all roles now look at bserver and DCDIAG looks ok (unless anyone tells me
different). SYSLOGON scripts and NETLOGON stil not available however and i
have not drive switching off dserver (old dc) yet.
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine bserver, is a DC.
* Connecting to directory service on server bserver.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\BSERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... BSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\BSERVER
Starting test: Replications
* Replications Check
[Replications Check,BSERVER] A recent replication attempt failed:
From DSERVER to BSERVER
Naming Context: CN=Schema,CN=Configuration,DC=domain,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup
failure.
The failure occurred at 2005-09-12 14:14:30.
The last success occurred at 2005-09-12 13:54:15.
1 failures have occurred since the last success.
The guid-based DNS name
d01b35d9-1284-4cb0-9cd8-ae9d5c7bb186._msdcs.domain.com
is not registered on one or more DNS servers.
[Replications Check,BSERVER] A recent replication attempt failed:
From DSERVER to BSERVER
Naming Context: CN=Configuration,DC=domain,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup
failure.
The failure occurred at 2005-09-12 14:14:30.
The last success occurred at 2005-09-12 13:54:14.
1 failures have occurred since the last success.
The guid-based DNS name
d01b35d9-1284-4cb0-9cd8-ae9d5c7bb186._msdcs.domain.com
is not registered on one or more DNS servers.
[Replications Check,BSERVER] A recent replication attempt failed:
From DSERVER to BSERVER
Naming Context: DC=domain,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup
failure.
The failure occurred at 2005-09-12 14:14:30.
The last success occurred at 2005-09-12 13:54:14.
1 failures have occurred since the last success.
The guid-based DNS name
d01b35d9-1284-4cb0-9cd8-ae9d5c7bb186._msdcs.domain.com
is not registered on one or more DNS servers.
* Replication Latency Check
* Replication Site Latency Check
......................... BSERVER passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=domain,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=domain,DC=com
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=domain,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=domain,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=domain,DC=com
(Domain,Version 2)
......................... BSERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... BSERVER passed test NetLogons
Starting test: Advertising
The DC BSERVER is advertising itself as a DC and having a DS.
The DC BSERVER is advertising as an LDAP server
The DC BSERVER is advertising as having a writeable directory
The DC BSERVER is advertising as a Key Distribution Center
The DC BSERVER is advertising as a time server
The DS BSERVER is advertising as a GC.
......................... BSERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
Role Domain Owner = CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
Role PDC Owner = CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
Role Rid Owner = CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
......................... BSERVER passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2101 to 1073741823
* bserver.domain.COM is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1601 to 2100
* rIDPreviousAllocationPool is 1601 to 2100
* rIDNextRID: 1601
......................... BSERVER passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/bserver.domain.COM/domain.com
* SPN found :LDAP/bserver.domain.COM
* SPN found :LDAP/BSERVER
* SPN found :LDAP/bserver.domain.COM/domain
* SPN found
:LDAP/41a036d2-d434-4d3d-aa0b-3fb95a176fd4._msdcs.domain.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/41a036d2-d434-4d3d-aa0b-3fb95a176fd4/domain.com
* SPN found :HOST/bserver.domain.COM/domain.com
* SPN found :HOST/bserver.domain.COM
* SPN found :HOST/BSERVER
* SPN found :HOST/bserver.domain.COM/domain
* SPN found :GC/bserver.domain.COM/domain.com
......................... BSERVER passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: Idomainerv
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... BSERVER passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
BSERVER is in domain DC=domain,DC=com
Checking for CN=BSERVER,OU=Domain Controllers,DC=domain,DC=com in
domain DC=domain,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
in domain CN=Configuration,DC=domain,DC=com on 1 servers
Object is up-to-date on all servers.
......................... BSERVER passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... BSERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after
the
SYSVOL has been shared. Failing SYSVOL replication problems may
cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 09/12/2005 14:36:31
Event String: The File Replication Service is having trouble
enabling replication from DSERVER to BSERVER for
c:\windows\sysvol\domain using the DNS name
dserver.domain.COM. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
dserver.domain.COM from this computer.
[2] FRS is not running on dserver.domain.COM.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
......................... BSERVER failed test frsevent
Starting test: kccevent
* The KCC Event log test
An Error Event occured. EventID: 0xC0000466
Time Generated: 09/12/2005 14:29:01
Event String: Active Directory was unable to establish a
connection with the global catalog.
Additional Data
Error value:
1355
The specified domain either does not exist or could not be contacted.
Internal ID:
3200caf
User Action:
Make sure a global catalog is available in the
forest, and is reachable from this domain
controller. You may use the nltest utility to
diagnose this problem.
......................... BSERVER failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x0000164A
Time Generated: 09/12/2005 14:34:51
Event String: The Netlogon service could not create server
share C:\WINDOWS\SYSVOL\sysvol\domain.COM\SCRIPTS.
The following error occurred:
%%2
......................... BSERVER failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=BSERVER,OU=Domain Controllers,DC=domain,DC=com and backlink on
CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=BSERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=domain,DC=com
and backlink on CN=BSERVER,OU=Domain Controllers,DC=domain,DC=com
are
correct.
The system object reference (serverReferenceBL)
CN=BSERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=domain,DC=com
and backlink on
CN=NTDS
Settings,CN=BSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=com
are correct.
......................... BSERVER passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the
scope
provided by the command line arguments provided.
......................... domain.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\bserver.domain.COM
Locator Flags: 0xe00003fd
PDC Name: \\bserver.domain.COM
Locator Flags: 0xe00003fd
Time Server Name: \\bserver.domain.COM
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\bserver.domain.COM
Locator Flags: 0xe00003fd
KDC Name: \\bserver.domain.COM
Locator Flags: 0xe00003fd
......................... domain.com passed test FsmoCheck
