DNS Replication between DC1 & DC1

Guest · Mar 12, 2006

When I go into AD Sites and Services to manually replicate DC1 and DC2, I get
an error on one server and another error on the other.

DC1 Reads:
The following error occurred during the attempt to synchronize the domain
controllers: The DSA operation is unable to proceed because of a DNS lookup
failure.

DC2 Reads:
The following error occured during the attempt to contact the domain
controllers: The RPC server is unavailable.

I am getting a couple of errors showing in Event Viewer. Some of which are
the following:

Event ID 5773
The DNS server for this DC does not support dynamic DNS. Add the DNS records
from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server
serving the domain referenced in that file.

Event ID 409
The DNS server list of restricted interfaces contains IP addresses that are
not configured for use at the server computer.

Use the DNS manager server properties, interfaces dialog, to verify and
reset the IP addresses the DNS server should listen on. For more
information, see "To restrict a DNS server to listen only on selected
addresses" in the online Help.

I have pinged DC1 from DC2 and vice versa with no problem. I did so by both
IP and by server name. Both of which were successful. I checked the SVR
records and both servers were in DNS properly. However, when I did the DCDIAG
it gave me some errors as well.

DC2's server GUID DNS name could not be resolved to an IP address. The
server name resolved to an IP address and was pingable.

It also stated during primary tests for "Testing server" that DC2 is
skipping all tests because it is not responding to directory service
requests. The rest of the tests pass.

When running the NTDSUTIL command I also get the following:

ldap_modify_sW error 0x34(52 (unavailable)
extended error 000020AF
svcErr DSID-032101CF
Problem 5002 (unavailable) data 8524

win32 error 0x20af
couldn't be contacted.

I am not sure where to go from here. Any recommendations would be appreciated.

Kevin D. Goodknecht Sr. [MVP] · Mar 12, 2006

Allen said:
When I go into AD Sites and Services to manually replicate DC1 and
DC2, I get an error on one server and another error on the other.

DC1 Reads:
The following error occurred during the attempt to synchronize the
domain controllers: The DSA operation is unable to proceed because of
a DNS lookup failure.

DC2 Reads:
The following error occured during the attempt to contact the domain
controllers: The RPC server is unavailable.

I am getting a couple of errors showing in Event Viewer. Some of
which are the following:

Event ID 5773
The DNS server for this DC does not support dynamic DNS. Add the DNS
records from the file '%SystemRoot%\System32\Config\netlogon.dns' to
the DNS server serving the domain referenced in that file.

Event ID 409
The DNS server list of restricted interfaces contains IP addresses
that are not configured for use at the server computer.

Use the DNS manager server properties, interfaces dialog, to verify
and
reset the IP addresses the DNS server should listen on. For more
information, see "To restrict a DNS server to listen only on selected
addresses" in the online Help.

I have pinged DC1 from DC2 and vice versa with no problem. I did so
by both IP and by server name. Both of which were successful. I
checked the SVR records and both servers were in DNS properly.
However, when I did the DCDIAG it gave me some errors as well.

DC2's server GUID DNS name could not be resolved to an IP address. The
server name resolved to an IP address and was pingable.

It also stated during primary tests for "Testing server" that DC2 is
skipping all tests because it is not responding to directory service
requests. The rest of the tests pass.

When running the NTDSUTIL command I also get the following:

ldap_modify_sW error 0x34(52 (unavailable)
extended error 000020AF
svcErr DSID-032101CF
Problem 5002 (unavailable) data 8524

win32 error 0x20af
couldn't be contacted.

I am not sure where to go from here. Any recommendations would be
appreciated.

Errors like this typically mean you are using your ISP's DNS (or router's)
IP address in TCP/IP properties.
Use only the local AD DNS server's IP address for DNS in TCP/IP properties.
(Usually the DC's address)

You could also have other problems, but posting you ipconfig /all, your AD
Domain name, and the list of zones you have in DNS can verify this.

Guest · Mar 12, 2006

I appreciate your assistance. Here is the ipconfig /all information as well
as DNS Zones.

