Got DCDiag to run as well:
Server1*******************************
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\NLBDC01
Starting test: Connectivity
......................... NLBDC01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\NLBDC01
Starting test: Replications
[Replications Check,NLBDC01] A recent replication attempt failed:
From NLBDC02 to NLBDC01
Naming Context: CN=Schema,CN=Configuration,DC=nlbdom,DC=local
The replication generated an error (1723):
The RPC server is too busy to complete this operation.
The failure occurred at 2003-07-30 14:58.23.
The last success occurred at 2003-06-10 13:54.57.
1207 failures have occurred since the last success.
Check load and resouce usage on NLBDC02.
[Replications Check,NLBDC01] A recent replication attempt failed:
From NLBDC02 to NLBDC01
Naming Context: CN=Configuration,DC=nlbdom,DC=local
The replication generated an error (1723):
The RPC server is too busy to complete this operation.
The failure occurred at 2003-07-30 14:58.23.
The last success occurred at 2003-06-10 13:55.40.
1207 failures have occurred since the last success.
Check load and resouce usage on NLBDC02.
[Replications Check,NLBDC01] A recent replication attempt failed:
From NLBDC02 to NLBDC01
Naming Context: DC=nlbdom,DC=local
The replication generated an error (1723):
The RPC server is too busy to complete this operation.
The failure occurred at 2003-07-30 14:58.23.
The last success occurred at 2003-06-10 13:58.00.
1207 failures have occurred since the last success.
Check load and resouce usage on NLBDC02.
......................... NLBDC01 passed test Replications
Starting test: NCSecDesc
......................... NLBDC01 passed test NCSecDesc
Starting test: NetLogons
......................... NLBDC01 passed test NetLogons
Starting test: Advertising
......................... NLBDC01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... NLBDC01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... NLBDC01 passed test RidManager
Starting test: MachineAccount
......................... NLBDC01 passed test MachineAccount
Starting test: Services
......................... NLBDC01 passed test Services
Starting test: ObjectsReplicated
......................... NLBDC01 passed test ObjectsReplicated
Starting test: frssysvol
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... NLBDC01 passed test frssysvol
Starting test: kccevent
......................... NLBDC01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 07/30/2003 15:03:03
Event String: Driver HP LaserJet 1200 Series PCL 6 required for
An Error Event occured. EventID: 0x00000452
Time Generated: 07/30/2003 15:03:03
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/30/2003 15:18:42
Event String: Driver HP LaserJet 1200 Series PCL 6 required for
An Error Event occured. EventID: 0x00000452
Time Generated: 07/30/2003 15:18:42
Event String: The printer could not be installed.
......................... NLBDC01 failed test systemlog
Running enterprise tests on : nlbdom.local
Starting test: Intersite
......................... nlbdom.local passed test Intersite
Starting test: FsmoCheck
......................... nlbdom.local passed test FsmoCheck
Server2*******************************
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\NLBDC02
Starting test: Connectivity
......................... NLBDC02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\NLBDC02
Starting test: Replications
[Replications Check,NLBDC02] A recent replication attempt failed:
From NLBDC01 to NLBDC02
Naming Context: CN=Schema,CN=Configuration,DC=nlbdom,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2003-07-30 15:45.58.
The last success occurred at 2003-06-10 13:47.05.
1207 failures have occurred since the last success.
[NLBDC01] DsBind() failed with error -2146893022,
The target principal name is incorrect..
[Replications Check,NLBDC02] A recent replication attempt failed:
From NLBDC01 to NLBDC02
Naming Context: CN=Configuration,DC=nlbdom,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2003-07-30 15:45.58.
The last success occurred at 2003-06-10 13:54.18.
1207 failures have occurred since the last success.
[Replications Check,NLBDC02] A recent replication attempt failed:
From NLBDC01 to NLBDC02
Naming Context: DC=nlbdom,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2003-07-30 15:45.58.
The last success occurred at 2003-06-10 13:57.32.
1509 failures have occurred since the last success.
......................... NLBDC02 passed test Replications
Starting test: NCSecDesc
......................... NLBDC02 passed test NCSecDesc
Starting test: NetLogons
......................... NLBDC02 passed test NetLogons
Starting test: Advertising
......................... NLBDC02 passed test Advertising
Starting test: KnowsOfRoleHolders
Warning: NLBDC01 is the Schema Owner, but is not responding to DS
RPC Bind.
[NLBDC01] LDAP bind failed with error 31,
A device attached to the system is not functioning..
Warning: NLBDC01 is the Schema Owner, but is not responding to LDAP
Bind.
Warning: NLBDC01 is the Domain Owner, but is not responding to DS
RPC Bind.
Warning: NLBDC01 is the Domain Owner, but is not responding to LDAP
Bind.
Warning: NLBDC01 is the PDC Owner, but is not responding to DS RPC
Bind.
Warning: NLBDC01 is the PDC Owner, but is not responding to LDAP
Bind.
Warning: NLBDC01 is the Rid Owner, but is not responding to DS RPC
Bind.
Warning: NLBDC01 is the Rid Owner, but is not responding to LDAP
Bind.
