Announcement

Collapse
No announcement yet.

An special AD ...

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • An special AD ...

    Hello,

    I have big trouble with my Ad.
    The history,
    i have a domain NT4 domain (SRVADM) with 1 PDC and 2 BDC.
    I install Windows 2000 on the PDC (SALJVDC11) to instal AD mixte SRVADM.local.

    The server crash completly, i change the computer and restart with the backup system on a simple server ... without backup system ( yes i know ...... )
    All work's fine, but a night ( ... ) the Hard drive crash on this computer ...
    No backup, a lot of user, computer and other.

    The BDC nt4 have some trouble with all the new machine, and some computer can't connect on the domain ...
    So i find a solution to copy octet by octet to an another hard drive the DC (SALJVDC11) ...
    But NTDS.DIT is bad ...
    I use ntdsutil and after a lot of time i have a valid (.........) ntds.dit : the server start and all the computer can connect to the domain ...

    All good ??? not exactly ...
    when i start "Utilisateurs et ordinateurs Active Directory" for exemple, i have an error :
    "un chemin d'accès active directory non valide a été transmis" ( Invalid Active Directory Pathname Was Passed )
    and all active directory tools too ...

    If i make a
    netdom query fsmo :
    E:\Support Tools>netdom query fsmo
    Schema owner (null)
    Domain role owner (null)
    PDC role (null)
    RID pool manager (null)
    Infrastructure owner (null)
    The command completed successfully.

    if i make a ntdsutil i can connect (connection to server saljvdc11 )
    fsmo maintenance: seize schema master
    Tentative de transfert sûr de schema FSMO avant la cessation.
    Erreur ldap_modify_sW 0x34(52 (Non disponible).
    Le message d'erreur étendue Ldap est 000020AF: SvcErr: DSID-032101FA, problem 50
    02 (UNAVAILABLE), data 8438

    L'erreur Win32 renvoyée est 0x20af(L'opÚration FSMO demandÚe a ÚchouÚ. Le propri
    Útaire FMSO actuel n'a pas pu Ûtre contactÚ.)
    )
    Selon le code d'erreur, ceci peut indiquer une erreur Ldap, de connexion ou
    de transfert de rôle.
    Le transfert de schema FSMO a échoué, cessation en cours...
    Le serveur "saljvdc11.srvadm.local" est informé de 5 rôles
    Schéma - CN=NTDS Settings,CN=SALJVDC11,CN=Servers,CN=Premier-Site-par-defaut,CN=
    Sites,CN=Configuration,DC=SRVADM,DC=local
    Domaine - CN=NTDS Settings,CN=SALJVDC11,CN=Servers,CN=Premier-Site-par-defaut,CN
    =Sites,CN=Configuration,DC=SRVADM,DC=local
    PDC - CN=NTDS Settings,CN=SALJVDC11,CN=Servers,CN=Premier-Site-par-defaut,CN=Sit
    es,CN=Configuration,DC=SRVADM,DC=local
    RID - CN=NTDS Settings,CN=SALJVDC11,CN=Servers,CN=Premier-Site-par-defaut,CN=Sit
    es,CN=Configuration,DC=SRVADM,DC=local
    Infrastructure - CN=NTDS Settings,CN=SALJVDC11,CN=Servers,CN=Premier-Site-par-de
    faut,CN=Sites,CN=Configuration,DC=SRVADM,DC=local

    if i launch dcdiag /v i have a crash :
    C:\WINNT\Profiles\smartin>dcdiag /fix /v

    DC Diagnosis

    Performing initial setup:
    * Verifing that the local machine saljvdc11, is a DC.
    * Connecting to directory service on server saljvdc11.
    * Collecting site info.
    * Identifying all servers.
    crash : 0x01011c31 at memory ....can not be read ...

    the DNS is up but with error :
    Le serveur DNS n'a pas pu ouvrir Active Directory. (the DNS server can not open Active Directory)

    But all the rest works (...lol ...), the user can connect, the security on the files servers works, the shared printers works, the logon script works (on the dc SALJVDC11).
    The ldap;exe work i can connect but i don't now it ?

