No Sysvol or Netlogon Shares
Good Evening experts,
I have a Windows 2003 Standard DC which will soon be replaced with a Windows 2008 DC. I have given the 2008 box the DC role but I have noticed neither the sysvol nor netlogon share have appeared on the new DC. When I looked into this further,
I found this error on the 2003 server:
"The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR. Replica set name
is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" Replica root path is : "c:\windows\sysvol\domain" Replica root volume is : "\\.\C:" A Replica set hits JRNL_WRAP_ERROR when the record that it
is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons. [1] Volume "\\.\C:" has been formatted. [2] The NTFS USN journal on volume "\\.\C:" has been deleted.
[3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal. [4] File Replication Service was not running on this computer for a long time. [5]
File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:". Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically
recover from this error state. [1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs"
to restart the File Replication Service. [2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set. WARNING: During the recovery process data in
the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making the data unexpectedly unavailable if this error condition occurs again.
I don't have another DC to pull the sysvol/netlogon details from and wanted some advice.
Bud
BHeld,
Cheers for your reply, I was going to go down this road but wanted to ensure I was on the correct path. In addition, this particular domain is part of an overall forest but the other child domains are fine, its just this one that won't replicate.
Do I need to do anything on the domains in the other child domains or just what you had specified above? cheers
Dinesh,
Polices and Script folder is still there. Cheers
Bud
You only need to modify one of the DC in the problem domain. There is noting to be done in all other domains which are working fine. BTW, Sysvol/Netlogon shares are not replicated to other domains.
Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R
(2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 1)
(2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 2)
(2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 3)
(2011-06-22) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 4)
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.
Similar Messages
-
DSGETDCNAME advertising test failing. SYSVOL and NETLOGON shares not replicating. Please help!!!
Hello all. We are currently running a Windows Server 2003 ADDC as a virtual machine on a Windows Server 2012 host using Hyper-V. We have recently added a second Windows Server 2012 ADDC also as a Hyper-V VM. I promoted the 2k12 to a DC, transferred all FMOS
roles, and tested AD replication. All AD data was replicated fine. However a DCDIAG (the results of which I have attached to this post) show a few errors.
First off, it is failing the advertising test. This is more than likely due to a DNS error. Unfortunately, I can not seem to find the error within the DNS to resolve it.
Secondly, it is failing the KccEvent test; also seeming as a DNS related error.
Thirdly, both SYSVOL and NETLOGON shares were not successfully replicated. This is likely the basis for the other issues. Without these successfully replicated, I can not demote the 2K3 server; which is the goal in the end, to replace the old server with
the new.
I am willing to try just about anything, so any suggestions would be greatly appreciated. As for what I have tried, I have tried a non-authoritative restore using burr flags with no success. I CAN ping both DCs from each other ensuring connectivity. All
users can currently log on to the server (due to the fact that the 2K3 server is still running and still holds the SYSVOL and NETLOGON shares).
Once again, any help would be greatly appreciated! Thank you in advance!
DCDIAG Output:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = RETIRED2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\RETIRED2012
Starting test: Connectivity
......................... RETIRED2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\RETIRED2012
Starting test: Advertising
Warning: DsGetDcName returned information for
\\retired1.RetireFirst.local, when we were trying to reach
RETIRED2012.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... RETIRED2012 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... RETIRED2012 passed test FrsEvent
Starting test: DFSREvent
......................... RETIRED2012 passed test DFSREvent
Starting test: SysVolCheck
......................... RETIRED2012 passed test SysVolCheck
Starting test: KccEvent
An error event occurred. EventID: 0xC0000827
Time Generated: 08/09/2013 22:08:34
Event String:
Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
A warning event occurred. EventID: 0x80000677
Time Generated: 08/09/2013 22:10:02
Event String:
Active Directory Domain Services attempted to communicate with the following global catalog and the attempts were unsuccessful.
An error event occurred. EventID: 0xC0000466
Time Generated: 08/09/2013 22:10:06
Event String:
Active Directory Domain Services was unable to establish a connection with the global catalog.
......................... RETIRED2012 failed test KccEvent
Starting test: KnowsOfRoleHolders
......................... RETIRED2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... RETIRED2012 passed test MachineAccount
Starting test: NCSecDesc
......................... RETIRED2012 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\RETIRED2012\netlogon)
[RETIRED2012] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... RETIRED2012 failed test NetLogons
Starting test: ObjectsReplicated
......................... RETIRED2012 passed test ObjectsReplicated
Starting test: Replications
......................... RETIRED2012 passed test Replications
Starting test: RidManager
......................... RETIRED2012 passed test RidManager
Starting test: Services
......................... RETIRED2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:06:48
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:06:49
Event String:
Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x00001696
Time Generated: 08/09/2013 22:07:44
Event String:
Dynamic registration or deregistration of one or more DNS records failed with the following error:
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:07:51
Event String:
Name resolution for the name retired1.RetireFirst.local timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:08:23
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:08:35
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
An error event occurred. EventID: 0x0000041E
Time Generated: 08/09/2013 22:08:45
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x00000423
Time Generated: 08/09/2013 22:08:53
Event String:
The DHCP service failed to see a directory server for authorization.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:04
Event String:
Name resolution for the name isatap timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:08
Event String:
Name resolution for the name e45ad288-70ff-4d9e-adf9-3035e459e126._msdcs.RetireFirst.local timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:21
Event String:
Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0x00000423
Time Generated: 08/09/2013 22:11:14
Event String:
The DHCP service failed to see a directory server for authorization.
An error event occurred. EventID: 0x0000041E
Time Generated: 08/09/2013 22:13:45
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
......................... RETIRED2012 failed test SystemLog
Starting test: VerifyReferences
......................... RETIRED2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : RetireFirst
Starting test: CheckSDRefDom
......................... RetireFirst passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... RetireFirst passed test CrossRefValidation
Running enterprise tests on : RetireFirst.local
Starting test: LocatorCheck
......................... RetireFirst.local passed test LocatorCheck
Starting test: Intersite
......................... RetireFirst.local passed test IntersiteThank you for your response first of all! And in response:
1. "Retired1" is the 2k3 ADDC / DNS Server. It currently has a different IP than the 2K12 Server. Verified with ipconfig/all.
2. I set 2K12 to only 2K3 for DNS; no external ISP servers or itself listed. Registered DNS, restarted netlogon; no success.
3. ipconfig/all for 2K12 server here:
Windows IP Configuration
Host Name . . . . . . . . . . . . : RETIRED2012
Primary Dns Suffix . . . . . . . : RetireFirst.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : RetireFirst.local
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-15-5D-01-33-0A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8159:4f0c:4071:d780%12(Preferred)
IPv4 Address. . . . . . . . . . . : 172.21.69.246(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.192
Default Gateway . . . . . . . . . : 172.21.69.250
DHCPv6 IAID . . . . . . . . . . . : 251663709
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-74-BE-C0-00-15-5D-01-33-0A
DNS Servers . . . . . . . . . . . : 172.21.69.240
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{8317BEC2-079A-4846-B6B2-1AE3E2784691}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
4. The 2K12 is a GC; yes.
Thanks again and hopefully we can work this out!
Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
Can you post and unedited output of ipconfig /all from the 2012 server?
Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882
Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
Can you post and unedited output of ipconfig /all from the 2012 server?
Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882
Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
Can you post and unedited output of ipconfig /all from the 2012 server?
Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882 -
Want to modify sysvol and netlogon share permissions
HI all,
As per security concern we need to remove the everyone from share permission on SYSVOL and NETLOGON share.......can anyone provide me the suggesstion for the same...or any documented article which says that how to do it or what precaution showld we take....
Or if the permission is by design has any document or Kb article which says the permission should not be changed.
Appreciate any help.
Thanks........
Ahmed Gaziyani Enterprise Admin.Hello,
If you remove such permission then you will have issues in appliance of group policies and netlogon scripts on your users. Users should have at least read permission on the SYSVOL folder so that group policies and netlogon scripts will be applied.
More if you ask them here: http://social.technet.microsoft.com/Forums/en-US/winserverGP/threads
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified
IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer -
Monitor Sysvol and netlogon Share availability on domain controllers
I need to monitor availability of sysvol and Netlogon shares on all our domain controllers around 20 in all.
What is the best way for us to do that.
I have seen scripts that monitor share availability but that would mean i create 40 such 2 times script monitors , that is too much of manual work..
Any advice.I looked into the discovered Inventory (SysVol for windows 2008) I see all theobjects
But the path shows as dc01.domain.com\dc01\sysvol
However we never get notified when the sysvol share is inaccessible.
We have had a number of cases when the DC is online but somehow we cant access the sysvol share
We need a monitor to alert us in such a case;
I modified the our script to include %computername% and targeted it to all dC's group,
Dim oAPI, oBag
Set oAPI = CreateObject("MOM.ScriptAPI")
Set oBag = oAPI.CreatePropertyBag()
Set objFSO = CreateObject("Scripting.FileSystemObject")
strFile = "\\%computername%\sysvol\"
If objFSO.FolderExists(strFile) Then
Call oBag.AddValue("Status","Exist")
Call oAPI.Return(oBag)
Else
Call oBag.AddValue("Status","NotExist")
Call oAPI.Return(oBag)
End If
However the monitor alerted critical immediately.
How should the monitor be.
I though if i put \\%computername%\sysvol\ in the script and send it to all the DC's group then it will start monitoring as \\dc01\sysvol etc -
Pls help: SYSVOL and NetLOGON share not ready after creating first Windows 2012 DC
Hi all,
I'm setting up the first DC on Windows server 2012 following steps here (social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-a-windows-server-2012-domain-controller.aspx).
DCdiag gives following errors in SysVolCheck, services, and Netlogons while the rest of tests are successful:
------------------------- cut here --------------------------
Test omitted by user request: DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
[ORT001C] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
The registry lookup failed to determine the state of the SYSVOL. The error returned was 0x43
"The network name cannot be found.". Check the FRS event log to see if the SYSVOL has successfully been
shared.
......................... ORT001C failed test SysVolCheck
[snipped]
Starting test: Services
Could not open Remote ipc to [ort001c.ad1.mydomain]: error 0x43 "The network name cannot be found."
......................... ORT001C failed test Services
[snipped]
Starting test: NetLogons
* Network Logons Privileges Check
[ORT001C] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... ORT001C failed test NetLogons
------------------------- cut here --------------------------
Some information collected:
----------------------- cut here --------------------
- net share
Share name Resource Remark
C$ C:\ Default share
IPC$ Remote IPC
ADMIN$ C:\Windows Remote Admin
NETLOGON C:\Windows\SYSVOL\sysvol\ad1.mydomain\SCRIPTS
Logon server share
SYSVOL C:\Windows\SYSVOL\sysvol Logon server share
The command completed successfully.
dnslint /ad /s <DC IP>: no error
- nltest /server:ort001c.ad1.mydomain /dsgetdc:AD1.MYDOMAIN
DC: \\ort001c.ad1.mydomain
Address: \\192.168.1.77
Dom Guid: 9faa9bae-faae-42be-bf45-05a1d77b2bf0
Dom Name: ad1.mydomain
Forest Name: ad1.mydomain
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS DS_8 DS_9
The command completed successfully
- repadmin /showrepl
Repadmin: running command
/showrepl against full DC localhost
Default-First-Site-Name\ORT001C
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: ff4092a2-62d8-4b83-a4d4-fec6920d8535
DSA invocationID: ff4092a2-62d8-4b83-a4d4-fec6920d8535
- netdom query /domain:AD1 fsmo
Schema master
ort001c.ad1.mydomain
Domain naming master
ort001c.ad1.mydomain
PDC
ort001c.ad1.mydomain
RID pool manager
ort001c.ad1.mydomain
Infrastructure master
ort001c.ad1.mydomain
The command completed
successfully.
----------------------- cut here --------------------
Besides, DFSR instead of FRS is used.
Sorry that I'm newbie to Windows and afraid if I've anything missed. Would anyone please help?
Thanks a lot.
/ST WongHi all,
Thanks for your advice. I updated following settings and restart the server:
- IPv6: set both address/DNS to dynamic
- IPv4: Add 127.0.0.1 as alternate DNS server
Same error reported in dcdiag. Besides, the server name used by nslookup is Unknown.
I'm afraid if I've something missed :(
Sorry for the trouble caused. Thanks a lot.
Regards,
/ST Wong
--------------- cut here ---------------
C:\Users\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ort001c
Primary Dns Suffix . . . . . . . : ad1.mydomain
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad1.mydomain
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connectio
n
Physical Address. . . . . . . . . : 00-50-56-AA-1C-6D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dd03:5eec:b396:a323%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.77(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 302010454
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-57-D0-61-00-50-56-AA-1C-6D
DNS Servers . . . . . . . . . . . : 192.168.1.77
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{598372EC-A809-493B-8E25-004F6D4655E2}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator>nslookup ort001c.ad1.mydomain
Server: UnKnown
Address: 192.168.1.77
Name: ort001c.ad1.mydomain
Address: 192.168.1.77
C:\Users\Administrator>nslookup ad1.mydomain
Server: UnKnown
Address: 192.168.1.77
Name: ad1.mydomain
Address: 192.168.1.77
PS C:\Users\Administrator> dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ort001c
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ORT001C
Starting test: Connectivity
......................... ORT001C passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ORT001C
Starting test: Advertising
......................... ORT001C passed test Advertising
Starting test: FrsEvent
......................... ORT001C passed test FrsEvent
Starting test: DFSREvent
......................... ORT001C passed test DFSREvent
Starting test: SysVolCheck
[ORT001C] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... ORT001C failed test SysVolCheck
Starting test: KccEvent
......................... ORT001C passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... ORT001C passed test KnowsOfRoleHolders
Starting test: MachineAccount
Could not open pipe with [ORT001C]:failed with 67: The network name cannot be found.
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
......................... ORT001C passed test MachineAccount
Starting test: NCSecDesc
......................... ORT001C passed test NCSecDesc
Starting test: NetLogons
[ORT001C] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... ORT001C failed test NetLogons
Starting test: ObjectsReplicated
......................... ORT001C passed test ObjectsReplicated
Starting test: Replications
......................... ORT001C passed test Replications
Starting test: RidManager
......................... ORT001C passed test RidManager
Starting test: Services
Could not open Remote ipc to [ort001c.ad1.mydomain]: error 0x43 "The network name cannot be found."
......................... ORT001C failed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00001796
Time Generated: 01/14/2014 10:26:57
Event String:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
A warning event occurred. EventID: 0x00000090
Time Generated: 01/14/2014 10:40:03
Event String: The time service has stopped advertising as a good time source.
