The Active Directory cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime.
the solution what i got from this from is to Depromote and promote it again to DC, my question when i depromote, will the OU , object will remain as it is or it will be lost. And what precautions do i need to take?
Adding to the above points, my Domain has only 2 DC, should both the DC be demoted and promoted
Under NO curcumstances you demote both of your DCs. You must always have one or 2DCs running, otherwise you will loose your entire AD. Only 1 DC should be demoted. you should wait couple of hours prior to promoting it back to DC role again.
Ideally your primary DC will continue maintaining the OUs, GPOs, and user accounts.
I would suggest brining in a new, 3rd DC intro play, leave it for a day or 2 to replicate everything properly, confirm that its propagating properly with the primary DC, and only then demote and remove the offending DC.
There are actually ways for recovering from tombstone lifetime much painlessly than DC demotion/promotion. Depending on what is your AD running on, Windows 2003 or 2012 R2 servers:
here a few links that might help you understand how it works:
Primary link :http://blogs.technet.com/b/askpfeplat/archive/2012/11/23/fixing-when-your-domain-traveled-back-in-time-the-great-system-time-rollback-to-the-year-2000.aspx
http://community.spiceworks.com/topic/343609-ad-replication-can-t-because-exceeded-tombstone-life
https://support.microsoft.com/en-us/kb/2020053?wa=wsignin1.0
http://shebangme.blogspot.com/2011/01/active-directory-time-since-last.html
Similar Messages
-
DNS The Zone cannot be deleted - the active directory service is not available
Hello TechNet Members,
As you can see from the Summery, I got this message when I'm trying to delete DNS Zone.
It's not matter if the DNS Zone newly created or its an Old One.
After this message the computer is telling you "The Computer is about to make Restart".
It's so strange and i really don't know what to check first.
More Information:
5 Servers that Replicate together.
The Operation System is Windows Server 2012R2 for all the entire DC's
1 Domain In the Forest.
Thanks,Hi Jesper,
DCdiag /fix and no errors in there everything marked as PASSED.
I did Demotion for one of the DC to troubleshoot, but with no luck i'm back to the same point i started
I tried to delete the brand new Zone from the commandline using DNScmd it's still not working and the computer is reboot himslef.
I've checked the permissions from the ADSIEdit.msc:
Inherit from MicrosoftDNS section to the ROOT
DNSAdmins > Full Control
Domain Admins > Full Control
From "DNS Server" section at the EventViewer
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS
data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet
Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
"The DNS server was unable to complete directory service enumeration of zone TestZone1. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active
Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error. "
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Thanks, -
Cannot Print. "The Active Directory Domain Services is currently unavailable"
Hi there
I cannot print and I have not been able to find the fix via existing forum threads.
System:
Win 7 Ultimate 64 bit German - Profile language is Danish (installed a week ago and completely windows updated)
Office 365 Small Business Premium
HP DV8 Laptop. i7, 512GB SSD, 8GB RAM
HP LaserJet P1006 USB printer.
Problem
No matter if I try to print from IE, Notebook, Word 2013 or anything else, I cannot chose my printer (P1006).
If I try to Add Printer in Word 2013, I get the "The Active Directory Domain Services is currently unavailable" error.
In Devices and Printers, the P1006 is visible, but there is no driver installed.
Trying to install the correct driver:
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=3435683&prodTypeId=18972&prodSeriesId=3435682&swLang=8&taskId=135&swEnvOID=4063
only creates a general error during installation: "Printer Software Installer has stopped working - A problem has caused the program to stop working correctly. Windows closes the program and will notify you if a solution has been found"
I have tried all the solution software from Windows, from HP (for the laptop and for the printer) - but nothing comes up with any details or suggestions.
What should I try?
Absolutely everything else works perfectly on the system.
Reffered here via http://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/cannot-print-the-active-directory-domain-services/1cf47626-a2cd-4b7a-94b6-10cbc8ab02b0Hi,
I suggest you try the following:
1. Try the steps in the following article:
Troubleshoot printer problems
http://windows.microsoft.com/en-US/windows-vista/Troubleshoot-printer-problems
Fix printing problems by resetting the print spooler
http://support.microsoft.com/kb/2000007
2. Let us try updating the printer driver which might help you in resolving the issue.
Click on the link below for more information on updating the printer drivers.
