Slow Logons and Can't open files

Joined
Sep 29, 2009
Messages
1
Reaction score
0
Hello

All, I have a new AD Domain controler, single DC, small network (15 clients).

Setup DC, and enabled roles in order, File Server, AD (with DNS for that) and then DHCP, WINS, Sharepoint

Looked OK at first, then when users started logging on we were experieincing very slow logins, and strugling to open file shares

Here is the output of the DC diag, I don't really want to do a re-install, can this be rescued?


Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine server1, is a DC.
* Connecting to directory service on server server1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\SERVER1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SERVER1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\SERVER1
Starting test: Replications
* Replications Check
* Replication Latency Check
* Replication Site Latency Check
......................... SERVER1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SERVER1.
* Security Permissions Check for
DC=ForestDnsZones,DC=ad,DC=cavitech,DC=internal
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=ad,DC=cavitech,DC=internal
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ad,DC=cavitech,DC=internal
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=ad,DC=cavitech,DC=internal
(Configuration,Version 2)
* Security Permissions Check for
DC=ad,DC=cavitech,DC=internal
(Domain,Version 2)
......................... SERVER1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
[SERVER1] An net use or LsaPolicy operation failed with error 64, Win32 Error 64.
......................... SERVER1 failed test NetLogons
Starting test: Advertising
The DC SERVER1 is advertising itself as a DC and having a DS.
The DC SERVER1 is advertising as an LDAP server
The DC SERVER1 is advertising as having a writeable directory
The DC SERVER1 is advertising as a Key Distribution Center
The DC SERVER1 is advertising as a time server
The DS SERVER1 is advertising as a GC.
......................... SERVER1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal
Role Domain Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal
Role PDC Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal
Role Rid Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal
......................... SERVER1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 1604 to 1073741823
* server1.ad.cavitech.internal is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1104 to 1603
* rIDPreviousAllocationPool is 1104 to 1603
* rIDNextRID: 1150
......................... SERVER1 passed test RidManager
Starting test: MachineAccount
Checking machine account for DC SERVER1 on DC SERVER1.
Could not open pipe with [SERVER1]:failed with 64: Win32 Error 64
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
* SPN found :LDAP/server1.ad.cavitech.internal/ad.cavitech.internal
* SPN found :LDAP/server1.ad.cavitech.internal
* SPN found :LDAP/SERVER1
* Missing SPN :(null)
* SPN found :LDAP/945afbb0-6d1c-418f-9113-6e448d6300db._msdcs.ad.cavitech.internal
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/945afbb0-6d1c-418f-9113-6e448d6300db/ad.cavitech.internal
* SPN found :HOST/server1.ad.cavitech.internal/ad.cavitech.internal
* SPN found :HOST/server1.ad.cavitech.internal
* SPN found :HOST/SERVER1
* Missing SPN :(null)
* SPN found :GC/server1.ad.cavitech.internal/ad.cavitech.internal
......................... SERVER1 failed test MachineAccount
Starting test: Services
Could not open Remote ipc to [SERVER1]:failed with 64: Win32 Error 64
......................... SERVER1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
SERVER1 is in domain DC=ad,DC=cavitech,DC=internal
Checking for CN=SERVER1,OU=Domain Controllers,DC=ad,DC=cavitech,DC=internal in domain DC=ad,DC=cavitech,DC=internal on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal in domain CN=Configuration,DC=ad,DC=cavitech,DC=internal on 1 servers
Object is up-to-date on all servers.
......................... SERVER1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
[SERVER1] An net use or LsaPolicy operation failed with error 64, Win32 Error 64.
The registry lookup failed to determine the state of the SYSVOL. The

error returned was 64 (Win32 Error 64). Check the FRS event log to

see if the SYSVOL has successfully been shared.
......................... SERVER1 failed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... SERVER1 failed test frsevent
Starting test: kccevent
* The KCC Event log test
Failed to enumerate event log records, error Win32 Error 64
......................... SERVER1 failed test kccevent
Starting test: systemlog
* The System Event log test
Failed to enumerate event log records, error Win32 Error 64
......................... SERVER1 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)

CN=SERVER1,OU=Domain Controllers,DC=ad,DC=cavitech,DC=internal and

backlink on

CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal

are correct.
The system object reference (frsComputerReferenceBL)

CN=SERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=ad,DC=cavitech,DC=internal

and backlink on

CN=SERVER1,OU=Domain Controllers,DC=ad,DC=cavitech,DC=internal are

correct.
The system object reference (serverReferenceBL)

CN=SERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=ad,DC=cavitech,DC=internal

and backlink on

CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cavitech,DC=internal

are correct.
......................... SERVER1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : ad
Starting test: CrossRefValidation
......................... ad passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ad passed test CheckSDRefDom

Running enterprise tests on : ad.cavitech.internal
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope

provided by the command line arguments provided.
......................... ad.cavitech.internal passed test Intersite
Starting test: FsmoCheck
GC Name: \\server1.ad.cavitech.internal
Locator Flags: 0xe00003fd
PDC Name: \\server1.ad.cavitech.internal
Locator Flags: 0xe00003fd
Time Server Name: \\server1.ad.cavitech.internal
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\server1.ad.cavitech.internal
Locator Flags: 0xe00003fd
KDC Name: \\server1.ad.cavitech.internal
Locator Flags: 0xe00003fd
......................... ad.cavitech.internal passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
 
Back
Top