......................... ORT001C passed test SystemLog
Starting test: VerifyReferences
......................... ORT001C passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ad1
Starting test: CheckSDRefDom
......................... ad1 passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ad1 passed test CrossRefValidation
Running enterprise tests on : ad1.mydomain
Starting test: LocatorCheck
......................... ad1.mydomain passed test LocatorCheck
Starting test: Intersite
......................... ad1.mydomain passed test Intersite -
New DC without netlogon share is not working.
Hello all,
I have a brand new DC (server 2012) that I joined to my domain and it is not behaving. It is a clean install plus the directory services role, the static IP and the promotion, nothing else. The domain has one more DC (server 2012) and it is functioning
properly. The DNS servers of the new DC are the working DC and 127.0.0.1 as secondary. The time is the same, the name is new on a new install of windows (no images, no cloning, no restores). The promotion completed successfully with the initial replication
(it said).
Here is the output of dcdiag:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = IL-DC2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\IL-DC2
Starting test: Connectivity
......................... IL-DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\IL-DC2
Starting test: Advertising
Warning: DsGetDcName returned information for \\MD-DC.mydomain.com, when we were trying to reach IL-DC2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... IL-DC2 failed test Advertising
Starting test: FrsEvent
......................... IL-DC2 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... IL-DC2 passed test DFSREvent
Starting test: SysVolCheck
......................... IL-DC2 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000B46
Time Generated: 03/06/2014 05:09:43
Event String:
The security of this directory server can be significantly enhanced by configuring the server to reject SASL
(Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple
binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds,
configuring the server to reject them will improve the security of this server.
......................... IL-DC2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... IL-DC2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... IL-DC2 passed test MachineAccount
Starting test: NCSecDesc
......................... IL-DC2 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\IL-DC2\netlogon)
[IL-DC2] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... IL-DC2 failed test NetLogons
Starting test: ObjectsReplicated
......................... IL-DC2 passed test ObjectsReplicated
Starting test: Replications
......................... IL-DC2 passed test Replications
Starting test: RidManager
......................... IL-DC2 passed test RidManager
Starting test: Services
......................... IL-DC2 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:20:58
Event String: The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/06/2014 04:50:41
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers r
esponded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/06/2014 04:50:41
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers r
esponded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:51:32
Event String: The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x00001001
Time Generated: 03/06/2014 04:56:46
Event String:
The machine IL-DC2 attempted to join the domain mydomain.com but failed. The error code was 1332.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:58:07
Event String: The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 03/06/2014 04:58:06
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0x00001796
Time Generated: 03/06/2014 04:59:21
Event String:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:09
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Universal Printing PCL 6 is unknown. Contact the
administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:09
Event String:
Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact t
he administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:12
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Color LaserJet CM1312nfi MFP (192.168.2.20) is un
known. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:12
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft XPS Document Writer is unknown. Contact
the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:13
Event String:
Driver PrimoPDF required for printer PrimoPDF is unknown. Contact the administrator to install the driver be
fore you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:13
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the
administrator to install the driver before you log in again.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 05:08:51
Event String: The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x00001796
Time Generated: 03/06/2014 05:12:17
Event String:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:02
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Universal Printing PCL 6 is unknown. Contact the
administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:02
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft XPS Document Writer is unknown. Contact
the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:03
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Color LaserJet CM1312nfi MFP (192.168.2.20) is un
known. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:04
Event String:
Driver PrimoPDF required for printer PrimoPDF is unknown. Contact the administrator to install the driver be
fore you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:04
Event String:
Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact t
he administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:05
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the
administrator to install the driver before you log in again.
......................... IL-DC2 failed test SystemLog
Starting test: VerifyReferences
......................... IL-DC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : mydomain
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... mydomain passed test CrossRefValidation
Running enterprise tests on : mydomain.com
Starting test: LocatorCheck
......................... mydomain.com passed test LocatorCheck
Starting test: Intersite
......................... mydomain.com passed test Intersite
I also have the following event:
Log Name: System
Source: NetJoin
Date: 3/6/2014 4:56:46 AM
Event ID: 4097
Task Category: None
Level: Error
Keywords:
User: S-1-5-21-1062633599-3710215183-3313947919-500
Computer: IL-DC2
Description:
The machine IL-DC2 attempted to join the domain mydomain.com but failed. The error code was 1332.
Although the machine joined the domain, it is listed with the appropriate records and promoted.
Can anybody help me get a second DC for this domain running? It is kind of urgent... I tried demoting/promoting, reinstalling, I tried to do a non-authoritative restore, however, I don't have the appropriate registry key... I saw the various different posts
on similar issues, please do not paste them as I read them and I was not able to solve this.
Thank you in advance for any responses!
Best regards,
IrinaUmar,
Thank you big time for your time and help today. After we finished talking I tried the authoritative restore (vs non-authoritative the first time - didn't help) and then I started over (one more time) and created one more DC. Before promoting it I disabled
the firewall and the user control in order to make sure nothing is stopping it. I also triple checked the time. I promoted it without the DNS server and Global Catalog functions. I faced the same wall. After the promotion the SYSVOL and NETLOGON shares were
still not there.
After hours of more reading I finally found this:
http://social.technet.microsoft.com/Forums/en-US/58b8cdc3-a990-46c7-a70e-a51fd6965537/sysvol-and-netlogon-shares-missing-from-new-domain-controllers-using-dfrs?forum=windowsserverpreview
and it saved me. So I followed this guy's steps and my system shares showed up on both new DCs. Then I had to wait one more hour for everything to get in sync and after that I successfully shut down my main DC and the other two took over.
Thank you again for the help!
Best regards,
Irina -
SBS2011 Recovered from Missing SYSVOL and NETLOGON; looking for original cause - not restore related
Call from client that they couldn't login to their shares. Connected to the server and found SYSVOL and NETLOGON missing. This has happened 3 times on this server 2014-01-06, 2014-03-26, and 2014-06-04. Although I have documentation and can restore quickly,
preventing is out primary goal.
What are the situation is which tis might happen and possible event log items that can give us a warning that this may take place.Searched more for SYSVOL NETLOGON Repeat. I excluded the C:\Windows\sysvol directory from Anti-virus scan to prevent locks. Links are below.Thank you,
Jefferson Eckert
Systems Engineer | Inline Computer & Communications
509.783.5450 ext 158 | [email protected] | http://www.inlinecomputer.com
Please consider the environment before printing this email
http://blogs.technet.com/b/instan/archive/2009/07/14/what-happens-in-a-journal-wrap.aspx
Since the PDC server was in Journal Wrap errors state and new DC was not having sysvol share avaialbe to fix the issue you need to first take the backup of sysvol and perfrom D4(authorative restore) and D2(non authorative restore) to fix the issue.http://support.microsoft.com/kb/290762/
Also your first step should be finding why JRNL_WRAP_ERROR error has occurred. Normally, JRNL_WRAP_ERROR occurs due to drive/partition being corrupted, antivirus locking and corrupting the file during sysvol scan, heavy size of the files inside
sysvol and netlogon shares.