Find and install printer drivers
http://windows.microsoft.com/en-US/windows-vista/Find-and-install-printer-drivers
3. Remove the printer and add it again:
Go to Control Panel
Select Printers
Right-click on Add Printer
Select Run as Administrator
Now try to add your network printer
Also a thread for your reference:
Error message when attempting to print: Active Directory Domain Service is Currently Unavailable
http://social.technet.microsoft.com/Forums/en-US/winserverprint/thread/d6212275-24d6-4168-830a-9441f861cb76
Hope this helps.
Vincent Wang
TechNet Community Support -
got event ID 4015 and source DNS-Server-Service. please suggest how to fix this issue
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
RajHi
first run "ipconfig /flushdns" and then "ipconfig /registerdns" finally restart dns service and check the situation,also you can check dns logs computer management ->Event viewer->Custom Views->Server roles->DNS. -
How to populate a sharepoint 2010 from the active directory.
I want a list of all the computers in the active directory,
another one with all users.
I want also to populate a sharepoint 2010 list from the sharepoint user profiles.
Thanks
szWhile
the contacts list is usually filled out for contacts that are outside the company, there are times when you would use a contacts list to store internal and external resources. Wouldn’t it be nice if you didn’t have to re-type your internal contacts’
information that are already in the system? Now you can with a little InfoPath customization on the contacts list.
Here’s our plan:
Create the contacts list, and open in InfoPath
Create a data connection to the User Profile web service
Customize the form adding some text, a people picker and a button
Create InfoPath rules that will populate the contact fields from the user fields in the User Profile store
Let’s get going! Before we begin, make sure you have InfoPath 2010 installed locally on your computer. I also want to give credit Laura
Rogers and Darvish Shadravan’s book Using
Microsoft InfoPath 2010 with Microsoft SharePoint 2010 Step by Step. I know it looks like a lot of steps, but it’s easy once you get the hang of it.
So obviously we need a contacts list. If you don’t already have one, go to the SharePoint site where it will live, and create a contacts list.
From the list, click the List tab on the ribbon, then click Customize form:
So now we have our form open in InfoPath 2010. Let’s add our elements to the form.
Above all the fields, let’s add some text instructing users what to do with the the field we’re about to add (.e.g To enter an existing user’s information, choose the user below).
Insert a people picker control by clicking the Person/Group Picker control in the Controls section of the ribbon. This will add a column to the contacts list called group.
Below the people picker, insert a button control from the same section of the ribbon as above. With the button still highlighted, click the Control Tools|Properties tab on the ribbon.
Then in the Label box, change the text to something more appropriate to our task (e.g. Click here to load user data!).
You can drag the button control a little larger to account for the text.
We should end up with something like this:
Before we can populate the fields with user data, we need to create a connection to the User Profile Service.
Add a data connection to the User Profile Service
Click the Data tab on the ribbon, and click the option From Web Service, and From SOAP Web Service.
For the location, enter the URL of your SharePoint site in the following format – http://<site url>/_vti_bin/UserProfileService.asmx?WSDL. Click Next.
Note - for the URL, it can be any SharePoint site URL, not just to the site where your list is.
For the operation, choose GetUserProfileByName. Click Next.
Click Next on the next two screens.
On the final screen, uncheck the box for “Automatically retrieve data when form is opened”. This is because we are going to retrieve the data when the button is clicked, also for performance reasons.
Now we need to wire up the actions on our button to populate the fields with the information for the user in the people picker control.
Tell the form to read the user from the people picker control
Click the Home tab on the ribbon.
Click the button control we created, and under the Rules section of the ribbon, click Manage Rules. Notice the pane appear on the far right.
In the Rules pane, click New –> Action. Change the name to something like “Query and load user data”.
Leave the condition to default (none – rule runs when button is clicked).
Click the Add button next to “Run these actions:”, and choose “Set a field’s value”.