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : lha4ucsdc1
Primary DNS Suffix . . . . . . . : lha4.navy.mil
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lha4.navy.mil
navy.mil

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lha4.navy.mil
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 205.69.129.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 205.69.129.1
DNS Servers . . . . . . . . . . . : 205.69.129.20
205.69.129.21
Primary WINS Server . . . . . . . : 205.69.129.20

Here is the DC1 FWD DNS Zones

Name Type Status
blockeddomains.com Standard Primary Running
lha4.navy.mil Active Directory-integrated Running
lha4m.usmc.mil Secondary Running
nassau.usmc.mil Secondary Running

Here is the lha4 fwd lookup sample from DC1.

Name Type Data
(same as parent folder) A 205.69.129.20
(same as parent folder) NS lha4ucsdc1.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc2.lha4.navy.mil.
(same as parent folder) SOA [7473], lha4ucsdc1.lha4.navy.mil.,
admin.lha4.navy.mil.
_msdcs
_sites
_tcp
_udp
distroserver CNAME lha4ucsdc1.lha4.navy.mil.
gw A 205.69.129.1
isaserver CNAME lha4ucsdc2.lha4.navy.mil.
lha4ucsdc1 A 205.69.129.20
lha4ucsdc2 A 205.69.129.21
proxy CNAME lha4ucsdc2.lha4.navy.mil.

Here is the Reverse DNS Zones for DC1

Name Type Status
0.in-addr.arpa Standard Primary Running
127.in-addr.arpa Standard Primary Running
129.69.205.in-addr.arpa Active Directory-integrated Running
255.in-addr.arpa Standard Primary Running

Here is the reverse lookup for lha4

Name Type Data
1 PTR gw.lha4.navy.mil.
20 PTR lha4ucsdc1.lha4.navy.mil.
21 PTR lha4ucsdc2.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc1.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc2.lha4.navy.mil.
(same as parent folder) SOA [2703], lha4ucsdc1.lha4.navy.mil.,
admin.lha4.navy.mil.

Here is the DC2 FWD DNS Zones

Name Type Status
lha4.navy.mil Active Directory-integrated Running
lha4m.usmc.mil Standard Primary Running
nassau.usmc.mil Standard Primary Running

Here is the lha4 fwd lookup sample from DC2. I kept most of it out for
security reason.

Name Type Data
(same as parent folder) A 205.69.129.20
(same as parent folder) NS lha4ucsdc1.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc2.lha4.navy.mil.
(same as parent folder) SOA [7469], lha4ucsdc2.lha4.navy.mil.,
admin.lha4.navy.mil.
_msdcs
_sites
_tcp
_udp
distroserver CNAME lha4ucsdc1.lha4.navy.mil.
gw A 205.69.129.1
isaserver CNAME lha4ucsdc2.lha4.navy.mil.
lha4ucsdc1 A 205.69.129.20
lha4ucsdc2 A 205.69.129.21
proxy CNAME lha4ucsdc2.lha4.navy.mil.

Here is the reverse DNS Zones for lha4 on DC2

Name Type Status
0.in-addr.arpa Standard Primary Running
127.in-addr.arpa Standard Primary Running
129.69.205.in-addr.arpa Active Directory-integrated Running
255.in-addr.arpa Standard Primary Running

Here is the reverse lookup

Name Type Data
1 PTR gw.lha4.navy.mil.
20 PTR lha4ucsdc1.lha4.navy.mil.
21 PTR lha4ucsdc2.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc1.lha4.navy.mil.
(same as parent folder) NS lha4ucsdc2.lha4.navy.mil.
(same as parent folder) SOA [2701], lha4ucsdc2.lha4.navy.mil.,
admin.lha4.navy.mil.

___

Allen

Kevin D. Goodknecht Sr. [MVP] · Mar 13, 2006

Allen said:
I appreciate your assistance. Here is the ipconfig /all information
as well as DNS Zones.

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : lha4ucsdc1
Primary DNS Suffix . . . . . . . : lha4.navy.mil
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lha4.navy.mil
navy.mil

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lha4.navy.mil
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 205.69.129.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 205.69.129.1
DNS Servers . . . . . . . . . . . : 205.69.129.20
205.69.129.21
Primary WINS Server . . . . . . . : 205.69.129.20

Here is the DC1 FWD DNS Zones

Name Type Status
blockeddomains.com Standard Primary Running
lha4.navy.mil Active Directory-integrated Running
lha4m.usmc.mil Secondary Running
nassau.usmc.mil Secondary Running

The ipconfig /all looks OK and is using the DCs addresses for DNS, which is
good.

