was HTTP/my.server.name. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (my.domain) is different from the client domain (my.domain), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
The group policies point at my.server.name:81 so I'm wondering why Kerberos is coming back with an error for http/my.server.name.
Was I not supposed to include the port number in the SPN? Has anyone actually tried MBAM 2.5 on an alternative port?
Thanks for the help,
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you've found a bug or want the product worked differently,
share your feedback.
<-- If this post was helpful, please click "Vote as Helpful".The user is a member of both those groups. Entering the user credentials does not get into the website anymore.
I've actually moved to a clean server and installed on port 80 to take this SPN issue off the table, and not deal with the websites not working anymore. The clean server's web sites are accessible after signing in.
Unfortunately, although the test clients no longer show a Kerberos error in the System event logs,
the MBAM client event logs still have the 0x803d0005 error. I don't see any errors on the MBAM Server operational logs.
The IIS logs show the request to /MBAMRecoveryAndHardwareService/CoreService.svc having a status of 200, but the request to /MBAMComplianceStatusService/StatusReportingService.svc is showing status 401.
Thoughts?
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you've found a bug or want the product worked differently,
share your feedback.
<-- If this post was helpful, please click "Vote as Helpful". -
I've been noticing The Error with event ID 11 popping up a lot on our domain controllers:
The KDC encountered duplicate names while processing a Kerberos authentication request.
When running setspn -X it says that it found 111 groups of duplicate SPNs. However, when going through the list, it references domain service accounts that are used to run our SQL Server services. We have about 50 remote locations and each of them has 3
machines participating in a SQL mirror (principal, mirror, witness) and they all run the SQL Server service on the same account (1 account per location).
We haven't experienced any issues at all but I was wondering if this could cause problems or if we are straying from best practice. Any advice is welcome. Thanks!I believe what you should do to follow best practice is to provide unique SPNs for each SQL server, which will also provide increased security, and to do that you must create individual service account for each SQL server so it can associate that
account with that server's SPN.
Here's more on it to help guide you. Read Paul's comments, as well as other suggestions in the following thread:
event ID 11 There are multiple accounts with name MSSQLSvc/xxxxxx
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8df35316-23ba-48ba-aa3e-2249fcbfecbc/event-id-11-there-are-multiple-accounts-with-name-mssqlsvcxxxxxx?forum=winserverDS
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights. -
ISE Distributed System - AD join issue
Hi,
We have deployed 04 ISE nodes in the following senario. (ISE ver 1.1.2.245)
1 ISE - Primary (A) Secondary (M)
2 ISE - Primary (M) Secondary (A)
3 ISE - Policy Service (PDP)
4 ISE - Policy Service (PDP)
When integrating with AD, we can only integrat to the 1 ISE only. NTP, Timezone, DNS working on all 04 boxes perfectly. We are getting the attached error while integrating AD with other ISE nodes.
In the above senario, what ISE nodes should have the AD joined, only the PDP or all 04 nodes should have joined..?
Can someone please advise. Please see the attached screenprints for the deployment and detailed error while joining to AD.
Thanks in advance.Hi Neno,
Below is the debug logs for AD joining. I can see the below two issues, but dont know how to find the solution..
•1) (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
•2) SASL bind to ldap/[email protected] - GSSAPI Mechanism with Kerberos error ": Cannot contact any KDC for requested realm"
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state ProbePorts complete for hqv-dcs-02.xxx.gov.qa. Elapsed time 0.014737 secs
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findkdc KDC locator for xxx.GOV.QA
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _kerberos._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.kerberos.keytab GetSaltFromKDC returns: xxx.GOV.QAAdmin-Asif
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.aduser getSalt update: user:[email protected] salt:xxx.GOV.QAAdmin-Asif
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findkdc KDC locator for xxx.GOV.QA
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _kerberos._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:53:47 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findkdc KDC locator for xxx.GOV.QA
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _kerberos._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Performing LDAP binding with GSSAPI mechanisms to server - hqp-dcs-01.xxx.gov.qa
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findkdc KDC locator for xxx.GOV.QA
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _kerberos._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:53:49 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.osutil Module=Kerberos : SASL bind to ldap/[email protected] - GSSAPI Mechanism with Kerberos error ": Cannot contact any KDC for requested realm" (reference base/adbind.cpp:495 rc: -1765328228)
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST:reportFailure: hqp-dcs-01.xxx.gov.qa
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DIAG base.bind.ad connectToServiceInDomain: Failed to connect to hqp-dcs-01.xxx.gov.qa:389: SASL bind to ldap/[email protected] - GSSAPI Mechanism with Kerberos error ": Cannot contact any KDC for requested realm"
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _ldap._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Attempting to connect to a DC in site 'xxxsite'