    I try a lot of patch, test and other ....

    so i try to connect a new domain server and when i launch DCPROMO the new server have an unkown error from microsoft :
    Recherche d'un contrôleur de domaine pour le domaine SRVADM.local qui contient le compte UTILISAT-7BSQVD$
    Un contrôleur de domaine saljvdc11.SRVADM.local a été trouvé pour le domaine SRVADM.local
    Utilisation du site Premier-Site-par-defaut pour le serveur \\saljvdc11.SRVADM.local
    Forcing time sync
    Synchronisation forcée avec \\saljvdc11.SRVADM.local
    Setting machine account to be DC
    Configuration du compte du serveur
    Searching for the machine account for SALJVDC12$ on \\saljvdc11.SRVADM.local...
    Configuration du compte du serveur
    NtdsSetReplicaMachineAccount returned 1787
    DsRolepSetMachineAccountType returned 1787
    Error - Impossible de modifier les propriétés nécessaires pour le compte d'ordinateur UTILISAT-7BSQVD$.
    (1787)
    La tentative de promotion du contrôleur de domaine est terminée
    DsRolepSetOperationDone returned 0

    I find on microsoft site some information with local security on the DC, i try but no change ...

    In my opinion the ntds.dit have some cross-ref very bad, but where and how change it ?

  • #2
    Re: An special AD ...

    other test :

    on SALJVDC11 (DC)

    dnscmd /enumzones

    DnssrvEnumZones() failed.
    Status = 1168899 (0x0011d603)

    Command failed: UNKNOWN 1168899 (0011d603)

    i am ready to offer money or other to find a solution

    Comment


    • #3
      Re: An special AD ...

      i continue with the test :

      with the command

      ntfrsutl ds

      NTFRS CONFIGURATION IN THE DS
      SUBSTITUTE DCINFO FOR DC
      FRS DomainControllerName: (null)
      Computer Name : SALJVDC11
      Computer DNS Name : saljvdc11.SRVADM.local

      BINDING TO THE DS:
      ldap_connect : saljvdc11.SRVADM.local
      DsBind : saljvdc11.SRVADM.local

      NAMING CONTEXTS:
      SitesDn : CN=Sites,cn=configuration,dc=srvadm,dc=local
      ServicesDn : CN=Services,cn=configuration,dc=srvadm,dc=local
      DefaultNcDn: DC=SRVADM,DC=local
      ComputersDn: CN=Computers,DC=SRVADM,DC=local
      DomainCtlDn: OU=Domain Controllers,DC=SRVADM,DC=local
      Fqdn : CN=SALJVDC11,OU=Domain Controllers,DC=SRVADM,DC=local
      Searching : Fqdn

      COMPUTER: ERROR - The object returned by the DS lacks a dn (00236aa0), Rdn (0023
      6530), or Guid(00000000)
      COMPUTER: ERROR - Using ldp, bind to ljvdc11.SRVADM.local and search the contain
      er CN=SALJVDC11,OU=Domain Controllers,DC=SRVADM,DC=local using the filter (&(obj
      ectCategory=computer)(sAMAccountName=SALJVDC11$)) for more information.

      Comment


      • #4
        Re: An special AD ...

        FRSDIAG :