On the properties sheet of the iha4.navy.mil zone, Is Allow dynamic Updates
set to "No"?

You can temporarily set Allow Dynamic updates to "Yes" and use netdiag /fix
command, then change to "Allow only secure updates".

Run netdiag /test:dns /v and post the results.

Guest · Mar 14, 2006

On the properties sheet for lha4.navy.mil the allow dynamic updates was set
to yes. Now after running the netdiag's it is set to Allow Only Secure
Updates. From looking at the results I am not sure if I missed something here
or not. Should I remove some of these DNS registries it may be refering to?
As
an FYI, I am replying in two parts. This part for DC1 and the second part
will be DC2.

Here is the netdiag /fix for DC1:
Computer Name: LHA4UCSDC1
DNS Host Name: lha4ucsdc1.lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
List of installed hotfixes :
KB329115 KB819696 KB823182 KB823559 KB824105 KB824141 KB824146 KB825119
KB826232 KB828035 KB828741 KB828749 KB834707-IE6SP1-20040929.091901
KB835732 KB840315 KB840987 KB841356 KB841873 KB867282-IE6SP1-20050127.163319
KB870763 KB873333 KB888113 KB890047 KB890175 KB890923-IE6SP1-20050225.103456
KB891711 KB893086 KB896727-IE6SP1-20050719.165959
KB899588 Q147222 Q320517 Q828026
Netcard queries test . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . : lha4ucsdc1.lha4.navy.mil
IP Address . . . : 205.69.129.20
Subnet Mask. . . : 255.255.255.0
Default Gateway. . . : 205.69.129.1
Primary WINS Server. . : 205.69.129.20
Dns Servers. . . : 205.69.129.20
205.69.129.21
AutoConfiguration results. . : Passed
Default gateway test . . : Passed
NetBT name test. . . . . : Passed
WINS service test. . . . : Passed
Global results:
Domain membership test . . : Passed
NetBT transports test. . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{50E9B775-EC17-42A0-8951-1EA5A1D1D961}
1 NetBt transport currently configured.
Autonet address test . : Passed
IP loopback ping test. : Passed
Default gateway test . : Passed
NetBT name test. . . . : Passed
Winsock test . . . . . : Passed
DNS test . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Redir and Browser test . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{50E9B775-EC17-42A0-8951-1EA5A1D1D961}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{50E9B775-EC17-42A0-8951-1EA5A1D1D961}
The browser is bound to 1 NetBt transport.
DC discovery test. . . : Passed
DC list test . . . . : Passed
Trust relationship test. : Skipped
Kerberos test. . . : Passed
LDAP test. . . . . : Passed
Bindings test. . . : Passed
WAN configuration test . . : Skipped
No active remote access connections.
Modem diagnostics test . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . : Skipped
The IPSec Policy Agent service is not started.
The command completed successfully