For Field, click the button on the right to load the select a field dialog. Click the Show advanced view on the bottom. At the top, click the drop down and choose the GetUserProfileByName
(Secondary) option. Expand myFields and queryFields to the last option and highlightAccountName. Click ok.
For Value, click the formula icon. On the formula screen, click the Insert Field or Group button. Again click the show advanced view link, but this time leave the data
connection as Main. Expand dataFields, then mySharePointListItem_RW. At the bottom you should see a folder called group (the people picker control we just added to the form). Expand this, then pc:Person,
and highlightAccountId. Click Ok twice to get back to the Rules pane.
If we didn’t do this and just queried the user profile service, it would load the data of the currently logged in user. So we need to tell the form what user to load the data for. We take the AccountID field from the people
picker control and inject into the AccountName query field of the User Profile Service data connection.
Load the user profile service information for the chosen user
Click the Add button next to “Run these actions:”, and choose Query for data.
In the popup, for Data connection, click the one we created earlier – GetUserProfileByName and clickOk.
We’re closing in on our goal. Let’s see our progress. We should see something like this:
Now that we have the user’s data read into the form, we can populate the fields in the contact form. The number of steps to complete will depend on how many fields you want to populate. We need to add an action step for
each field. I’ll show you one example and then you will just repeat the steps for the other fields. Let’s update the Job Title field.
Populate the contact form fields with existing user’s data
Click the Add button next to “Run these actions:”, and choose “Set a field’s value”.
For Field, click the button on the right to load the select a field dialog. Highlight the field Job Title.
For Value, click the formula icon. On the formula screen, click the Insert Field or Group button. Click the Show advanced view on the bottom. At the top, click the
drop down and choose theGetUserProfileByName (Secondary) option. Expand the fields all the way down until you see the Value field. Highlight it but don’t click ok, but click the Filter
Data button, then Add.
For the first dropdown that says Value, choose Select a field or group. The value field will be highlighted, but click the field Name field
under PropertyData. Click Ok.
In the blank field after “is equal to”, click in the box and choose Type text. Then type the text Title.
Click ok until you get back to the Manage Rules pane. The last previous screen will look like this.
We’re going to update common fields that are in the user’s profile, and likely from Active Directory. You can update fields like first and last name, company, mobile and work phone number, etc. For the other fields, the
steps are the same except the Field you choose to update from the form, and the very last step where you enter the text will change. Here’s what the rules look like when we’re done:
We’re all done, good work! You can preview the form and try it now. Click Ctrl+Shift+B to preview the form. Once you’re satisfied, you can publish the form back to the library. Click File –> Quick
Publish. Once it’s done, you will get confirmation:
Now open your form in SharePoint. From the contact list, click Add new item. Type in a name, and click the button and watch the magic happen! -
Setting static mappings with the Active Directory plug-in
There's an advanced section in the Active Directory plug-in preference file called "AD Attribute Static Maps" that I'm assuming I can setup static mappings for user attributes. Does anyone know how to use it. I'd like to create a static mapping for AD user home directories so they are all mapped to a single folder on the local disk.
HI again, have you turned on debug for Directory Services? To do this type sudo killall -USR1 DirectoryService into the terminal on the client and it will create /Library/Logs/DirectoryService/DirectoryService.debug.log and will log everything that Directory Services is doing, but don't forget to turn it off using the same command.
you can see things like 'Password verify for [email protected] succeeded - cache MEMORY:VGSR5A1'. Hope this helps.
Cheers -
BO XI 3.1 : Active Directory Authentication failed to get the Active Directory groups
Dear all
In our environment, there are 2 domain (domain A and B); it works well all the time. Today, all the user belong to domain A are not logi n; for user in domain B, all of them can log in but BO server response is very slowly. and there is error message popup when opening Webi report for domain B user. Below are the error message:
" Active Directory Authentication failed to get the Active Directory groups for the account with ID:XXXX; pls make sure this account is valid and belongs to an accessible domain"
Anyone has encountered similar issue?