        Checking for errors/warnings in FRS Event Log ....
        NtFrs 06/03/2009 01:38:14 Warning 13562 Ci-dessous se trouve un résumé des avertissements et des erreurs rencontrés par le service de réplication des fichiers lors de l'interrogation du contrôleur de domaine saljvdc11.SRVADM.local concernant les informations de configuration du jeu de réplicas FRS. N'a pas pu trouver un objet ordinateur pour cet ordinateur. Nouvelle tentative lors du prochain cycle d'interrogation.
        ......... failed 1
        Checking for errors in Directory Service Event Log ....
        NTDS Inter-site Messaging 06/03/2009 12:00:25 Error 1374 La requête visant à savoir comment les sites sont interconnectés via le transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=SRVADM,DC= local a échoué avec le statut suivant : Élément introuvable. Les données d'enregistrement constituent le code de statut.
        NTDS Inter-site Messaging 06/03/2009 11:58:27 Error 1374 La requête visant à savoir comment les sites sont interconnectés via le transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=SRVADM,DC= local a échoué avec le statut suivant : Élément introuvable. Les données d'enregistrement constituent le code de statut.
        NTDS Inter-site Messaging 06/03/2009 11:54:35 Error 1374 La requête visant à savoir comment les sites sont interconnectés via le transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=SRVADM,DC= local a échoué avec le statut suivant : Élément introuvable. Les données d'enregistrement constituent le code de statut.
        NTDS Inter-site Messaging 06/03/2009 11:53:48 Error 1374 La requête visant à savoir comment les sites sont interconnectés via le transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=SRVADM,DC= local a échoué avec le statut suivant : Élément introuvable. Les données d'enregistrement constituent le code de statut.
        WARNING: Found Directory Service Errors in the past 15 days! FRS Depends on AD so Check AD Replication!

        ......... failed 4
        Checking for minimum FRS version requirement ... passed
        Checking for errors/warnings in ntfrsutl ds ... passed
        Checking for Replica Set configuration triggers... passed
        Checking for suspicious file Backlog size... passed
        Checking Overall Disk Space and SYSVOL structure (note: integrity is not checked)... passed
        Checking for suspicious inlog entries ... passed
        Checking for suspicious outlog entries ... passed
        Checking for appropriate staging area size ... passed
        Checking for errors in debug logs ... passed
        Checking NtFrs Service (and dependent services) state...passed
        Checking NtFrs related Registry Keys for possible problems...passed
        Checking Repadmin Showreps for errors...
        CN=Schema,CN=Configuration,DC=SRVADM,DC=local
        Premier-Site-par-defaut\UTILISAT-7BSQVD via RPC
        objectGuid: 0b5785bc-b997-40fb-9429-a6dcdf0c2799
        Last attempt @ 2009-03-06 11:51.35 failed, result 8524:
        Échec de l'opération DSA en raison d'une défaillance de la recherche DNS.
        Last success @ 2007-10-01 19:59.37.
        12543 consecutive failure(s).

        CN=Configuration,DC=SRVADM,DC=local
        Premier-Site-par-defaut\UTILISAT-7BSQVD via RPC
        objectGuid: 0b5785bc-b997-40fb-9429-a6dcdf0c2799
        Last attempt @ 2009-03-06 11:51.35 failed, result 8524:
        Échec de l'opération DSA en raison d'une défaillance de la recherche DNS.
        Last success @ 2007-10-01 19:59.37.
        12543 consecutive failure(s).

        DC=SRVADM,DC=local
        Premier-Site-par-defaut\UTILISAT-7BSQVD via RPC
        objectGuid: 0b5785bc-b997-40fb-9429-a6dcdf0c2799
        Last attempt @ 2009-03-06 11:51.35 failed, result 8524:
        Échec de l'opération DSA en raison d'une défaillance de la recherche DNS.
        Last success @ 2007-10-01 19:59.37.
        12543 consecutive failure(s).

        ......... failed 3


        Final Result = failed with 8 error(s)

        Comment


        • #5
          Re: An special AD ...

          Hi Martos80,

          With what you are saying you AD looks in a bit of a desperate state.
          Maybe this is a good time to think about a Migration to a new 2003 domain or even 2008.
          You'll probably save more money in the long term if you go for the upgrade now.

          Cheers
          Caesar's cipher - 3

          ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

          SFX JNRS FC U6 MNGR

          Comment


          • #6
            Re: An special AD ...

            i install an test server machine in W2K3 to test the w2k3 ntdsutil

            file integrity is ok

            semantic database analysis
            Le mode correction est on

            Ouverture de la base de données DIT... Terminé.