Here is the netdiag /test:dns /v for DC1:
Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
The DNS registration for lha4ucsdc1.lha4.navy.mil is correct on all DNS
servers
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
Tests complete.
Computer Name: LHA4UCSDC1
DNS Host Name: lha4ucsdc1.lha4.navy.mil
DNS Domain Name: lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
Hotfixes :
Installed? Name
Yes KB329115
Yes KB819696
Yes KB823182
Yes KB823559
Yes KB824105
Yes KB824141
Yes KB824146
Yes KB825119
Yes KB826232
Yes KB828035
Yes KB828741
Yes KB828749
Yes KB834707-IE6SP1-20040929.091901
Yes KB835732
Yes KB840315
Yes KB840987
Yes KB841356
Yes KB841873
Yes KB867282-IE6SP1-20050127.163319
Yes KB870763
Yes KB873333
Yes KB888113
Yes KB890047
Yes KB890175
Yes KB890923-IE6SP1-20050225.103456
Yes KB891711
Yes KB893086
Yes KB896727-IE6SP1-20050719.165959
Yes KB899588
Yes Q147222
Yes Q320517
Yes Q828026
Netcard queries test . . . : Passed
Information of Netcard drivers:
----
Description: HP Network Team #1
Device: \DEVICE\{50E9B775-EC17-42A0-8951-1EA5A1D1D961}
Media State: Connected
Device State: Connected
Connect Time: 1 days, 05:27:47
Media Speed: 2000 Gbps
Packets Sent: 115797559
Bytes Sent (Optional): -770421758
Packets Received: 93520746
Directed Pkts Recd (Optional): 93285139
Bytes Received (Optional): -22786552
Directed Bytes Recd (Optional): -22786552
----
Description: HP NC6136 Gigabit Server Adapter #2
Device: \DEVICE\{768C8E19-9087-4B34-AB39-87018DEE5D75}
Media State: Connected
Device State: Connected
Connect Time: 1 days, 05:27:47
Media Speed: 1000 Gbps
Packets Sent: 62694259
Bytes Sent (Optional): 0
Packets Received: 1043572
Directed Pkts Recd (Optional): 2771
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
-----
Description: HP NC6136 Gigabit Server Adapter
Device: \DEVICE\{C293D45E-325A-4EE6-A717-FCB0865DAB69}
Media State: Connected
Device State: Connected
Connect Time: 1 days, 05:27:47
Media Speed: 1000 Gbps
Packets Sent: 53316474
Bytes Sent (Optional): 0
Packets Received: 94265753
Directed Pkts Recd (Optional): 93285139
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
[PASS] - At least one netcard is in the 'Connected' state.
Per interface results:
Adapter : Local Area Connection
Adapter ID . . . : {50E9B775-EC17-42A0-8951-1EA5A1D1D961}
Netcard queries test . . . : Passed
Global results:
Domain membership test . . : Passed
Machine is a . . . . . . . : Primary Domain Controller Emulator
Netbios Domain name. . . . : LHA4
Dns domain name. . . : lha4.navy.mil
Dns forest name. . . . : lha4.navy.mil
Domain Guid. . . . . . : {9274A107-395B-4A61-9F65-2175C1F18AB1}
Domain Sid . . . . . . : S-1-5-21-1165567745-1805261685-1847928074
Logon User . . . . . : x
Logon Domain . . . : LHA4
NetBT transports test. . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{50E9B775-EC17-42A0-8951-1EA5A1D1D961}
1 NetBt transport currently configured.
DNS test . . . . . : Passed
Interface {50E9B775-EC17-42A0-8951-1EA5A1D1D961}
DNS Domain: lha4.navy.mil
DNS Servers: 205.69.129.20 205.69.129.21
IP Address: 205.69.129.20
Expected registration with PDN (primary DNS domain name):
Hostname: lha4ucsdc1.lha4.navy.mil.
Authoritative zone: lha4.navy.mil.
Primary DNS server: lha4ucsdc1.lha4.navy.mil 205.69.129.20
Authoritative NS:205.69.129.20 205.69.129.21
Verify DNS registration:
Name: lha4ucsdc1.lha4.navy.mil
Expected IP: 205.69.129.20
Server 205.69.129.20: NO_ERROR
Server 205.69.129.21: NO_ERROR
The DNS registration for lha4ucsdc1.lha4.navy.mil is correct on all DNS
servers
Check the DNS registration for DCs entries on DNS server '205.69.129.20'
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.20
The record on DNS server 205.69.129.20 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.20
A 205.69.129.21
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.20'.
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.20
The record on DNS server 205.69.129.20 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.20
A 205.69.129.21
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.20'.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Check the DNS registration for DCs entries on DNS server '205.69.129.21'
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.20
The record on DNS server 205.69.129.21 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.20
A 205.69.129.21
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.21'.
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.20
The record on DNS server 205.69.129.21 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.20
A 205.69.129.21
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc1.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.21'.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
The command completed successfully

Guest · Mar 14, 2006

Here is the netdiag /fix results for DC2:

Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
List of installed hotfixes :
KB329115 KB819696 KB823182 KB823559 KB824105 KB824141 KB824146 KB825119
KB826232 KB828035
KB828741 KB828749 KB834707-IE6SP1-20040929.091901
KB835732 KB840315 KB840987 KB841356 KB841873 KB867282-IE6SP1-20050127.163319
KB870763 KB873333 KB888113 KB890047 KB890175 KB890923-IE6SP1-20050225.103456
KB891711 KB893086 KB896727-IE6SP1-20050719.165959
KB899588 Q147222 Q320517 Q828026
Netcard queries test . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . : lha4ucsdc2.lha4.navy.mil
IP Address . . : 205.69.129.21
Subnet Mask. . . : 255.255.255.0
Default Gateway. . : 205.69.129.1
Primary WINS Server. : 205.69.129.20
Secondary WINS Server. : 205.69.129.21
Dns Servers. : 205.69.129.20
205.69.129.21
AutoConfiguration results. . : Passed
Default gateway test . . : Passed
NetBT name test. . : Passed
WINS service test. : Passed
Global results:
Domain membership test . : Passed
NetBT transports test. . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
Autonet address test . . : Passed
IP loopback ping test. . : Passed
Default gateway test . . : Passed
NetBT name test. . . . . : Passed
Winsock test . . . . . . : Passed
DNS test . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . : Passed
DC list test . . . . . . : Passed
Trust relationship test. : Passed
Secure channel for domain 'LHA4' is to '\\lha4ucsdc1.lha4.navy.mil'.
Kerberos test. . . . . . : Passed
LDAP test. . . . . . . . : Passed
Bindings test. . . . . . : Passed
WAN configuration test . : Skipped
No active remote access connections.
Modem diagnostics test . : Passed
IP Security test . . . . : Skipped
The IPSec Policy Agent service is not started.
The command completed successfully

Here is the netdiag /test:dns /v for DC2:
Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
Tests complete.
Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
DNS Domain Name: lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
Hotfixes :
Installed? Name
Yes KB329115
Yes KB819696
Yes KB823182
Yes KB823559
Yes KB824105
Yes KB824141
Yes KB824146
Yes KB825119
Yes KB826232
Yes KB828035
Yes KB828741
Yes KB828749
Yes KB834707-IE6SP1-20040929.091901
Yes KB835732
Yes KB840315
Yes KB840987
Yes KB841356
Yes KB841873
Yes KB867282-IE6SP1-20050127.163319
Yes KB870763
Yes KB873333
Yes KB888113
Yes KB890047
Yes KB890175
Yes KB890923-IE6SP1-20050225.103456
Yes KB891711
Yes KB893086
Yes KB896727-IE6SP1-20050719.165959
Yes KB899588
Yes Q147222
Yes Q320517
Yes Q828026
Netcard queries test . . . . . . . : Passed
Information of Netcard drivers:
---
Description: HP Network Teaming Virtual Miniport Driver - Packet Scheduler
Miniport
Device: \DEVICE\{338D13DC-CC19-4CC4-AAD5-1AFEB4C3883A}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
---
Description: HP Network Team #1
Device: \DEVICE\{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
----
Description: HP NC6136 Gigabit Server Adapter #2
Device: \DEVICE\{A8EA717A-21AF-41DE-A39D-7DB4DE8EAEA4}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 15942413
Bytes Sent (Optional): 0
Packets Received: 367349
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
Description: HP NC6136 Gigabit Server Adapter
Device: \DEVICE\{E67119CC-B54D-40DA-B3C3-5462B080B2A9}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 16841770
Bytes Sent (Optional): 0
Packets Received: 32775673
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
[PASS] - At least one netcard is in the 'Connected' state.
Per interface results:
Adapter : Local Area Connection
Adapter ID . . : {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Netcard queries test . : Passed
Global results:
Domain membership test . . : Passed
Machine is a . . : Domain Controller
Netbios Domain name. . : LHA4
Dns domain name. . . : lha4.navy.mil
Dns forest name. . : lha4.navy.mil
Domain Guid. . : {9274A107-395B-4A61-9F65-2175C1F18AB1}
Domain Sid . . : S-1-5-21-1165567745-1805261685-1847928074
Logon User . . : x
Logon Domain . . : LHA4
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
DNS test . . : Passed
Interface {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
DNS Domain: lha4.navy.mil
DNS Servers: 205.69.129.20 205.69.129.21
IP Address: 205.69.129.21
Expected registration with PDN (primary DNS domain name):
Hostname: lha4ucsdc2.lha4.navy.mil.
Authoritative zone: lha4.navy.mil.
Primary DNS server: lha4ucsdc1.lha4.navy.mil 205.69.129.20
Authoritative NS:205.69.129.20 205.69.129.21
Verify DNS registration:
Name: lha4ucsdc2.lha4.navy.mil
Expected IP: 205.69.129.21
Server 205.69.129.20: NO_ERROR
Server 205.69.129.21: NO_ERROR
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
Check the DNS registration for DCs entries on DNS server '205.69.129.20'
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.20'.
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are
multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.20 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.20 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
..
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Check the DNS registration for DCs entries on DNS server '205.69.129.21'
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.21'.
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.21 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.21 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
..
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
The command completed successfully