BO version: BO XI 3.1 SP5
Authenticate: Windows AD
Thanks and RegardsPlease get in touch with your AD team and verify if there are any changes applied to the domain controller and there are no network issues.
Also since this is a multi domain, make sure you have 2 way transitive forest trust as mentioned in SAP Note : 1323391 and FQDN for Directory servers are maintained in registry as per 1199995
http://service.sap.com/sap/support/notes/1323391
http://service.sap.com/sap/support/notes/1199995
-Ambarish- -
Event ID 91 Could not connect to the Active Directory. Active Directory Certificate Services
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event ID: 91
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: DC1.chickbuns.com
Description:
Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-CertificationAuthority" Guid="{6A71D062-9AFE-4F35-AD08-52134F85DFB9}" EventSourceName="CertSvc" />
<EventID Qualifiers="49754">91</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-07T19:34:00.000000000Z" />
<EventRecordID>819</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>DC1.chickbuns.com</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="MSG_E_DS_RETRY">
</EventData>
</Event>
:\Users\Administrator>dcdiag /fix
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
Warning: DC1 is not advertising as a time server.
......................... DC1 failed test Advertising
Starting test: FrsEvent
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: Replications
......................... DC1 passed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
......................... DC1 passed test Services
Starting test: SystemLog
......................... DC1 passed test SystemLog
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: LocatorCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
......................... chickbuns.com failed test LocatorCheck
Starting test: Intersite
......................... chickbuns.com passed test Intersite.My test lab one sinle domain controller server 2008 R2 Sp1 and member exchange server is using,the event error 91 is generated as per the technet article http://technet.microsoft.com/en-us/library/cc774525(v=ws.10).aspx the domain
computer and domain users in public key services container is not listed ..
C:\Users\Administrator>netdom /query fsmo
Schema master DC1.chickbuns.com
Domain naming master DC1.chickbuns.com
PDC DC1.chickbuns.com
RID pool manager DC1.chickbuns.com
Infrastructure master DC1.chickbuns.com
The command completed successfully.
Command Line: "dcdiag.exe
/V /D /C /E"
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC1, is a Directory Server.
Home Server = DC1
* Connecting to directory service on server DC1.
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=chickbuns,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
DC1.currentTime = 20140110072353.0Z
DC1.highestCommittedUSN = 131148
DC1.isSynchronized = 1
DC1.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=1
pszRootDomain=chickbuns.com
pszNC=
pszRootDomainFQDN=DC=chickbuns,DC=com
pszConfigNc=CN=Configuration,DC=chickbuns,DC=com
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
fAdam=0
iSiteOptions=0
dwTombstoneLifeTimeDays=180
dwForestBehaviorVersion=3
HomeServer=0, DC1
SERVER: pServer[0].pszName=DC1
pServer[0].pszGuidDNSName (binding str)=771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
pServer[0].pszDNSName=DC1.chickbuns.com
pServer[0].pszLdapPort=(null)
pServer[0].pszSslPort=(null)
pServer[0].pszDn=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pServer[0].pszComputerAccountDn=CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
pServer[0].uuidObjectGuid=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].uuidInvocationId=771aab3d-96cd-4fb1-90cd-0899fa6b6207
pServer[0].iSite=0 (Default-First-Site-Name)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=ea9513a0 01cf0dd4
pServer[0].ftRemoteConnectTime=ea2bca80 01cf0dd4
pServer[0].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=ForestDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[1]=DC=DomainDnsZones,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=chickbuns,DC=com
ppszMaster/FullReplicaNCs[4]=DC=chickbuns,DC=com
SITES: pSites[0].pszName=Default-First-Site-Name
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].pszISTG=CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
pSites[0].iSiteOption=0
pSites[0].cServers=1
NC: pNCs[0].pszName=ForestDnsZones
pNCs[0].pszDn=DC=ForestDnsZones,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=5fc582f9-b435-49a1-aa54-41769fc24206,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.chickbuns.com
pNCs[0].aCrInfo[0].iSourceServer=0
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=DomainDnsZones
pNCs[1].pszDn=DC=DomainDnsZones,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=9e1c2cb8-b90b-4e9f-90dd-9903f935e4af,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.chickbuns.com
pNCs[1].aCrInfo[0].iSourceServer=0
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[2].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[2].aCrInfo[0].iSourceServer=0
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[3].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[3].aCrInfo[0].iSourceServer=0
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=chickbuns
pNCs[4].pszDn=DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=CHICKBUNS,CN=Partitions,CN=Configuration,DC=chickbuns,DC=com