Run chkdsk in read only mode for any errors and if issue reported take the backup of server and run chkdsk/f.Exclude the sysvol/nrtds/sysvol from AV scan too.To fix the Journal wrap perfrom authorative restore assuming you have single DC.See below link too.
what-happens-in-a-journal-:http://blogs.technet.com/b/instan/archive/2009/07/14/what-happens-in-a-journal-wrap.aspx
Since you have restored the DC to previous state check the health of DC by running dcdiag /q and also check event log for any errors and warning and post the same if any.
Best Regards,
Sandesh Dubey.
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator |
My Blog
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Proposed as answer by
VenkatSP<abbr class="affil"></abbr> Tuesday, November 20, 2012 2:02 AM -
Hi guys, quick question,
Is sysvol the same as netlogon, what I mean is if there is a script in sysvol but I didnt put anything in netlogon, will this script be replicated in netlogon folder?
If yes, so If I delete this script in sysvol, technically will it be deleted in netlogon
Regards,
JeffHi Jeff,
I agree with Calin.
The Sysvol folder is shared on an NTFS volume on all the domain controllers in a particular domain. Sysvol is used to deliver the policy and logon scripts to domain members.
By default sysvol includes 2 folders:
1.Policies - (Default location - %SystemRoot%\Sysvol\Sysvol\domain_name\Policies)
2.Scripts - (Default lcation - %SystemRoot%\Sysvol\Sysvol\domain_name\Scripts)
Script folder under sysvol folder will act as Netlogon share.
For more detailed information, you can refer to the link below:
Sysvol and netlogon share importance
in Active Directory
Best regards,
Susie -
Windows 2012 - SYSVOL replication and NETLOGON share
After reading 100 tons of articles and links i decided to open this thread.
I know today is 1st of april, but unfortunately for me this is not a joke.
given:
two 2003 DC's - physical servers
two 2008 DC's - VM's on ESX 5.1 hosts
two 2012 DC's - VM's on ESX 5.5 hosts
domian fucntional level 2003
situation:
we plan to decom the 2003's.
The 2008 DC's are in place since a while and working ok.
We plan to upgrade to 2012 and here it is where the trouble starts.
Firstly, I couldn't, by any means, to promote 2012 as DC's until i moved all the FSMO roles from the 2003 DC's to the 2008 DC's.
After lots of work with the network team we made all the right connections opened the firewalls, made the DCDIAG and DNS tests and the only problem reported are the SYSVOL replication and NETLOGON share.
I tried all the tools out there to check the replication and the last one is Microsoft's AdRplstatus Tool which made me think that either Microsoft makes fun of me, either i'm the dumbest windows admin on this planet.
This tool reports that there are NO ERRORS in replicating SYSVOL, but when i run the command 'net share' the 'domain.com\sysvol\scripts' is not there. Further more checking, i try to access '\\domain.com\sysvol' - directory under which i must find the 'policies'
and 'scripts' folders and, Sysvol is empty - obviously these are present when i do this check from the 2008 DC's or 2003 DC's.
Is there a known issue for these problems regarding 2012 and ESX 5.5 ? - still, i doubt it.
DCDIAG /TEST:DNS
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc-p01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: dc-p01
Starting test: Connectivity
......................... dc-p01 passed test Connectivity
Doing primary tests
Testing server: dc-p01
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... dc-p01 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : domain
Running enterprise tests on : domain.com
Starting test: DNS
Test results for domain controllers:
DC: dc-p01.domain.com
Domain: domain.com
TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record dcdiag-test-record i
n zone domain.com
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 184.134.0.97 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 184.134.0.97
dc-p01 PASS
PASS PASS PASS WARN PASS n/a
......................... domain.com passed test DNS
The PTR record query for 1.0.0.127 is still there but i will change it manually, my DNS is set as primary to point to the server itself by it's IP and not 127.0.0.1.
still, that DNS server with that error is a linux DNS, but all my DC's have DNS role on and fully replicating and working, including the 2012's.
DCDIAG:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc-p01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: dc-p01
Starting test: Connectivity
......................... dc-p01 passed test Connectivity
Doing primary tests
Testing server: dc-p01
Starting test: Advertising
......................... dc-p01 passed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... dc-p01 passed test FrsEvent
Starting test: DFSREvent
......................... dc-p01 passed test DFSREvent
Starting test: SysVolCheck
......................... dc-p01 passed test SysVolCheck
Starting test: KccEvent
......................... dc-p01 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... dc-p01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... dc-p01 passed test MachineAccount
Starting test: NCSecDesc
......................... dc-p01 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\dc-p01\netlogon)
[dc-p01] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... dc-p01 failed test NetLogons
Starting test: ObjectsReplicated
......................... dc-p01 passed test ObjectsReplicated
Starting test: Replications
REPLICATION-RECEIVED LATENCY WARNING
dc-p01: Current time is 2014-04-01 10:25:09.
DC=ForestDnsZones,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
DC=DomainDnsZones,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
CN=Schema,CN=Configuration,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
CN=Configuration,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:25:50
DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
......................... dc-p01 passed test Replications
Starting test: RidManager
......................... dc-p01 passed test RidManager
Starting test: Services
......................... dc-p01 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 09:26:35
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:27:52
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID fdc (C:\Windows\s
ystem32\taskhost.exe).
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 09:31:14
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 09:32:13
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:32:53
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID c18 (C:\Windows\s
ystem32\taskhost.exe).
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 09:35:33
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:37:54
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 950 (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:42:54
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 5c4 (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:47:55
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID ee0 (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:52:56
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID e48 (C:\Windows\s
ystem32\taskhost.exe).
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 09:53:30
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 09:57:57
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID a20 (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 10:02:58
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 1bc (C:\Windows\s
ystem32\taskhost.exe).
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 10:06:04
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 10:07:58
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 14c (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 10:12:59
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 90c (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 10:18:00
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID 558 (C:\Windows\s
ystem32\taskhost.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 04/01/2014 10:23:01
Event String:
DCOM was unable to communicate with the computer ca-p01.domain.com
n using any of the configured protocols; requested by PID f00 (C:\Windows\s
ystem32\taskhost.exe).
A warning event occurred. EventID: 0xA004001B
Time Generated: 04/01/2014 10:23:56
EvtFormatMessage failed, error 15027 the message resource is present
but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error
0x3ab3)
......................... dc-p01 failed test SystemLog
Starting test: VerifyReferences
......................... dc-p01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : mydomain
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... mydomain passed test CrossRefValidation
Running enterprise tests on : domain.comn
Starting test: LocatorCheck
......................... domain.comn passed test LocatorCheck
Starting test: Intersite
......................... domain.comn passed test Intersite
in Active DIrecotry Sites adn Services when i try to replicate FROM a valid SYSVOL Domain Controller towards my 2012 DC i get this:
The following error ocurred during the attempt to contact the domain controller dc-p01:
Directory object not found
i cannot upload picture yet because Ms ...didn t verified me.Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\dc-p01\netlogon)
[dc-p01] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... dc-p01 failed test NetLogons
Starting test: ObjectsReplicated
......................... dc-p01 passed test ObjectsReplicated
Starting test: Replications
REPLICATION-RECEIVED LATENCY WARNING
dc-p01: Current time is 2014-04-01 10:25:09.
DC=ForestDnsZones,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
DC=DomainDnsZones,DC=mydomain,DC=lan
Last replication received from DC-P02 at
2014-03-31 15:22:40
To perform non-authoritative restore of sysvol, you set the Burflag value & system will automatically tries to sync contents of sysvol with its replicating partner DC. Its not mandatory to select any particular DC for sysvol replication becasue in a
same domain, all DC's shares the same sysvol content.