            Impossible de définir l'index actuel en "PDNT_index : Erreur Jet -1404.
            Error <8000ffff>: failed to get partitions
            Échec de l'ouverture de la base de données d'AD pour énumérer les contextes
            de nom. Erreur : 0x8000ffff
            Échec.

            Ouverture de la base de données [Current]......La table SD est introuvable dans
            la base de données. La base de données est
            à l'ancien format.
            Terminé.

            Obtention du nombre d'enregistrements...5236 enregistrements

            Écriture du rapport dans le fichier journal dsdit.dmp.5
            Entrées contrôlées : 5236
            Traitement des entrées..Terminé.

            and compact work ...

            Comment


            • #7
              Re: An special AD ...

              another test
              from http://www.officerecovery.com/active...ort.htm.ok.htm
              i download the tools, it crash after 2 secones ...

              but i launch in log mode :
              INFO |
              INFO | ================================================== ==
              INFO | ============== LOGGER MACHINE INFO =================
              INFO | ================================================== ==
              INFO | __DATE__ [Nov 10 2008]
              INFO | __TIME__ [18:00:18]
              INFO | DEMO VERSION
              INFO | Today is [09.03.2009 14:36:35]
              INFO | GetCurrentDirectory [C:\Documents and Settings\xxxx]
              INFO | GetSystemDirectory [C:\WINNT\system32]
              INFO | GetWindowsDirectory [C:\WINNT]
              INFO | GetTempPath [C:\DOCUME~1\smartin\LOCALS~1\Temp\]
              INFO | GetComputerName [WALJV089]
              INFO | ================================================== ==
              INFO 14:37:14 | Running SetBreakFlag()
              INFO | Log file name: [xxxxxxx\log_adr.log]
              INFO | [ENGINE] File [C:\ntds.dit] open, file size - 18 890 752 bytes
              INFO | [ENGINE] file created by MS Exchange 5.5 or later
              INFO | [ENGINE] File Header : correct
              INFO | [ENGINE] Shadowed File Header : correct
              INFO | [ENGINE] Format ulMagic : 0x89abcdef
              INFO | [ENGINE] Shadowed ulMagic : 0x89abcdef
              INFO | [ENGINE] rmat ulVersion : 0x620,2
              INFO | [ENGINE] Shadowed ulVersion : 0x620,2
              INFO | [ENGINE] State : Consistent
              INFO | [ENGINE] Shadowed State : Consistent
              INFO | [ENGINE] Last Objid : 90
              INFO | [ENGINE] Shadowed Last Objid : 90
              INFO | [ENGINE] Repair Count : 0
              INFO | [ENGINE] Shadowed Repair Count : 0
              INFO | [ENGINE] start reading and checking pages
              INFO 14:37:16 | [ENGINE] stats for this database:
              INFO | [ENGINE] quantity of valid engine 5.00 pages 0
              INFO | [ENGINE] quantity of valid engine 6.20 pages 2011
              INFO | [ENGINE] quantity of valid engine 2007 pages 0
              INFO | [ENGINE] quantity of empty pages 295
              INFO | [ENGINE] quantity of invalid pages 0
              INFO | [ENGINE] -----------------------------------------------
              INFO | [ENGINE] quantity of all pages 2306
              INFO | [ENGINE] quantity of added objects 90
              INFO | [ENGINE] MS Exchange 5.5 or later database detected....
              INFO | [ENGINE] stop reading and checking pages
              INFO | [ENGINE] read record about index (Id,0x00000002,0x00000002)
              INFO | [ENGINE] read record about index (Name,0x00000002,0x00000004)
              INFO | [ENGINE] read record about index (RootObjects,0x00000002,0x00000005)
              INFO | [ENGINE] read record about index (Id,0x00000003,0x00000003)
              INFO | [ENGINE] read record about index (DNT_index,0x00000006,0x00000006)
              INFO | [ENGINE] read record about index