pNCs[4].aCrInfo[0].pszDnsRoot=chickbuns.com
pNCs[4].aCrInfo[0].iSourceServer=0
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000
pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, chickbuns,
1 TARGETS: DC1,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC1 ... OK.
* Active Directory RPC Services Check
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
The DC DC1 is advertising itself as a DC and having a DS.
The DC DC1 is advertising as an LDAP server
The DC DC1 is advertising as having a writeable directory
The DC DC1 is advertising as a Key Distribution Center
The DC DC1 is advertising as a time server
The DS DC1 is advertising as a GC.
......................... DC1 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC1 for domain chickbuns.com in site Default-First-Site-Name
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
[DC1] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC1 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC1 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Domain Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role PDC Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Rid Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC1 on DC DC1.
* SPN found :LDAP/DC1.chickbuns.com/chickbuns.com
* SPN found :LDAP/DC1.chickbuns.com
* SPN found :LDAP/DC1
* SPN found :LDAP/DC1.chickbuns.com/CHICKBUNS
* SPN found :LDAP/771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/771aab3d-96cd-4fb1-90cd-0899fa6b6207/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com/chickbuns.com
* SPN found :HOST/DC1.chickbuns.com
* SPN found :HOST/DC1
* SPN found :HOST/DC1.chickbuns.com/CHICKBUNS
* SPN found :GC/DC1.chickbuns.com/chickbuns.com
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC1.
* Security Permissions Check for
DC=ForestDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=chickbuns,DC=com
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=chickbuns,DC=com
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=chickbuns,DC=com
(Configuration,Version 3)
* Security Permissions Check for
DC=chickbuns,DC=com
(Domain,Version 3)
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC1\netlogon
Verified share \\DC1\sysvol
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
DC1 is in domain DC=chickbuns,DC=com
Checking for CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com in domain DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com in domain CN=Configuration,DC=chickbuns,DC=com on 1 servers
Object is up-to-date on all servers.
......................... DC1 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... DC1 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
DC=ForestDnsZones,DC=chickbuns,DC=com has 1 cursors.
DC=DomainDnsZones,DC=chickbuns,DC=com has 1 cursors.
CN=Schema,CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
CN=Configuration,DC=chickbuns,DC=com has 1 cursors.
DC=chickbuns,DC=com has 1 cursors.
* Replication Latency Check
......................... DC1 passed test Replications
Starting test: RidManager
ridManagerReference = CN=RID Manager$,CN=System,DC=chickbuns,DC=com
* Available RID Pool for the Domain is 1600 to 1073741823
fSMORoleOwner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
* DC1.chickbuns.com is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN=RID Set,CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1103
......................... DC1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC1 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... DC1 passed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=chickbuns,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC1 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... DC1 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com and backlink on
CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on
CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=chickbuns,DC=com
are correct.
The system object reference (msDFSR-ComputerReferenceBL)
CN=DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=chickbuns,DC=com
and backlink on CN=DC1,OU=Domain Controllers,DC=chickbuns,DC=com are
correct.
......................... DC1 passed test VerifyReferences
Starting test: VerifyReplicas
......................... DC1 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC1 passed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : chickbuns
Starting test: CheckSDRefDom
......................... chickbuns passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... chickbuns passed test CrossRefValidation
Running enterprise tests on : chickbuns.com
Starting test: DNS
Test results for domain controllers:
DC: DC1.chickbuns.com
Domain: chickbuns.com
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS
Microsoft Windows Server 2008 R2 Enterprise (Service Pack level: 1.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:0C:29:DE:7F:EB
IP Address is static
IP address: 192.168.1.30
DNS servers:
192.168.1.30 (dc1.chickbuns.com.) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: chickbuns.com.