Sometime, if initialization of FRS doesn't start, you have to follow the below article. Its also applicable to windows 2008 even as long as your using FRS for replication.
http://support.microsoft.com/kb/290762/en-us
To force the replication of sysvol using cmdline, refer below link.
http://blogs.technet.com/b/justinturner/archive/2007/04/27/quick-tip-force-frs-replication.aspx
Its better to find out what went wrong with the overall AD domain infra that sysvol has not been able to contact its partner for sysvol replication using depth assessment of the domain. It can be the network,firewall,antivirus or in-built firewall port issues
which might have broken sysvol replication.
http://msmvps.com/blogs/ad/archive/2008/06/03/active-directory-health-checks-for-domain-controllers.aspx
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights. -
I am running 2 2008r2 DC's in a test environment using a network emulator between them to simulate latency and bandwith restriction for when we go to a live environment. Between the 2 DC's I can successfully replicate with no errors
all GPO's are being pushed successfully also. I also have "successfully" setup DFS. The problem I get is the Netlogon Share is missing and I have tried the suggestions on these sites with no luck:
http://support.microsoft.com/kb/947022/en-us and
http://support.microsoft.com/kb/833783/en-us. I checked the Event Viewer on both DC's under DFS Replication and I have EventID 4602 on one DC and EventID 4604 on the other
DC which seems to be working correctly but I just am unable to get the Netlogon share to come up. I do not have a backup or a fully functional SYSVOL_DFSR share to restore from so that is out of the question but the SYSVOL_DFSR is shared but when
I navigate to the physical location of the Netlogon share the Scripts folder is missing. Is it possible to manually create the folders and share the Netlogon folder? Any suggestions would be greatly appreciated.DCGPOFIX tool is not used for creating Netlogon folder, but its mainly for creating default domain and domain controller policy for which Netlogon folder has to exists. You can use below article to rebuilt the Sysvol tree & the article is applicable
for windows 2008 R2.
http://support.microsoft.com/kb/315457
You can create the folder manually, but it might not have the necessary permission required to be there. Its better to use the above article.
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights. -
Can't see the SYSVOL and NETLOGON folder into newly migrated server
Hi,
I have recently promoted and migrated FSMO role to my new Additional Domain controller but after migration I can't see SYSVOL and NETLOGON folder into new domain controller. Even I can't add any backup domain controller to newly migrated domain controller.
Regard;
Jitendra GautamHi
How much time it should take to advertise because it become more than 20 days after promotion of new DC. When I run dcdiag and I found that :
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = NEWDC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\NEWDC
Starting test: Connectivity
......................... NEWDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\NEWDC
Starting test: Advertising
Warning: DsGetDcName returned information for
\\OLD DC.domain.name, when we were trying to reach
NEWDC.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... NEWDC failed test Advertising
Starting test: FrsEvent
......................... NEWDC passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... NEWDC failed test DFSREvent
Starting test: SysVolCheck
......................... NEWDC passed test SysVolCheck
Starting test: KccEvent
......................... NEWDC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... NEWDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... NEWDC passed test MachineAccount
Starting test: NCSecDesc
......................... NEWDC passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\NEWDC\netlogon)
[NEWDC] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... NEWDC failed test NetLogons
Starting test: ObjectsReplicated
......................... NEWDC passed test ObjectsReplicated
Starting test: Replications
......................... NEWDC passed test Replications
Starting test: RidManager
......................... NEWDC passed test RidManager
Starting test: Services
......................... NEWDC passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:11:03
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:14:13
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:15:31
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:15:42
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:17:27
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 10/07/2014 17:53:35
Event String:
A duplicate name has been detected on the TCP network. The IP addre
ss of the computer that sent the message is in the data. Use nbtstat -n in a com
mand window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC0001B61
Time Generated: 10/07/2014 17:54:39
Event String:
A timeout was reached (30000 milliseconds) while waiting for the Fil
e Replication service to connect.
An error event occurred. EventID: 0xC0001B61
Time Generated: 10/07/2014 17:54:44
Event String:
A timeout was reached (30000 milliseconds) while waiting for the Fil
e Replication service to connect.
An error event occurred. EventID: 0xC0001B61
Time Generated: 10/07/2014 17:55:40
Event String:
A timeout was reached (30000 milliseconds) while waiting for the Fil
e Replication service to connect.
An error event occurred. EventID: 0xC0001B61
Time Generated: 10/07/2014 17:55:53
Event String:
A timeout was reached (30000 milliseconds) while waiting for the Fil
e Replication service to connect.
......................... NEWDC failed test SystemLog
Starting test: VerifyReferences
......................... NEWDC passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : domain
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Running enterprise tests on : domain.name
Starting test: LocatorCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
......................... domain.name failed test LocatorCheck
Starting test: Intersite
......................... domain.name passed test Intersite
And
"I can't add any backup domain controller..." means I am not able to join the new ADDC to newly promoted server. But I can join the new
ADDC to old DC of which the FSMO roles are transferred to new DC .
I also found that File replication service is disabled while starting it getting the below Error:
"Error 1053: Ther service did not respond to start or control request in timely fashion"
Regards;
Jitendra Gautam -
Scheduled Task to run as Local System cannot access the Netlogon Share in Windows 8.1
I've created a Scheduled Task that is setup to run as the local System Account which uses cscript.exe to execute a VBScript residing on the Domain Netlogon Share. It works perfectly on Windows 7, but fails miserably on Windows 8.1. When I open a command
prompt as the System account and try to run the script from the Netlogon share manually, I get the following error:
CScript Error: Loading script \\<FullyQualifiedomainName>\Netlogon\xyz.vbs failed (The account used is a computer account. Use your global user account or local user account to access this server. ).
Is there something different I need to set in Windows 8 to get this to run?
Thank you!!
Eric MyersHi Eric,
What's the result of Arnav's question?
How did you set it? Please set it as the following steps:
1.Go to Start > Administrative Tools > Task Scheduler
2.In the Task Scheduler window double click your task, and on the "General" tab, under "Security options" section, click the "Change User or Group" button.
4.Make sure "From this location" is set to the local machine name (to change click "Locations" button and select the local computer name)
5.Type "SYSTEM" in the text box and press ok . Under "When running the task, use the following user account:" you should see "NT AUTHORITY\SYSTEM".
Karen Hu
TechNet Community Support -
Active Directory Replication Servers (wont replicate SYSVOL and NETLOGON Not showing)
I have my first DC Server (DC1). DC1.DOMAIN.lOCAL, I decided to add another Domain Controller. Made it a secondary DNS Server and also GC. Everything seems to replicate, but its missing NETLOGON and SYSVOL Wont replicate.
Windows 2008 R2Errr 5706
The Netlogon service could not create server share C:\Windows\SYSVOL\sysvol\INFGRP.LOCAL\SCRIPTS. The following error occurred:
The system cannot find the file specified.
Event 7009
A timeout was reached (30000 milliseconds) while waiting for the File Replication service to connect.