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Connecting to hqv-dcs-02.xxx.gov.qa:389
Mar 3 09:54:04 xxx-TW-ISE-2 adjoin[27660]: DIAG base.bind.ldap 10.0.11.52:389 fetch dn="" filter="(objectclass=*)" timeout=11
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG lrpc.adobject new object:
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Connected root=DC=xxx,DC=gov,DC=qa, domain=xxx.GOV.QA functionality=3
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Address of hqv-dcs-02.xxx.gov.qa is 10.0.11.52
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Performing LDAP binding with GSSAPI mechanisms to server - hqv-dcs-02.xxx.gov.qa
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findkdc KDC locator for xxx.GOV.QA
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domaincontroller: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG dns.findsrv FindSrvFromDns(0): _kerberos._tcp.xxxsite._sites.xxx.gov.qa
Mar 3 09:54:06 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST: SniffList: postfailsort=hqv-dcs-02.xxx.gov.qa, hqp-dcs-01.xxx.gov.qa
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.osutil Module=Kerberos : SASL bind to ldap/[email protected] - GSSAPI Mechanism with Kerberos error ": Cannot contact any KDC for requested realm" (reference base/adbind.cpp:495 rc: -1765328228)
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG network.state NST:reportFailure: hqv-dcs-02.xxx.gov.qa
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad connectToList: Failed to connect to hqv-dcs-02.xxx.gov.qa:389: SASL bind to ldap/[email protected] - GSSAPI Mechanism with Kerberos error ": Cannot contact any KDC for requested realm"
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.osutil Module=LDAP : reconnect failed (reference base/adbind.cpp:785 rc: -11)
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG base.bind.ad Destroying binding to 'xxx.GOV.QA'
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting zonename to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting schema to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting zone to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.dc.xxx.gov.qa: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting domaincontroller to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting site to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting domain to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting prew2k.host to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting host to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG cli.adjoin Unexpected LDAP Error Connect error
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG cli.adjoin due to unexpected configuration or network error.
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG cli.adjoin Please try the --verbose option or run 'adinfo --diag' to diagnose the problem.
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting host to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: DEBUG util.settings Setting prew2k.host to
Mar 3 09:54:21 xxx-TW-ISE-2 adjoin[27660]: INFO cli.adjoin Join to domain 'xxx.gov.qa', zone 'null' failed.
Mar 3 09:54:23 xxx-TW-ISE-2 adinfo[27666]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:23 xxx-TW-ISE-2 adinfo[27666]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:23 xxx-TW-ISE-2 adinfo[27668]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:23 xxx-TW-ISE-2 adinfo[27668]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:33 xxx-TW-ISE-2 adinfo[28164]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:33 xxx-TW-ISE-2 adinfo[28164]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:44 xxx-TW-ISE-2 adinfo[28172]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:44 xxx-TW-ISE-2 adinfo[28172]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:54 xxx-TW-ISE-2 adinfo[28900]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:54:54 xxx-TW-ISE-2 adinfo[28900]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:05 xxx-TW-ISE-2 adinfo[28905]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:05 xxx-TW-ISE-2 adinfo[28905]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:16 xxx-TW-ISE-2 adinfo[28907]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:16 xxx-TW-ISE-2 adinfo[28907]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:27 xxx-TW-ISE-2 adinfo[28911]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:27 xxx-TW-ISE-2 adinfo[28911]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:38 xxx-TW-ISE-2 adinfo[28913]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:38 xxx-TW-ISE-2 adinfo[28913]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:49 xxx-TW-ISE-2 adinfo[28920]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:55:49 xxx-TW-ISE-2 adinfo[28920]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:56:00 xxx-TW-ISE-2 adinfo[28988]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:56:00 xxx-TW-ISE-2 adinfo[28988]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2)
Mar 3 09:56:11 xxx-TW-ISE-2 adinfo[29010]: DEBUG util.except (IO) : Cannot open file /var/centrifydc/kset.domain: No such file or directory (reference util/setting.cpp:106 rc: 2) -
Hi Guy's
Small issue I have here, every 7days my Domain controllers (Server 2008r2) give up on me and will not authenticate users on the domain. when opening ADUC I get the following error:
"Naming information cannot be loacted for the following reason: The server is not operational
If you are trying to connect to a Domain Controller running Windows 200, verify that the Windows 2000 Server Service Pack 3 or later is installed on the DC, or use the Windows 2000 administration tools. For more information about connecting to
DC's running 2000, see Help and Support"
When I try to run a DCDIAG on the faulty server I get the following:
"Directory Server Diagnosis
Performing inital setup:
Trying to find home server...