Delegated domain name: _msdcs.chickbuns.com.
DNS server: dc1.chickbuns.com. IP:192.168.1.30 [Valid]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone chickbuns.com
Test record dcdiag-test-record deleted successfully in zone chickbuns.com
TEST: Records registration (RReg)
Network Adapter
[00000007] Intel(R) PRO/1000 MT Network Connection:
Matching CNAME record found at DNS server 192.168.1.30:
771aab3d-96cd-4fb1-90cd-0899fa6b6207._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
DC1.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.48c41195-2630-4461-aaef-ec2a63cd8bf3.domains._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._udp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kpasswd._tcp.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_kerberos._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.gc._msdcs.chickbuns.com
Matching A record found at DNS server 192.168.1.30:
gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_gc._tcp.Default-First-Site-Name._sites.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.chickbuns.com
Matching SRV record found at DNS server 192.168.1.30:
_ldap._tcp.pdc._msdcs.chickbuns.com
Total query time:0 min. 3 sec.. Total RPC connection
time:0 min. 0 sec.
Total WMI connection time:0 min. 6 sec. Total Netuse connection
time:0 min. 0 sec.
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.1 (<name unavailable>)
All tests passed on this DNS server
Total query time:0 min. 0 sec., Total WMI connection
time:0 min. 5 sec.
DNS server: 192.168.1.30 (dc1.chickbuns.com.)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.chickbuns.com. is operational on IP 192.168.1.30
Total query time:0 min. 3 sec., Total WMI connection
time:0 min. 0 sec.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: chickbuns.com
DC1 PASS PASS PASS PASS PASS PASS n/a
Total Time taken to test all the DCs:0 min. 9 sec.
......................... chickbuns.com passed test DNS
Starting test: LocatorCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
PDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
KDC Name: \\DC1.chickbuns.com
Locator Flags: 0xe00033fd
......................... chickbuns.com passed test FsmoCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... chickbuns.com passed test Intersite -
Event properties – Event 91, Level Error, Event ID 91, Date and time 5/10/2012 11:29:48AM, Service CertificationAuthority
General:
Could not connect to the Active Directory.
Active Directory Certificate Services will retry when processing requires Active Directory access.
We have a Windows 2008 Server Enterprise with AD . I would like to enable the service "Certificate Services" that
allow me to enable radius to authenticate users wireless with the active directory.Hi,
Can you please check this forum or someone from Microsoft, as we have post here dating back from October that are not being answered.
Everything for us is exactly the same as szucsati and Racom
NMNM,
Please give us an answer on this as the link provided is absolutely useless.
Thank you. -
Exchange 2010 - #554 5.2.0 The Active Directory user wasn't found
We have migrated form Exchange 2003 to Exchange 2010 a year ago with no issues. All Exchange legacy servers uninstalled with no issues. We had an issue today were emails sent to mail-enabled public folder was returning NDRs. This happened on two or three
and then trickled down thorugh several public folders. This client has several public folders and uses them for business processes. There have been 100s of incidents now.
Symtoms:
E-mail messages that been sent to mail-enabled public folder in Exchange Server 2010 environment rejected with the following NDR:
#554 5.2.0 STOREDRV.Deliver.Exception:ObjectNotFoundException; Failed to process message due to a permanent exception with message The Active Directory user wasn't found. ObjectNotFoundException: The Active Directory user wasn't found. ##
We are getting the following Event log messages on Hub transport servers.
Log Name: Application
Source: MSExchange Store Driver
Date: 5/29/2014 2:45:53 PM
Event ID: 1020
Task Category: MSExchangeStoreDriver
Level: Error
Keywords: Classic
User: N/A
Computer: xxxxxx
Description:
The store driver couldn't deliver the public folder replication message "Backfill Request (xxxxxxx)" because the following error occurred: The Active Directory user wasn't found..