Warning: NLBDC01 is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: NLBDC01 is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... NLBDC02 failed test KnowsOfRoleHolders
Starting test: RidManager
[NLBDC02] DsBindWithCred() failed with error -2146893022. The
target principal name is incorrect.
......................... NLBDC02 failed test RidManager
Starting test: MachineAccount
......................... NLBDC02 passed test MachineAccount
Starting test: Services
......................... NLBDC02 passed test Services
Starting test: ObjectsReplicated
......................... NLBDC02 passed test ObjectsReplicated
Starting test: frssysvol
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... NLBDC02 passed test frssysvol
Starting test: kccevent
......................... NLBDC02 passed test kccevent
Starting test: systemlog
......................... NLBDC02 passed test systemlog
Running enterprise tests on : nlbdom.local
Starting test: Intersite
......................... nlbdom.local passed test Intersite
Starting test: FsmoCheck
......................... nlbdom.local passed test FsmoCheck
Simon B. Nielsen said:
OK could not get DCDiag.exe to run - kept getting the following pop-up: The
procedure entry point DsIsMangledDnW could not be located in the dynamic
link library NTDSAPI.dll.
I tried reinstalling ADMINPAK.msi from both the service pack folder and from
the CD, but nothing helped.
Here's what NetDiag.exe returned:
Server1:
C:\Program Files\Resource Kit>netdiag
.......................................
Computer Name: NLBDC01
DNS Host Name: nlbdc01.nlbdom.local
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 1, GenuineIntel
List of installed hotfixes :
KB823559
KB823980
Q147222
Q295688
Q816093
Q818043
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : PUBLIC
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : nlbdc01
IP Address . . . . . . . . : 10.50.10.15
Subnet Mask. . . . . . . . : 255.255.255.0
IP Address . . . . . . . . : 10.50.10.11
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.50.10.50
Dns Servers. . . . . . . . : 10.50.10.11
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Adapter : {CA714B64-CCA0-470C-BA57-9FB619DA3A4E}
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : nlbdc01
IP Address . . . . . . . . : 10.50.10.101
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 127.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.
NetBT name test. . . . . . : Passed
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{C80E2265-36BB-4FFC-8B20-58FA0A98EE97}
NetBT_Tcpip_{CA714B64-CCA0-470C-BA57-9FB619DA3A4E}
2 NetBt transports currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.50.10.11'
and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'127.0.0.1' a
nd other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{C80E2265-36BB-4FFC-8B20-58FA0A98EE97}
NetBT_Tcpip_{CA714B64-CCA0-470C-BA57-9FB619DA3A4E}
The redir is bound to 2 NetBt transports.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{C80E2265-36BB-4FFC-8B20-58FA0A98EE97}
NetBT_Tcpip_{CA714B64-CCA0-470C-BA57-9FB619DA3A4E}
The browser is bound to 2 NetBt transports.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
Server2:
C:\Program Files\Resource Kit>netdiag
.......................................
Computer Name: NLBDC02
DNS Host Name: nlbdc02.nlbdom.local
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 1, GenuineIntel
List of installed hotfixes :
KB823559
KB823980
Q147222
Q295688
Q816093
Q818043
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Public Virtual
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : nlbdc02
IP Address . . . . . . . . : 10.50.10.15
Subnet Mask. . . . . . . . : 255.255.255.0
IP Address . . . . . . . . : 10.50.10.12
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.50.10.50
Primary WINS Server. . . . : 10.50.10.11
Dns Servers. . . . . . . . : 10.50.10.11
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{446DA9F5-59E6-4E4A-8142-7B2B7A21422C}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.50.10.11'
and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{446DA9F5-59E6-4E4A-8142-7B2B7A21422C}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{446DA9F5-59E6-4E4A-8142-7B2B7A21422C}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
[WARNING] Cannot call DsBind to nlbdc01.nlbdom.local (10.50.10.11).
[SEC_E_W
RONG_PRINCIPAL]
Trust relationship test. . . . . . : Passed
Secure channel for domain 'NLBDOM' is to '\\nlbdc01.nlbdom.local'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC 'nlbdc01.nlbdom.local'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
Ramya Priya said:
Looks like there is some problem with DNS. Check the DNS event log.
Can you please run the diagnostic tools netdiag.exe and dcdiag.exe in each
of the domain controllers and check if there are any errors reported?
These tools are available as part of the resource kit.
I've setup file replication between 2 servers - both domain controllers
for
the same domain. First I created a root share and then a root replica -
everything went smooth. It has been running perfectly for a 1½ years until
a
few weeks ago when the replication all of the sudden stopped from
happening.
I've checked replication policy and both are set to participate in
automatic
replication. Looking through the event log I found the following:
---
The File Replication Service is having trouble enabling replication from
NLBDC02 to NLBDC01 for c:\winnt\sysvol\domain using the DNS name
nlbdc02.nlbdom.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name nlbdc02.nlbdom.local from
this computer.
[2] FRS is not running on nlbdc02.nlbdom.local.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.
---
I started checking both servers. FRS is running on both and they can
resolve
eachother. That leaves only the 3rd option which I cannot really
check
but
no computers or users have been added/deleted or modified during the last
few months at least.
What the hell can be wrong? Does anyone know if a recent patch has screwed
up DFS or something because nothing I do seems to work.
Best regards...
Simon