Event 1058
The processing of Group Policy failed. Windows attempted to read the file \\INFGRP.LOCAL\SysVol\INFGRP.LOCAL\Policies\{55DE4000-0D51-44CD-92A1-30F286B2BC86}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until
this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
All Critical
This domain controller has migrated to using the DFS Replication service to replicate the SYSVOL share. Use of the File Replication Service for replication of non-SYSVOL content sets has been deprecated and therefore, the service has been stopped. The DFS
Replication service is recommended for replication of folders, the SYSVOL share on domain controllers and DFS link targets.
Test replication
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine dc, is a DC.
* Connecting to directory service on server dc.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\dc
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... dc passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\dc
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=GRP,DC=LOCAL
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=GRP,DC=LOCAL
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=GRP,DC=LOCAL
Latency information for 8 entries in the vector were ignored.
8 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=GRP,DC=LOCAL
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=GRP,DC=LOCAL
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... dc passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: Advertising
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: RidManager
Test omitted by user request: MachineAccount
Test omitted by user request: Services
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: ObjectsReplicated
Test omitted by user request: frssysvol
Test omitted by user request: frsevent
Test omitted by user request: kccevent
Test omitted by user request: systemlog
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : DomainDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : Schema
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : Configuration
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : GRP
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running enterprise tests on : GRP.LOCAL
Test omitted by user request: Intersite
Test omitted by user request: FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
On the second DC (DCR). I see SYSVOL, no files replicated, also theres no NETLOGON. -
Netlogon and SYSVOL shares are not created after DCPROMO in Windows 2012
Hi
When i run a dcpromo on my windows 2012 server (all dc's are windows 2012)
On the new domain controller i don't have sysvol or netlogon share.
All the sugestions i found in social refer to FRS but in server 2012 DFS is used, no idea how to troubel shoot this problem.
All dcdiag on all DC before promo where clean
dcidag on srv01 the new dc shows:
Doing initial required tests
Testing server: Bas\SRV01
Starting test: Connectivity
......................... SRV01 passed test Connectivity
Doing primary tests
Testing server: Bas\SRV01
Starting test: Advertising
Warning: DsGetDcName returned information for
\\SRV09.dikkenberg.local, when we were trying to reach SRV01.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... SRV01 failed test Advertising
Starting test: FrsEvent
......................... SRV01 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SRV01 passed test DFSREvent
Starting test: SysVolCheck
......................... SRV01 passed test SysVolCheck
Starting test: KccEvent
......................... SRV01 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SRV01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SRV01 passed test MachineAccount
Starting test: NCSecDesc
......................... SRV01 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\SRV01\netlogon)
[SRV01] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... SRV01 failed test NetLogons
Starting test: ObjectsReplicated
......................... SRV01 passed test ObjectsReplicated
Starting test: Replications
......................... SRV01 passed test Replications
Starting test: RidManager
......................... SRV01 passed test RidManager
Starting test: Services
......................... SRV01 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000727A5
Time Generated: 02/26/2013 21:55:22
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x00001001
Time Generated: 02/26/2013 21:58:10
Event String:
The machine SRV01 attempted to join the domain dikkenberg.local but
failed. The error code was 1332.
A warning event occurred. EventID: 0x000727A5
Time Generated: 02/26/2013 22:00:04
Event String:
The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x000727A5
Time Generated: 02/26/2013 22:08:43
Event String:
The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x0000008E
Time Generated: 02/26/2013 22:10:22
Event String:
The time service has stopped advertising as a time source because th
e local clock is not synchronized.
A warning event occurred. EventID: 0x00001796
Time Generated: 02/26/2013 22:24:05
Event String:
Microsoft Windows Server has detected that NTLM authentication is pr
esently being used between clients and this server. This event occurs once per b
oot of the server on the first time a client uses NTLM with this server.
......................... SRV01 failed test SystemLog
Starting test: VerifyReferences
......................... SRV01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : dikkenberg
Starting test: CheckSDRefDom
......................... dikkenberg passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... dikkenberg passed test CrossRefValidation
Running enterprise tests on : dikkenberg.local
Starting test: LocatorCheck
......................... dikkenberg.local passed test LocatorCheck
Starting test: Intersite
......................... dikkenberg.local passed test Intersite
C:\Users\administrator.DIKKENBERG>
Dcdiag on good dc:
Performing initial setup:
Trying to find home server...
Home Server = SRV09
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Bas\SRV09
Starting test: Connectivity
......................... SRV09 passed test Connectivity
Doing primary tests
Testing server: Bas\SRV09
Starting test: Advertising
......................... SRV09 passed test Advertising
Starting test: FrsEvent
......................... SRV09 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SRV09 passed test DFSREvent
Starting test: SysVolCheck
......................... SRV09 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x80000B46
Time Generated: 02/26/2013 22:42:36
Event String:
The security of this directory server can be significantly enhanced
by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest)
LDAP binds that do not request signing (integrity verification) and LDAP simple
binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. E
ven if no clients are using such binds, configuring the server to reject them wi
ll improve the security of this server.
......................... SRV09 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SRV09 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SRV09 passed test MachineAccount
Starting test: NCSecDesc
......................... SRV09 passed test NCSecDesc
Starting test: NetLogons
......................... SRV09 passed test NetLogons
Starting test: ObjectsReplicated
......................... SRV09 passed test ObjectsReplicated
Starting test: Replications
......................... SRV09 passed test Replications
Starting test: RidManager
......................... SRV09 passed test RidManager
Starting test: Services
......................... SRV09 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 21:57:13
Event String:
Driver Samsung CLP-320 Series required for printer Samsung CLP-320 S
eries is unknown. Contact the administrator to install the driver before you log
in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 21:57:13
Event String:
Driver DYMO LabelWriter 400 Turbo required for printer DYMO LabelWri
ter 400 Turbo is unknown. Contact the administrator to install the driver before
you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 21:57:13
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Verz
enden naar OneNote 2013 is unknown. Contact the administrator to install the dri
ver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 21:57:14
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft
XPS Document Writer is unknown. Contact the administrator to install the driver
before you log in again.
A warning event occurred. EventID: 0x000016AF
Time Generated: 02/26/2013 22:34:50
Event String:
During the past 4.24 hours there have been 20 connections to this Do
main Controller from client machines whose IP addresses don't map to any of the
existing sites in the enterprise. Those clients, therefore, have undefined sites
and may connect to any Domain Controller including those that are in far distan
t locations from the clients. A client's site is determined by the mapping of it
s subnet to one of the existing sites. To move the above clients to one of the s
ites, please consider creating subnet object(s) covering the above IP addresses
with mapping to one of the existing sites. The names and IP addresses of the cl
ients in question have been logged on this computer in the following log file '%
SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\
debug\netlogon.bak' created if the former log becomes full. The log(s) may conta
in additional unrelated debugging information. To filter out the needed informat
ion, please search for lines which contain text 'NO_CLIENT_SITE:'. The first wor
d after this string is the client name and the second word is the client IP addr
ess. The maximum size of the log(s) is controlled by the following registry DWOR
D value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameter
s\LogFileMaxSize'; the default is 20000000 bytes. The current maximum size is 2
0000000 bytes. To set a different maximum size, create the above registry value
and set the desired maximum size in bytes.
A warning event occurred. EventID: 0x0000000B
Time Generated: 02/26/2013 22:42:06
Event String:
Custom dynamic link libraries are being loaded for every application
. The system administrator should review the list of libraries to ensure they ar
e related to trusted applications. Please visit http://support.microsoft.com/kb/
197571 for more information.