              INFO | [ENGINE] read record about index (INDEX_00090002,0x00000006,0x00000009)
              INFO | [ENGINE] read record about index (del_index,0x00000006,0x0000000A)
              INFO | [ENGINE] read record about index (DRA_USN_index,0x00000006,0x0000000B)
              INFO | [ENGINE] read record about index (DRA_USN_CREATED_index,0x00000006,0x0000000C)
              INFO | [ENGINE] read record about index (Ancestors_index,0x00000006,0x0000000D)
              (INDEX_000902BB,0x00000006,0x0000004B)
              ...
              (DNT_IsDeleted_Index,0x00000006,0x00000050)
              INFO | [ENGINE] read record about index (LCL_ABVIEW_index0000040C,0x00000006,0x00000051)
              INFO | [ENGINE] read record about LV (ObjidTable = 0x00000006, Id = 0x00000052)
              INFO | [ENGINE] read record about index (link_index,0x00000054,0x00000054)
              INFO | [ENGINE] read record about index (backlink_index,0x00000054,0x00000055)
              INFO | [ENGINE] read record about index (order_index,0x00000056,0x00000056)
              INFO | [ENGINE] read record about index (trim_index,0x00000056,0x00000057)
              INFO | [ENGINE] read record about index (clientid_index,0x00000056,0x0000005
              INFO | [ENGINE] read record about index (TablesToDefrag,0x00000059,0x0000005A)
              ERROR | [ENGINE] MsgFolderTemplate not found
              INFO | [ENGINE] read record about index (Id,0x00000002,0x00000002)
              INFO | [ENGINE] read record about index (Name,0x00000002,0x00000004)
              INFO | [ENGINE] read record about index (RootObjects,0x00000002,0x00000005)
              INFO | [ENGINE] read record about index (Id,0x00000003,0x00000003)
              INFO | [ENGINE] read record about index (DNT_index,0x00000006,0x00000006)
              INFO | [ENGINE] read record about index (INDEX_00090092,0x00000006,0x00000007)
              INFO | [ENGINE] read record about index (NC_Acc_Type_Sid,0x00000006,0x0000000
              INFO | [ENGINE] read record about index (INDEX_00090002,0x00000006,0x00000009)
              INFO | [ENGINE] read record about index (del_index,0x00000006,0x0000000A)
              INFO | [ENGINE] read record about index (DRA_USN_index,0x00000006,0x0000000B)
              INFO | [ENGINE] read record about index (DRA_USN_CREATED_index,0x00000006,0x0000000C)
              INFO | [ENGINE] read record about index (Ancestors_index,0x00000006,0x0000000D)
              INFO | [ENGINE] read record about index (INDEX_00090001,0x00000006,0x0000000E)
              INFO | [ENGINE] read record about index (PDNT_index,0x00000006,0x0000000F)
              INFO | [ENGINE] read record about index (NC_Acc_Type_Name,0x00000006,0x00000010)
              INFO | [ENGINE] read record about index
              ...
              (INDEX_00090008,0x00000006,0x0000001
              INFO | [ENGINE] read record about index (DNT_IsDeleted_Index,0x00000006,0x00000050)
              INFO | [ENGINE] read record about index (LCL_ABVIEW_index0000040C,0x00000006,0x00000051)
              INFO | [ENGINE] read record about LV (ObjidTable = 0x00000006, Id = 0x00000052)
              INFO | [ENGINE] read record about index (link_index,0x00000054,0x00000054)
              INFO | [ENGINE] read record about index (backlink_index,0x00000054,0x00000055)
              INFO | [ENGINE] read record about index (order_index,0x00000056,0x00000056)
              INFO | [ENGINE] read record about index (trim_index,0x00000056,0x00000057)
              INFO | [ENGINE] read record about index (clientid_index,0x00000056,0x0000005
              INFO | [ENGINE] read record about index (TablesToDefrag,0x00000059,0x0000005A)
              ERROR | [ENGINE] MsgFolderTemplate not found
              INFO | Domain name: DC=SRVADM,DC=local
              INFO | LDAPPath: LDAP://DC=SRVADM,DC=local
              ERROR | Can't get ADs object.
              Last edited by martos80; 9th March 2009, 14:46.

              Comment

              Working...
              X