Domain membership test: Failed

[viola]

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.

 

[viola]

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.

The two servers are Alrange1 (with problem) and Alrange2 in one domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising

.......................... ALRANGE1 failed test KnowsOfRoleHolders

Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system cannot find
the file specified.
......................... ALRANGE1 failed test RidManager

Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services

Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol

Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck

 

[Meinolf Weber]

Hello viola,

Beginning wiht your first posting without any usable content, please describe
your setup, how many DC's, which operating system, how many sites and what
happens before you got the errors. DId you change anything or does a server
crash and you reinstalled one from a backup etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.

The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders

Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoChec

 

[viola]

Thanx Meinolf for fast reply... and patience, I'm trying my best to the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and Alrange2, one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus infection. I
have reformatted HD, changed partitions and with HP support restored server.
Required services (login, backup, EDI, file sharing) were working so I
didn't do any diagnostics untill now, when I have to add new server Win2003.
I realize that before that happens I need to make sure W2K servers are
running smoothly and will let me do ADPrep.
--
V

Hello viola,

Beginning wiht your first posting without any usable content, please describe
your setup, how many DC's, which operating system, how many sites and what
happens before you got the errors. DId you change anything or does a server
crash and you reinstalled one from a backup etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.

The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders

Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck

 

[Meinolf Weber]

Hello viola,

Please post an unedited ipconfig /all from both servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Thanx Meinolf for fast reply... and patience, I'm trying my best to
the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and Alrange2,
one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus
infection. I
have reformatted HD, changed partitions and with HP support restored
server.
Required services (login, backup, EDI, file sharing) were working so I
didn't do any diagnostics untill now, when I have to add new server
Win2003.
I realize that before that happens I need to make sure W2K servers are
running smoothly and will let me do ADPrep.

Hello viola,

Beginning wiht your first posting without any usable content, please
describe your setup, how many DC's, which operating system, how many
sites and what happens before you got the errors. DId you change
anything or does a server crash and you reinstalled one from a backup
etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

:

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.
--
V
The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders
Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoChec

 

[viola]

Here are the outcomes...

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : alrange1
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-11-85-D4-E4-65
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.40
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : ALRANGE2
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-0A-85-5B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2

--
V

Hello viola,

Please post an unedited ipconfig /all from both servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Thanx Meinolf for fast reply... and patience, I'm trying my best to
the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and Alrange2,
one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus
infection. I
have reformatted HD, changed partitions and with HP support restored
server.
Required services (login, backup, EDI, file sharing) were working so I
didn't do any diagnostics untill now, when I have to add new server
Win2003.
I realize that before that happens I need to make sure W2K servers are
running smoothly and will let me do ADPrep.

Hello viola,

Beginning wiht your first posting without any usable content, please
describe your setup, how many DC's, which operating system, how many
sites and what happens before you got the errors. DId you change
anything or does a server crash and you reinstalled one from a backup
etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
:

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.
--
V
The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders
Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck

 

[Meinolf Weber]

Hello viola,

Can you remember after that time how you restored the crashed machine? Seems
that something was not properly set during restoring.

Anyway, i would try out this:

- check which of the 5 FSMO roles are on which DC and post the result

- disconnect the restored dc from the domain
- make again sure that the always running DC is GC and that clients are set
to use that machine for DNS
- check on a client that everything is running as expected, login, scripts,
shares etc.
- try creating a test user, group, policies etc. on the DC and try out to
using the client for the new configured settings, policies, users etc.

- if everything is working as expected, try it the other way around with
the restored DC
- if you get any error, i would remove the restored DC from the domain and
cleanup AD on the other DC according to this: http://support.microsoft.com/kb/555846/en-us

- then reinstall the restored DC from scratch, even it is more work but after
a year i think it is the better way to use the running DC and add a new installed
DC to the hopefully running DC

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Here are the outcomes...