A warning event occurred. EventID: 0x000727AA
Time Generated: 02/26/2013 22:43:09
Event String:
The WinRM service failed to create the following SPNs: WSMAN/SRV09.d
ikkenberg.local; WSMAN/SRV09.
A warning event occurred. EventID: 0x000003F6
Time Generated: 02/26/2013 22:43:11
Event String:
Name resolution for the name _msdcs.dikkenberg.local timed out after
none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 02/26/2013 22:43:11
Event String:
Name resolution for the name dikkenberg.local timed out after none o
f the configured DNS servers responded.
A warning event occurred. EventID: 0x0000000C
Time Generated: 02/26/2013 22:43:13
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
A warning event occurred. EventID: 0x00001796
Time Generated: 02/26/2013 22:43:50
Event String:
Microsoft Windows Server has detected that NTLM authentication is pr
esently being used between clients and this server. This event occurs once per b
oot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 22:44:12
Event String:
Driver Samsung CLP-320 Series required for printer Samsung CLP-320 S
eries is unknown. Contact the administrator to install the driver before you log
in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 22:44:16
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Verz
enden naar OneNote 2013 is unknown. Contact the administrator to install the dri
ver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 22:44:16
Event String:
Driver DYMO LabelWriter 400 Turbo required for printer DYMO LabelWri
ter 400 Turbo is unknown. Contact the administrator to install the driver before
you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 02/26/2013 22:44:17
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft
XPS Document Writer is unknown. Contact the administrator to install the driver
before you log in again.
......................... SRV09 failed test SystemLog
Starting test: VerifyReferences
......................... SRV09 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : dikkenberg
Starting test: CheckSDRefDom
......................... dikkenberg passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... dikkenberg passed test CrossRefValidation
Running enterprise tests on : dikkenberg.local
Starting test: LocatorCheck
......................... dikkenberg.local passed test LocatorCheck
Starting test: Intersite
......................... dikkenberg.local passed test Intersite
With kind regards, Bas van den DikkenbergDoing primary tests
Testing server: Bas\SRV01
Starting test: Advertising
Warning: DsGetDcName returned information for
\\SRV09.dikkenberg.local, when we were trying to reach SRV01.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... SRV01 failed test Advertising
"SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE"
this error means that the DC is in USN rollback state.
srv01 is not usn rollback see:
test from other DC:
Doing primary tests
Testing server: Ouders\SRV10
Starting test: Advertising
......................... SRV10 passed test Advertising
Starting test: FrsEvent
......................... SRV10 passed test FrsEvent
Test from srv09:
Doing primary tests
Testing server: Bas\SRV09
Starting test: Advertising
......................... SRV09 passed test Advertising
Starting test: FrsEvent
......................... SRV09 passed test FrsEvent
With kind regards, Bas van den Dikkenberg -
AD Replication issues, SYSVOL / NETLOGON not replicating
Hello Experts!
We have a client that recently called us for some assistance. The IT department had a new virtual environment stood up. They Created 3 new VMs and promoted them all to domain controllers. The current domain and forest functional levels are (and were) Server
2003. There were two existing domain controllers, both Server 2003. The new domain controllers are Server 2012 R2. After promoting the 3 new servers to DC’s, they demoted one of the old DC’s. Then they transferred FSMO roles to a new 2012 R2 DC. When they
went to demote the last server 2003 DC, it was giving them the error that it is the last DC in the domain. That’s when we were called to assist. I have since demoted 2 of the 3 new 2012 R2 DCs and transferred all FSMO roles back to the Server 2003 DC.
I have been running some tools to try and gather data. Here is the DCDIAG from the last Server 2003 DC:
C:\Documents and Settings\user>dcdiag /fix
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: domainname\server2003server
Starting test: Connectivity
......................... server2003server passed test Connectivity
Doing primary tests
Testing server: domainname\server2003server
Starting test: Replications
......................... server2003server passed test Replications
Starting test: NCSecDesc
......................... server2003server passed test NCSecDesc
Starting test: NetLogons
......................... server2003server passed test NetLogons
Starting test: Advertising
......................... server2003server passed test Advertising
Starting test: KnowsOfRoleHolders
......................... server2003server passed test KnowsOfRoleHolders
Starting test: RidManager
......................... server2003server passed test RidManager
Starting test: MachineAccount
......................... server2003server passed test MachineAccount
Starting test: Services
......................... server2003server passed test Services
Starting test: ObjectsReplicated
......................... server2003server passed test ObjectsReplicated
Starting test: frssysvol
......................... server2003server passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... server2003server failed test frsevent
Starting test: kccevent
......................... server2003server passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000410B
Time Generated: 02/18/2015 19:27:04
Event String: The request for a new account-identifier pool
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 19:28:22
Event String: Component: System Information Agent
An Error Event occured. EventID: 0xC00110CD
Time Generated: 02/18/2015 19:28:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 19:28:22
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0xC0060024
Time Generated: 02/18/2015 19:28:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 02/18/2015 19:32:26
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC25A001D
Time Generated: 02/18/2015 14:33:27
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:33:28
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:33:31
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410B
Time Generated: 02/18/2015 14:36:18
Event String: The request for a new account-identifier pool
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 14:38:48
Event String: Component: System Information Agent
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 14:38:48
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0xC4350505
Time Generated: 02/18/2015 14:38:54
Event String: NIC Agent: Connectivity has been lost for the NIC
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:39:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:39:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/18/2015 14:39:54
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0x0000168F
Time Generated: 02/18/2015 14:42:09
Event String: The dynamic deletion of the DNS record
An Error Event occured. EventID: 0xC25A001D
Time Generated: 02/18/2015 14:42:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:42:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0x825A0011
Time Generated: 02/18/2015 14:42:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC4350607
Time Generated: 02/18/2015 14:48:03
Event String: Component: System Information Agent
An Error Event occured. EventID: 0x00072787
Time Generated: 02/18/2015 14:48:03
Event String: The WinRM service is unable to start because of a
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 14:50:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x40000004
Time Generated: 02/18/2015 14:55:30
Event String: The kerberos client received a
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:36
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:38
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:11:39
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/18/2015 15:16:10
(Event String could not be retrieved)
......................... server2003server failed test systemlog
Starting test: VerifyReferences
Some objects relating to the DC server2003server have problems:
[1] Problem: Missing Expected Value
Base Object:
CN= server2003server,OU=Domain Controllers,DC=domainname,DC=com
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN= server2003server,CN=Servers,CN=domainname,CN=Sites,CN=C
onfiguration,DC=domainname,DC=com
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
......................... server2003server failed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domainname
Starting test: CrossRefValidation
......................... domainname passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domainname passed test CheckSDRefDom
Running enterprise tests on : domainname.com
Starting test: Intersite
......................... domainname.com passed test Intersite
Starting test: FsmoCheck
......................... domainname.com passed test FsmoCheck
C:\Documents and Settings\user>
Now the DCDIAG for the Server 2012 R2 DC.
