Announcement

Collapse
No announcement yet.

Multiple Dcdiag Errors on 2008 R2 DC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multiple Dcdiag Errors on 2008 R2 DC

    I don't even know where to begin
    To explain the layout a little bit, this is a simple AD Forrest built like so.
    There is a Root domain controller for the ad.company.lan domain(rdc1.ad.company.lan), this should be the acting PDC also serving DNS.
    Then there is the problem child. Then domain controller for a child domain sbp1.ad.company.lan (dc01.sbp1.ad.company.lan)
    Both of these machines are in the same subnet (192.168.100.x) running as VMWare ESX 5.0 Machines. (They will each have physical counterparts for Redundancy in the long run)
    The root DC (rdc1.ad.company.lan) is configured as its own DNS server, while dc01.sbp1.ad.company.lan is configured as it's own primary DNS server while the root DC is configured as the secondary.
    The Time clock on th root DC is configured to read from a NTP server that we hold a public IP address for, and is set to advertise its time.
    The DC01.sbp1.ad.company.lan machine is seeming to have problems with this.
    I should be having it sync its time from the PDC, correct?
    I also have an exchange server in this environment joined to the SBP1 domain.
    It seems like I'm coming up against a thousand different problems with the DC01.sbp1.ad.digitalwest.lan machine.
    The best thing I know to do is run a DC diag and read the results....but I'm more than lost.
    Any help here would be greatly appreciated!
    *Note, I've filtered out the details of the failed "event log" and will put into the next post so it all fits
    Thanks!

    Directory Server Diagnosis


    Performing initial setup:

    Trying to find home server...

    Home Server = DC01

    * Identified AD Forest.
    Ldap search capabality attribute search failed on server RDC1, return value = 81
    Got error while checking if the DC is using FRS or DFSR. Error:
    Win32 Error 81 The VerifyReferences, FrsEvent and DfsrEvent tests might failbecause of this error.


    Done gathering initial info.


    Doing initial required tests


    Testing server: Default-First-Site-Name\DC01

    Starting test: Connectivity

    ......................... DC01 passed test Connectivity



    Doing primary tests


    Testing server: Default-First-Site-Name\DC01

    Starting test: Advertising

    ......................... DC01 passed test Advertising

    Starting test: FrsEvent

    ......................... DC01 passed test FrsEvent

    Starting test: DFSREvent

    ......................... DC01 passed test DFSREvent

    Starting test: SysVolCheck

    ......................... DC01 passed test SysVolCheck

    Starting test: KccEvent

    ......................... DC01 passed test KccEvent

    Starting test: KnowsOfRoleHolders

    [RDC1] DsBindWithSpnEx() failed with error 1722,

    The RPC server is unavailable..
    Warning: RDC1 is the Schema Owner, but is not responding to DS RPC Bind.
    Warning: RDC1 is the Schema Owner, but is not responding to LDAP Bind.
    Warning: RDC1 is the Domain Owner, but is not responding to DS RPC Bind.
    Warning: RDC1 is the Domain Owner, but is not responding to LDAP Bind.
    ......................... DC01 failed test KnowsOfRoleHolders


    Starting test: MachineAccount

    ......................... DC01 passed test MachineAccount

    Starting test: NCSecDesc

    ......................... DC01 passed test NCSecDesc

    Starting test: NetLogons

    ......................... DC01 passed test NetLogons

    Starting test: ObjectsReplicated

    ......................... DC01 passed test ObjectsReplicated

    Starting test: Replications
    [Replications Check,DC01] A recent replication attempt failed:
    From RDC1 to DC01
    Naming Context: DC=ForestDnsZones,DC=ad,DC=company,DC=lan
    The replication generated an error (1256):
    The remote system is not available.

    The failure occurred at 2010-10-12 13:54:21.
    The last success occurred at 2010-10-08 19:58:09.
    94 failures have occurred since the last success.
    [Replications Check,DC01] A recent replication attempt failed:
    From RDC1 to DC01
    Naming Context:
    CN=Schema,CN=Configuration,DC=ad,DC=company,DC=lan
    The replication generated an error (190:
    Could not find the domain controller for this domain.
    The failure occurred at 2010-10-12 13:54:21.
    The last success occurred at 2010-10-08 19:58:09.
    92 failures have occurred since the last success.
    Kerberos Error.
    A KDC was not found to authenticate the call.
    Check that sufficient domain controllers are available.
    [Replications Check,DC01] A recent replication attempt failed:
    From RDC1 to DC01
    Naming Context: CN=Configuration,DC=ad,DC=company,DC=lan
    The replication generated an error (190:
    Could not find the domain controller for this domain.
    The failure occurred at 2010-10-12 13:54:21.
    The last success occurred at 2010-10-08 19:58:09.
    104 failures have occurred since the last success.
    Kerberos Error.
    A KDC was not found to authenticate the call.
    Check that sufficient domain controllers are available.
    [Replications Check,DC01] A recent replication attempt failed:
    From RDC1 to DC01
    Naming Context: DC=ad,DC=company,DC=lan
    The replication generated an error (1256):
    The remote system is not available.

    The failure occurred at 2010-10-12 13:54:21.
    The last success occurred at 2010-10-08 19:58:09.
    203 failures have occurred since the last success.
    ......................... DC01 failed test Replications


    Starting test: RidManager

    ......................... DC01 passed test RidManager

    Starting test: Services

    ......................... DC01 passed test Services

    Starting test: SystemLog


    ......................... DC01 failed test SystemLog

    Starting test: VerifyReferences

    ......................... DC01 passed test VerifyReferences



    Running partition tests on : DomainDnsZones

    Starting test: CheckSDRefDom

    ......................... DomainDnsZones passed test CheckSDRefDom

    Starting test: CrossRefValidation

    ......................... DomainDnsZones passed test

    CrossRefValidation


    Running partition tests on : sbp1

    Starting test: CheckSDRefDom

    ......................... sbp1 passed test CheckSDRefDom

    Starting test: CrossRefValidation

    ......................... sbp1 passed test CrossRefValidation


    Running partition tests on : ForestDnsZones

    Starting test: CheckSDRefDom

    ......................... ForestDnsZones passed test CheckSDRefDom

    Starting test: CrossRefValidation

    ......................... ForestDnsZones passed test

    CrossRefValidation


    Running partition tests on : Schema

    Starting test: CheckSDRefDom

    ......................... Schema passed test CheckSDRefDom

    Starting test: CrossRefValidation

    ......................... Schema passed test CrossRefValidation


    Running partition tests on : Configuration

    Starting test: CheckSDRefDom

    ......................... Configuration passed test CheckSDRefDom

    Starting test: CrossRefValidation

    ......................... Configuration passed test CrossRefValidation


    Running enterprise tests on : ad.company.lan

    Starting test: LocatorCheck

    ......................... ad.company.lan passed test LocatorCheck

    Starting test: Intersite

    ......................... ad.company.lan passed test Intersite
    Last edited by QuinnBowman; 12th October 2010, 22:17.

  • #2
    Re: Multiple Dcdiag Errors on 2008 R2 DC

    What do you get from a dcdiag /test:dns?

    Comment


    • #3
      Re: Multiple Dcdiag Errors on 2008 R2 DC

      Is there a firewall on the server RD01???

      Comment

      Working...
      X