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : alrange1
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-11-85-D4-E4-65
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.40
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : ALRANGE2
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
Connection
Physical Address. . . . . . . . . : 00-C0-9F-0A-85-5B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2

Hello viola,

Please post an unedited ipconfig /all from both servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Thanx Meinolf for fast reply... and patience, I'm trying my best to
the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and Alrange2,
one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus
infection. I
have reformatted HD, changed partitions and with HP support restored
server.
Required services (login, backup, EDI, file sharing) were working so
I
didn't do any diagnostics untill now, when I have to add new server
Win2003.
I realize that before that happens I need to make sure W2K servers
are
running smoothly and will let me do ADPrep.
:
Hello viola,

Beginning wiht your first posting without any usable content,
please describe your setup, how many DC's, which operating system,
how many sites and what happens before you got the errors. DId you
change anything or does a server crash and you reinstalled one from
a backup etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
:

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.
--
V
The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders
Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck

 

[viola]

Thanx Meinolf,
FSMO roles (are these really bad results?):
Alrange1 (problematic one)
Testing server: Default-First-Site\ALRANGE1
is the Schema Owner, but is deleted.
is the Domain Owner, but is deleted
is the PDC Owner, but is deleted.
is the Rid Owner, but is deleted.
is the Infrastructure Update Owner, but is deleted

Alrange2 (running fine)
Testing server: Default-First-Site\ALRANGE2
is the Schema Owner, but is deleted.
is the Domain Owner, but is deleted
is the PDC Owner, but is deleted.
is the Rid Owner, but is deleted.
is the Infrastructure Update Owner, but is deleted.

that's what I suspected and feared...restore,
there is not other way, I guess?
will have to wait till weekend to disconnect

--
V

Hello viola,

Can you remember after that time how you restored the crashed machine? Seems
that something was not properly set during restoring.

Anyway, i would try out this:

- check which of the 5 FSMO roles are on which DC and post the result

- disconnect the restored dc from the domain
- make again sure that the always running DC is GC and that clients are set
to use that machine for DNS
- check on a client that everything is running as expected, login, scripts,
shares etc.
- try creating a test user, group, policies etc. on the DC and try out to
using the client for the new configured settings, policies, users etc.

- if everything is working as expected, try it the other way around with
the restored DC
- if you get any error, i would remove the restored DC from the domain and
cleanup AD on the other DC according to this: http://support.microsoft.com/kb/555846/en-us

- then reinstall the restored DC from scratch, even it is more work but after
a year i think it is the better way to use the running DC and add a new installed
DC to the hopefully running DC

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Here are the outcomes...

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : alrange1
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-11-85-D4-E4-65
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.40
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : ALRANGE2
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
Connection
Physical Address. . . . . . . . . : 00-C0-9F-0A-85-5B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2

Hello viola,

Please post an unedited ipconfig /all from both servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanx Meinolf for fast reply... and patience, I'm trying my best to
the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and Alrange2,
one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus
infection. I
have reformatted HD, changed partitions and with HP support restored
server.
Required services (login, backup, EDI, file sharing) were working so
I
didn't do any diagnostics untill now, when I have to add new server
Win2003.
I realize that before that happens I need to make sure W2K servers
are
running smoothly and will let me do ADPrep.
:
Hello viola,

Beginning wiht your first posting without any usable content,
please describe your setup, how many DC's, which operating system,
how many sites and what happens before you got the errors. DId you
change anything or does a server crash and you reinstalled one from
a backup etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
:

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.
--
V
The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test KnowsOfRoleHolders
Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck

 

[Meinolf Weber]

Hello viola,

BEFORE going on, i would really recommend that you make a backup of all important
Data. Then disconnect the restored one.

Check that the Alrange2 is DNS and Global catalog.

On Alrange2, i would seize the 5 FSMO roles according to this: http://support.microsoft.com/kb/255504

After that reboot the server, then run dcdiag and netdiag and post the complete
output here.

Then do the tests from my other posting, with creating users, poilcies, groups
etc., also clients logon, use shares and other ressources.