Home Server = <servername>
Ldap search capability attribute search failed on server <servername>, return value = 81"
The server can ping the other DC and can be pinged by the other DC. It can also resolve IP to name.
I have checked numerous site and all of the issues I have seen point to 2003 server. I have disabled all of the AV on the servers and when I have ran DNSLINT get the following:
"c:\Atos\dnslint>dnslint /ad /s localhost
DNSLint will attempt to verify the
DNS entries used in AD replication
Using 127.0.0.1 for LDAP
DNSLint will check if the local system can
resolve the CNAME and glue (A) records
used for Active Directory forest replication
using its locally configured DNS server(s)
This process may take several minutes to complete.........
LDAP query to speficied LDAP server on TCP port 389 failed
Server Down
LDAP query to speficied LDAP server on TCP port 389 failed
LDAP server specified appears to be down
Specify a different LDAP server and run the command again"
But I can telnet to the server on port 389.
This happens on both my Physical and Virtual DC, once I reboot the problem server it all works fine for 7 days then happens again.
Any thoughts would be appreciated.
CheersHi Ace,
Thanks for joining the quest. I'm looking at the logs now as I have done in the past nothing is standing out but I will come back to you.
IPConfig:
>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : <Server Name>
Primary Dns Suffix . . . . . . . : <Domain Name>.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : <Domain Name>.COM
Ethernet adapter Production Team:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Production:Production Team
Physical Address. . . . . . . . . : AC-16-2D-AF-D2-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : xx.xx.222.210(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.192
Default Gateway . . . . . . . . . : xx.xx.222.193
DNS Servers . . . . . . . . . . . : xx.xx.222.210
xx.xx.222.206
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Management Team:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Management:Management Team
Physical Address. . . . . . . . . : AC-16-2D-AF-D2-E4
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : xx.xxx.54.142(Preferred)
Subnet Mask . . . . . . . . . . . : xxx.xxx.255.192
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : xx.xxx.54.142
NetBIOS over Tcpip. . . . . . . . : Enabled
Test Results:
>nltest /dsgetdc:<Domain Name>.com /force /gc
DC: \\<DC Name>
Address: \\<IP Address>
Dom Guid: cd44855f-3bc7-492f-aaaf-890c359a328c
Dom Name: <Domain Name>.COM
Forest Name: <Domain Name>.COM
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_
FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully
>repadmin /showattr <DC Name> "DC=<Domain Name>,DC=COM" /subtree
/filter:"(&(objectClass=user)(name=<admin Account>))" /atts:name /gc
DN: CN=<admin Account>,CN=Users,DC=<Domain Name>,DC=COM
1> name: <Admin Account>
The test results are working now but I did reboot the server last night as the other DC is due to go at some point today. I have a feeling that I have done this before and the second test failed
stating "LDAP lookup failed"
I've also read the above link and there is only one site listed when running the repadmin but I will try again once the second DC fails today.
Thanks for your help Ace
Maybe you are looking for
-
Confusion with the use of PDF417 Barcodes
I am trying to get clarification on what is required to utilize the Acrobat Designer to create a form that creates a PDF417 barcode. Here is the scenario: We would like to create a form with Designer (bundled with Acrobat 7.0 Professional)that will b
-
Init w/o data transfer shows Added/Transfrd - 1/1
Hi , Init w/o data transfer load was successful after having applied <i>Note 689964 - ODS object: Switching from a full to delta upload !</i> I have two weird ( nt sure ) issues below : <b>Issue 1</b> On Manage screen I see Added - 1 & Transferred -
-
Inconsistency in the Dictionary for the structure "MC02M_0ITM".
Hi Expert, we are applying ehp3 for ERP 6.0. I am getting the below abap dump DDIC_TYPE_INCONSISTENCY. Runtime Errors DDIC_TYPE_INCONSISTENCY Date and Time 29.08.2011 10:12:27 Short text Inconsistency in the Dictionary for the structure
-
Dreamweaver CS5 crashes when putting file to server.
Recently I've had occational crashes when putting file to server, but it worked when I rebooted system. Now, even I reboot the system, whenever I try to put a file into the web server, it crashes. Message shows: Adobe Dreamweaver CS5 has stopped work
-
MacBook Pro (retina display) power issues
why wouldn't my mac turn on when I open it, I have to keep pressing the power button for 5 min before it turns on? even though I only left it to sleep and when it finally turns on it restarts again...i just bought it 5 months back and its brand new..