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MSExchange Store Driver" />
<EventID Qualifiers="49156">1020</EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-05-29T18:45:53.000000000Z" />
<EventRecordID>168407</EventRecordID>
<Channel>Application</Channel>
<Computer>xxxxxx</Computer>
<Security />
</System>
<EventData>
<Data>"Backfill Request (xxxxxxx)"</Data>
<Data>The Active Directory user wasn't found.</Data>
</EventData>
</Event>
Actions:
We have executed the following steps.
1. Start the ADSI Edit MMC Snap-in. Click Start, then Run, and type adsiedit.msc, and then click OK.
2. Connect & Expand the Configuration Container [YourServer.DNSDomainName.com], and then expand CN=Configuration,DC=DNSDomainName,DC=com.
3. Expand CN=Services, and then CN=Microsoft Exchange, and then expand CN=YourOrganizationName.
4. You will see an empty Administrative Group. Expand the CN=YourAdministrativeGroupName.
5. Expand CN=Servers.
6. Verify there are no server objects listed under the CN=Servers container.
7. Right click on the empty CN=Servers container and choose Delete.
8. Verify the modification, and try to send again the E-mail to the mail-enabled public folder.
To no avail the issue still exists.
We have not rebooted the servers and plan to in the early morning.
We have dismounted/mounted public folder DBs
Does anyone have any other suggestions?
Danny Kennedy, MCSE, MCITPI have already uninstalled legacy servers a year ago.
This was the solution:
I moved the public folder hierarchy to exchange 2010 using ADSIEdit.
If you don't know adsiedit tool that much check this
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%253Demr_na-c03067450-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&sp4ts.oid=1840527&ac.admitted=1401455429281.876444892.492883150
Danny Kennedy, MCSE, MCITP -
Sccm 2012 extent the active directory schema error
Hello
I am experiecing an issue when attempting to extend my AD Schema for SCCM 2012
<12-10-2014 20:04:33> Modifying Active Directory Schema - with SMS extensions.
<12-10-2014 20:04:33> DS Root:CN=Schema,CN=Configuration,DC=,DC=com
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Site-Code. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Assignment-Site-Code. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Site-Boundaries. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Roaming-Boundaries. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Default-MP. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Device-Management-Point. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-MP-Name. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-MP-Address. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Health-State. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Source-Forest. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Ranged-IP-Low. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=MS-SMS-Ranged-IP-High. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Version. Error code = 8224.
<12-10-2014 20:04:33> Failed to create attribute cn=mS-SMS-Capabilities. Error code = 8224.
<12-10-2014 20:04:33> Failed to create class cn=MS-SMS-Management-Point. Error code = 8202.
<12-10-2014 20:04:33> Failed to create class cn=MS-SMS-Server-Locator-Point. Error code = 8202.
<12-10-2014 20:04:33> Failed to create class cn=MS-SMS-Site. Error code = 8202.
<12-10-2014 20:04:33> Failed to create class cn=MS-SMS-Roaming-Boundary-Range. Error code = 8202.
<12-10-2014 20:04:33> Failed to extend the Active Directory schema, please find details in "C:\ExtADSch.log".
any one help me to fix this issueHi,
It is most likley due to a replication Issue in your AD, check the previous thread on the topic:https://social.technet.microsoft.com/Forums/systemcenter/en-US/1d377109-4fa9-4608-8a3a-cefd436e82ee/error-8224-when-extending-active-directory-schema
Make sure that all replication issues are solved and try again.
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec -
Activating Windows 7 by using KMS Without the Active Directory Domain environment
Dear,
Can we able to activate the Windows 7 O/S Machines by using KMS without the Active Directory Domain environment,As our some of the Computers will not connect with AD domain, we need to setup the speprate KMS
server for this.
Thanks
Balaji KYou can point the KMS clients to the KMS host machine by opening an Elevated CMD prompt:
and running slmgr /skms to point directly to the KMS host.
You do not need a Domain controller.
Volume Licensing: Key Management Service (KMS) Client Options:
/skms <Name[:Port] | : port> [Activation ID] [Activation ID]
Set the name and/or the port for the KMS computer this machine will use. IPv6 address must be specified in
the format [hostname]:port /ckms [Activation ID]
Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread. -
Is it possible to get the active directory user name of the person
Is it possible to get the active directory user name of the person who is logged onto a windows computer, when they are using your coldfusion site, the same way asp pages can do that?