Kevin D. Goodknecht Sr. [MVP] · Mar 15, 2006

Allen said:
On the properties sheet for lha4.navy.mil the allow dynamic updates
was set to yes. Now after running the netdiag's it is set to Allow
Only Secure Updates. From looking at the results I am not sure if I
missed something here or not. Should I remove some of these DNS
registries it may be refering to? As
an FYI, I am replying in two parts. This part for DC1 and the second
part will be DC2.

No, don't remove any records, these are needed for proper AD communication.

I have looked through the Netdiag tests for both DCs and everything looks
very good. All records are registered in both DNS servers.
The only fail I see is the modem test, which is likely irrelevant anyway.

I notice that each server is using a routable IP address, is there a
firewall between these servers?

Does dcdiag /e pass on each DC?
If you get any fails in the dcdiag use dcdiag /fix on both. then run dcdiag
/e /v on both.

I want you to use the /e switch on both because I want to make sure there is
connectivity both ways between them.

Guest · Mar 15, 2006

Kevin,

I noticed the modem test failure as well. Which is interesting because I
dont have a modem on any server on our network. But I will have to look into
that as it may be something I am not thinking of.

lha4ucsdc2 does the job of domain controller as well as ISA Server 2000. We
have a Smart Filter Plug-in that is installed on it as well. We use it to
block outside websites based on content and such. We also cache a few sites
but not many. The network configuration for ISA is pretty much default for
the most part. We have the routing configured in as well as the LAT & LDT.

dcdiag /e for the most part passes on both DC's. The MachineAccount test
fails but this is because we have it in a different OU called COMPOSE Domain
Controllers. SPAWAR installed this network last year in July and had the OU
setup like this. I imagine this test has failed for quite some time. Services
test failed as well but only because we have three services disabled. TrkWks,
TrkSvr, and SMTPSVC services are the ones disabled. We have those disabled
since we dont use them. systemlog test failed as well. Event ID 0x00003004
which occured 16 times during that test. Outside of that, all other tests
pass. I ran the dcdiag /fix and then ran the dcdiag /e /v and the same tests
that failed prior, still fail.

As for the Roles of the DC's I noticed that DC2 is the Infrastructure Update
Owner. When you try to transfer the role to DC1 it fails. I also noticed that
DC1 is advertising itself as the GC server and is acting as on. But DC2 is
showing as advertising being the GC server and acting as one too. This is of
course assuming I am reading this right. I will attach my results in the
following post.

Next post will be for DC1 and the post after will be DC2.

Thanks,
Allen

Guest · Mar 15, 2006

Here is the dcdiag /e /v for DC1.

DC Diagnosis

Performing initial setup:
* Verifing that the local machine lha4ucsdc1, is a DC.
* Connecting to directory service on server lha4ucsdc1.
* Collecting site info.
* Identifying all servers.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.