2012R2DC
PS C:\Users\user > dcdiag /fix
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = 2012R2DC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: domainname\2012R2DC
Starting test: Connectivity
......................... 2012R2DC
passed test Connectivity
Doing primary tests
Testing server: domainname\2012R2DC
Starting test: Advertising
Warning: DsGetDcName returned information for \\server2003server.domainname.com, when we were trying to reach 2012R2DC.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... 2012R2DC
failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... 2012R2DC
passed test FrsEvent
Starting test: DFSREvent
......................... 2012R2DC passed test DFSREvent
Starting test: SysVolCheck
......................... 2012R2DC passed test SysVolCheck
Starting test: KccEvent
......................... 2012R2DC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... 2012R2DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... 2012R2DC passed test MachineAccount
Starting test: NCSecDesc
......................... 2012R2DC passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\2012R2DC \netlogon)
[2012R2DC] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... 2012R2DC failed test NetLogons
Starting test: ObjectsReplicated
......................... 2012R2DC passed test ObjectsReplicated
Starting test: Replications
[Replications Check, 2012R2DC] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105
"Replication access was denied."
......................... 2012R2DC failed test Replications
Starting test: RidManager
......................... 2012R2DC passed test RidManager
Starting test: Services
Could not open NTDS Service on 2012R2DC, error 0x5 "Access is denied."
......................... 2012R2DC failed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x0000041E
Time Generated: 02/18/2015 14:39:32
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could
be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x0000041E
Time Generated: 02/18/2015 14:44:34
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could
be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x40000004
Time Generated: 02/18/2015 14:47:09
Event String:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server cr-dc3$. The target name used was C
RDC02$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when t
he target server principal name (SPN) is registered on an account other than the account the target service is using. En
sure that the target SPN is only registered on the account used by the server. This error can also happen if the target
service account password is different than what is configured on the Kerberos Key Distribution Center for that target se
rvice. Ensure that the service on the server and the KDC are both configured to use the same password. If the server nam
e is not fully qualified, and the target domain (domainname.COM) is different from the client domain (domainname.COM),
check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify
the server.
......................... 2012R2DC failed test SystemLog
Starting test: VerifyReferences
......................... 2012R2DC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : domainname
Starting test: CheckSDRefDom
......................... domainname passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... domainname passed test CrossRefValidation
Running enterprise tests on : domainname.com
Starting test: LocatorCheck
......................... domainname.com passed test LocatorCheck
Starting test: Intersite
......................... domainname.com passed test Intersite
PS C:\Users\user>
From here I can see SYSVOL and NETLOGON are not replicating from server2003server. When I log on to server2003server and run ‘net share’ the SYSVOL and NETLOGON shares are shared. But, when I do the same on 2012R2DC there are no NETLOGON or SYSVOL shares.
I see ntfrs issues. So I ran ntfrsutl ds on server2003server and the results are here:
C:\Documents and Settings\user>ntfrsutl ds
NTFRS CONFIGURATION IN THE DS
SUBSTITUTE DCINFO FOR DC
FRS DomainControllerName: (null)
Computer Name : SERVER2003SERVER
Computer DNS Name : SERVER2003SERVER.domainname.com
BINDING TO THE DS:
ldap_connect : SERVER2003SERVER.domainname.com
DsBind : SERVER2003SERVER.domainname.com
NAMING CONTEXTS:
SitesDn : CN=Sites,cn=configuration,dc= domainname,dc=com
ServicesDn : CN=Services,cn=configuration,dc= domainname,dc=com
DefaultNcDn: DC= domainname,DC=com
ComputersDn: CN=Computers,DC= domainname,DC=com
DomainCtlDn: OU=Domain Controllers,DC= domainname,DC=com
Fqdn : CN= SERVER2003SERVER,OU=Domain Controllers,DC= domainname,DC=com
Searching : Fqdn
COMPUTER: SERVER2003SERVER
DN : cn= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : d3cfdf56-a013-40ab-a2e9ffc3d88896bd
UAC : 0x00082000
Server BL : CN= SERVER2003SERVER,CN=Servers,CN=domainname,CN=Sites,CN=Configuration,D
C= SERVER2003SERVER,DC=com
Settings : cn=ntds settings,cn= SERVER2003SERVER,cn=servers,cn= domainname,cn=sites,c
n=configuration,dc= domainname,dc=com
DNS Name : SERVER2003SERVER. domainname.com
WhenCreated : 5/29/2007 10:36:30 Eastern Standard Time Eastern Daylight Time
[300]
WhenChanged : 2/17/2015 11:21:58 Eastern Standard Time Eastern Daylight Time
[300]
SUBSCRIPTION: NTFRS SUBSCRIPTIONS
DN : cn=ntfrs subscriptions,cn= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : 5d0ca299-209d-4814-ae6d7acd9209e10a
Working : c:\windows\ntfrs
Actual Working: c:\windows\ntfrs
WhenCreated : 5/29/2007 10:50:26 Eastern Standard Time Eastern Daylight T
ime [300]
WhenChanged : 5/29/2007 10:50:26 Eastern Standard Time Eastern Daylight T
ime [300]
SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn
= SERVER2003SERVER,ou=domain controllers,dc= domainname,dc=com
Guid : fb56d707-3c40-429f-bd7c63d227b9fb5d
Member Ref: (null)
Root : c:\windows\sysvol\domain
Stage : c:\windows\sysvol\staging\domain
WhenCreated : 5/29/2007 10:50:26 Eastern Standard Time Eastern Dayligh
t Time [300]
WhenChanged : 5/29/2007 10:50:26 Eastern Standard Time Eastern Dayligh
t Time [300]
SERVER2003SERVER IS NOT A MEMBER OF ANY SET!
C:\Documents and Settings\user>
Also worth noting that when we power down SERVER2003SERVER no computer can contact a logon server.
The last line of this worries me as well. I am going to continue to work on this but I wanted to get these logs to some other eyes in case you have some ideas off the bat. Thanks in advance!I would first recommend to make sure that the new DCs are also global catalogs and to refer to IP setting recommendations I shared here: http://www.ahmedmalek.com/web/fr/home.asp
It is possible to do a non-authoritative restore of SYSVOL to make it appear on the other DCs: https://support.microsoft.com/kb/290762?wa=wsignin1.0
However, you would need to upgrade to DFSR.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile
Maybe you are looking for
-
Can't open Desktop Software 6.0.1
Desktop Software 6.0.1 won't open, a pop-up window says "Blackberry Desktop Software has encountered a problem and needs to close. We are sorry for the inconvenience". The error signature: Event type clr20r3 P1: rim.desktop.exe P2: 6.01.18 P3: 4cfdab
-
ABAP development guidelines for BW
Does anyone know of any paper on abap guidelines/best practises in BW ? Thank you,
-
XMP metadata lost in PNG files
Hello, My XMP metadata is lost from a PNG file if the file is modified and saved. Here is what I am doing 1. Put some metadata in a PNG file using m_xmpFile.OpenFile( FileName, kXMP_PNGFile , kXMPFiles_OpenForUpdate) 2. Edit this file in Photoshop (c
-
Compatibility CR 9.0 and Adobe Acrobat Professional (atleast 6.x or higher)
Post Author: pjhanse CA Forum: General We are using Crystal Reports 9.0 with Adobe Acrobat Pro 4.0. To avoid problems, we would like to upgrade the Adobe Acrobat Pro version to atleast 6.x or newer. I have searched and asked around wich version of Ad
-
Color and Contrast Change when opening pictures in PhotoshopCS3
I just calibrated my monitor { Mac book 15 inch Pro} using Display Calibrator assistant. I used the Expert mode. I normally had it Calibrated with HUEY PRO. I was not liking my print results with Huey. So I matched the print to the new calibration u