See if it is possible, if you are lucky it works.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Thanx Meinolf,
FSMO roles (are these really bad results?):
Alrange1 (problematic one)
Testing server: Default-First-Site\ALRANGE1
is the Schema Owner, but is deleted.
is the Domain Owner, but is deleted
is the PDC Owner, but is deleted.
is the Rid Owner, but is deleted.
is the Infrastructure Update Owner, but is deleted
Alrange2 (running fine)
Testing server: Default-First-Site\ALRANGE2
is the Schema Owner, but is deleted.
is the Domain Owner, but is deleted
is the PDC Owner, but is deleted.
is the Rid Owner, but is deleted.
is the Infrastructure Update Owner, but is deleted.
that's what I suspected and feared...restore,
there is not other way, I guess?
will have to wait till weekend to disconnect

Hello viola,

Can you remember after that time how you restored the crashed
machine? Seems that something was not properly set during restoring.

Anyway, i would try out this:

- check which of the 5 FSMO roles are on which DC and post the result

- disconnect the restored dc from the domain
- make again sure that the always running DC is GC and that clients
are set
to use that machine for DNS
- check on a client that everything is running as expected, login,
scripts,
shares etc.
- try creating a test user, group, policies etc. on the DC and try
out to
using the client for the new configured settings, policies, users
etc.
- if everything is working as expected, try it the other way around
with
the restored DC
- if you get any error, i would remove the restored DC from the
domain and
cleanup AD on the other DC according to this:
http://support.microsoft.com/kb/555846/en-us
- then reinstall the restored DC from scratch, even it is more work
but after a year i think it is the better way to use the running DC
and add a new installed DC to the hopefully running DC

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Here are the outcomes...

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : alrange1
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-11-85-D4-E4-65
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.40
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : ALRANGE2
Primary DNS Suffix . . . . . . . : Alrange.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Alrange.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
Connection
Physical Address. . . . . . . . . : 00-C0-9F-0A-85-5B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.14.1
DNS Servers . . . . . . . . . . . : 192.168.14.40
192.168.14.2
:
Hello viola,

Please post an unedited ipconfig /all from both servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanx Meinolf for fast reply... and patience, I'm trying my best
to
the job
that's been 'given' me...
There is ALRANGE domain with two W2K servers, Alrange1 and
Alrange2,
one Site,
no DHCP, both are DNS and GC.
About a yr ago, Alrange1 was restored, after bad case of virus
infection. I
have reformatted HD, changed partitions and with HP support
restored
server.
Required services (login, backup, EDI, file sharing) were working
so
I
didn't do any diagnostics untill now, when I have to add new
server
Win2003.
I realize that before that happens I need to make sure W2K servers
are
running smoothly and will let me do ADPrep.
:
Hello viola,

Beginning wiht your first posting without any usable content,
please describe your setup, how many DC's, which operating
system, how many sites and what happens before you got the
errors. DId you change anything or does a server crash and you
reinstalled one from a backup etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
:

This machine is not working properly as a DC.
NetDiag.log registered this and other msg about:
Secure channel to domain is broken (ERROR_NO_LOGON_SERVERS)
Ping by IP and by FQDN (full name) work.
There are two DCs in the domain, and both can't contact domain,
Event Viewer System Log has 16650 and 5719 errors.
Please help.
--
V
The two servers are Alrange1 (with problem) and Alrange2 in one
domain.

Additional info from DCdiag (only errors, others were passed OK)
Starting test: Advertising
Warning: DsGetDcName returned information for
\\ALRANGE2.Alrange.com, when we were trying to reach ALRANGE1.
Server is not responding or is not considered suitable.
......................... ALRANGE1 failed test Advertising
......................... ALRANGE1 failed test
KnowsOfRoleHolders
Starting test: RidManager
Warning: FSMO Role Owner is deleted.
Warning: rid set reference is deleted.
ldap_search_sW of CN=RID Set\
DEL:603d0370-c857-40ea-8105-938c8d912e53,CN=Deleted
Objects,DC=Alrange,DC=com for rid info failed with 2: The system
cannot find
the file specified.
......................... ALRANGE1 failed test RidManager
Starting test: Services
RPCLOCATOR Service is stopped on [ALRANGE1]
......................... ALRANGE1 failed test Services
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... ALRANGE1 passed test frssysvol
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... Alrange.com failed test FsmoCheck