Doing initial non skippeable tests

Testing server: Default-First-Site-Name\LHA4UCSDC1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... LHA4UCSDC1 passed test Connectivity

Testing server: Default-First-Site-Name\LHA4UCSDC2
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... LHA4UCSDC2 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\LHA4UCSDC1
Starting test: Replications
* Replications Check
......................... LHA4UCSDC1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
DC=lha4,DC=navy,DC=mil
......................... LHA4UCSDC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... LHA4UCSDC1 passed test NetLogons
Starting test: Advertising
The DC LHA4UCSDC1 is advertising itself as a DC and having a DS.
The DC LHA4UCSDC1 is advertising as an LDAP server
The DC LHA4UCSDC1 is advertising as having a writeable directory
The DC LHA4UCSDC1 is advertising as a Key Distribution Center
The DC LHA4UCSDC1 is advertising as a time server
The DS LHA4UCSDC1 is advertising as a GC.
......................... LHA4UCSDC1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Domain Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role PDC Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Rid Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=LHA4UCSDC2,CN=S
rvers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mi
l
......................... LHA4UCSDC1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 18224 to 1073741823
* lha4ucsdc1.lha4.navy.mil is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 17724 to 18223
* rIDNextRID: 17817
* rIDPreviousAllocationPool is 17724 to 18223
......................... LHA4UCSDC1 passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil
* SPN found :LDAP/LHA4UCSDC1
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil/LHA4
* SPN found
:LDAP/430f3ca8-d43d-4897-b15a-402f82db3dfd._msdcs.lha4.navy
..mil
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/430f3ca8-d43d-4897-b1
5a-402f82db3dfd/lha4.navy.mil
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil
* SPN found :HOST/LHA4UCSDC1
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil/LHA4
* SPN found :GC/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
......................... LHA4UCSDC1 failed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
TrkWks Service is stopped on [LHA4UCSDC1]
* Checking Service: TrkSvr
TrkSvr Service is stopped on [LHA4UCSDC1]
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [LHA4UCSDC1]
......................... LHA4UCSDC1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
LHA4UCSDC1 is in domain DC=lha4,DC=navy,DC=mil
Checking for CN=LHA4UCSDC1,OU=COMPOSE Domain Controllers,OU=COMPOSE
Use
rs and Computers,DC=lha4,DC=navy,DC=mil in domain DC=lha4,DC=navy,DC=mil on
2 se
rvers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil in domain
CN=Configu
ration,DC=lha4,DC=navy,DC=mil on 2 servers
Object is up-to-date on all servers.
......................... LHA4UCSDC1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/12/2006 21:23:55
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.
[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 03/13/2006 15:42:21
Event String: The File Replication Service is having trouble
enabling replication from LHA4UCSDC2 to
LHA4UCSDC1 for e:\sysvol\domain using the DNS
name lha4ucsdc2.lha4.navy.mil. FRS will keep
retrying.
Following are some of the reasons you would see
this warning.

[1] FRS can not correctly resolve the DNS name
lha4ucsdc2.lha4.navy.mil from this computer.
[2] FRS is not running on
lha4ucsdc2.lha4.navy.mil.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.

This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 03/13/2006 16:43:01
Event String: The File Replication Service has enabled
replication from LHA4UCSDC2 to LHA4UCSDC1 for
e:\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/13/2006 21:24:24
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/14/2006 21:24:40
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/15/2006 21:24:46
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
......................... LHA4UCSDC1 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minut
es.
......................... LHA4UCSDC1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:05:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:05:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:14:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:14:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:59:46
(Event String could not be retrieved)
......................... LHA4UCSDC1 failed test systemlog