SECOND TRY TO POST THIS REPLY
You have to turn on "Windows Integrated Security" and turn off anonymous login in the IIS web server, once that condition is met the cgi.AUTH_USER variable will be popluated with the domain/username of the user logged into the cient computer.
If the user is using a windows browser on a windows client computer this will be done silently in the background. Otherwise they will normally be presented with a login dialog box by the browser. -
Can't browse the Active Directory from ACS 5.1
Hi,
we just joined our ACS 5.1 to our Active Directory 2003, the system seems correctly joined on the ACS we have as connectivity status: joined and if we try it with the test button we get "connection succeded", on the AD tool we notice that an computer account for our ACS have been created.
We wanted to created the Directory Group but the browsing tool is empty and any query does not give any output.
The ACS is joined but we're not able to browse the Active Directory.
Any suggestions what could be the problem?
Thank you.This is an on-going issue due to below mentioned defect.
CSCtf39158 -Can't retrieve AD groups in single forest with multiple trees scenarios
You need to apply Patch 3 to get this fixed
filename: 5-1-0-44-3
Download from: CCO / Support / Download Software http://www.cisco.com/public/sw-center/index.shtml
Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.1 / 5.1.0.44
##Steps to create repository##
Go to the CLI mode of this ACS
Create a repository (it's basically defining FTP server)
AAA/admin(config)# repository FTP ---> (could be any name)
AAA/admin(config-Repository)# url ftp://
AAA/admin(config-Repository)# user password plain
===============================
Steps to Install the ACS 5.1 patch:
===============================
Issue the following acs patch command in the EXEC mode to install the ACS patch:
acs patch install patch-name.tar.gpg repository repository-name
Rgds.
JK
Do rate helpful posts- -
Event ID 31138 "during the active directory update not -uc enabled agents were found"
Hi All,
I have Lync standard 2013 server on-premise and Exchange Office 365. I have enabled my users for Voice.
When I add a user to a response group I get the warning that the user is not enterprise voice enabled. This is strange as the user is enterprise enabled and can make and receive calls.
I also have Event ID 31138 on my Front End server.
"during the active directory update not -uc enabled agents were found
The following agents are specified as agents but are not UC enabled:
sip:[email protected]"
Any thoughts?Hi,
Did you change the default SIP Domain before?
If yes. You may need to remove agent from database. As the agents of a Response Group are added to the rgsconfigdatabase, within the database you will find a table called dbo.Agents. When open it you will see an overview of theagents which are member
of the groups. You can do the following steps to remove an agent from this table:
Right click on the dbo.Agents table and select the option Edit Top 200 rows
Search for the user and remove the specific record.
More details:
http://troubleshootinglync.blogspot.com/2013/05/event-id-31137-unable-to-removeadd.html
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support
Maybe you are looking for
-
I just rented 2 movies on my Apple TV and now I am getting the message, "Your Apple TV is not authorized to play this content". Now I have 2 Apple TV's and they both are saying the same thing. Yes, I have done reset, restore, etc. but nothing! Frustr
-
I love the new Idea of sorting, but I haven't got it down yet. Is there an easy to copy all of the "Artist" names into the "Sort Artist" category? And.. How will this work with my video iPod?
-
Using BIA_RegisterCalcValidationProgram in Excel AUTO_OPEN macro
The documentation for the Spreadsheet Addin, section 5.5, states: "You can include the BIA_RegisterCalcValidationProgram() macro in the auto_open procedure to automatically register the program for calculation and validation when a workbook is opened
-
Warning Error in opening Aperture
I am running Aperture 3.4.5 I was in the middle of downloading some photos from my son's new iPhone 5c when Aperture stopped responding - I removed the phone and yet in the Import section it was still listed as there - then my iMAC stopped responding
-
Rotated photo reverts when inserted into Word
How do I prevent a rotated photo from reverting to original when inserting in a Word document?