Testing server: Default-First-Site-Name\LHA4UCSDC2
Starting test: Replications
* Replications Check
......................... LHA4UCSDC2 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
DC=lha4,DC=navy,DC=mil
......................... LHA4UCSDC2 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... LHA4UCSDC2 passed test NetLogons
Starting test: Advertising
The DC LHA4UCSDC2 is advertising itself as a DC and having a DS.
The DC LHA4UCSDC2 is advertising as an LDAP server
The DC LHA4UCSDC2 is advertising as having a writeable directory
The DC LHA4UCSDC2 is advertising as a Key Distribution Center
The DC LHA4UCSDC2 is advertising as a time server
The DS LHA4UCSDC2 is advertising as a GC.
......................... LHA4UCSDC2 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Domain Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role PDC Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Rid Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=LHA4UCSDC2,CN=Se
rvers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mi
l
......................... LHA4UCSDC2 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 18224 to 1073741823
* lha4ucsdc1.lha4.navy.mil is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 17224 to 17723
* rIDNextRID: 17447
* rIDPreviousAllocationPool is 17224 to 17723
......................... LHA4UCSDC2 passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil
* SPN found :LDAP/LHA4UCSDC2
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil/LHA4
* SPN found
:LDAP/f441be0c-d665-48d2-b5be-25a3652e9b4b._msdcs.lha4.navy
..mil
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/f441be0c-d665-48d2-b5
be-25a3652e9b4b/lha4.navy.mil
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil
* SPN found :HOST/LHA4UCSDC2
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil/LHA4
* SPN found :GC/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
......................... LHA4UCSDC2 failed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
TrkWks Service is stopped on [LHA4UCSDC2]
* Checking Service: TrkSvr
TrkSvr Service is stopped on [LHA4UCSDC2]
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [LHA4UCSDC2]
......................... LHA4UCSDC2 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
LHA4UCSDC2 is in domain DC=lha4,DC=navy,DC=mil
Checking for CN=LHA4UCSDC2,OU=COMPOSE Domain Controllers,OU=COMPOSE
Use
rs and Computers,DC=lha4,DC=navy,DC=mil in domain DC=lha4,DC=navy,DC=mil on
2 se
rvers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=LHA4UCSDC2,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil in domain
CN=Configu
ration,DC=lha4,DC=navy,DC=mil on 2 servers
Object is up-to-date on all servers.
......................... LHA4UCSDC2 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
......................... LHA4UCSDC2 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minut
es.
......................... LHA4UCSDC2 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
......................... LHA4UCSDC2 failed test systemlog
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
......................... LHA4UCSDC2 failed test systemlog

Running enterprise tests on : lha4.navy.mil
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... lha4.navy.mil passed test Intersite
Starting test: FsmoCheck
GC Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
PDC Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
Time Server Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
KDC Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
......................... lha4.navy.mil passed test FsmoCheck

Guest · Mar 15, 2006

I also forgot to mention we have Real Secure 6.5 Sensors installed on our
Domain Controllers and our Exchange Servers.

Here is the dcdiag /e /v for DC2.

DC Diagnosis

Performing initial setup:
* Verifing that the local machine lha4ucsdc2, is a DC.
* Connecting to directory service on server lha4ucsdc2.
* Collecting site info.
* Identifying all servers.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.

Doing initial non skippeable tests

Testing server: Default-First-Site-Name\LHA4UCSDC1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... LHA4UCSDC1 passed test Connectivity

Testing server: Default-First-Site-Name\LHA4UCSDC2
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... LHA4UCSDC2 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\LHA4UCSDC1
Starting test: Replications
* Replications Check
......................... LHA4UCSDC1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
DC=lha4,DC=navy,DC=mil
......................... LHA4UCSDC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... LHA4UCSDC1 passed test NetLogons
Starting test: Advertising
The DC LHA4UCSDC1 is advertising itself as a DC and having a DS.
The DC LHA4UCSDC1 is advertising as an LDAP server
The DC LHA4UCSDC1 is advertising as having a writeable directory
The DC LHA4UCSDC1 is advertising as a Key Distribution Center
The DC LHA4UCSDC1 is advertising as a time server
The DS LHA4UCSDC1 is advertising as a GC.
......................... LHA4UCSDC1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Domain Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role PDC Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Rid Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=LHA4UCSDC2,CN=S
rvers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mi
l
......................... LHA4UCSDC1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 18224 to 1073741823
* lha4ucsdc1.lha4.navy.mil is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 17724 to 18223
* rIDNextRID: 17817
* rIDPreviousAllocationPool is 17724 to 18223
......................... LHA4UCSDC1 passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil
* SPN found :LDAP/LHA4UCSDC1
* SPN found :LDAP/lha4ucsdc1.lha4.navy.mil/LHA4
* SPN found
:LDAP/430f3ca8-d43d-4897-b15a-402f82db3dfd._msdcs.lha4.navy
..mil
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/430f3ca8-d43d-4897-b1
5a-402f82db3dfd/lha4.navy.mil
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil
* SPN found :HOST/LHA4UCSDC1
* SPN found :HOST/lha4ucsdc1.lha4.navy.mil/LHA4
* SPN found :GC/lha4ucsdc1.lha4.navy.mil/lha4.navy.mil
......................... LHA4UCSDC1 failed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
TrkWks Service is stopped on [LHA4UCSDC1]
* Checking Service: TrkSvr
TrkSvr Service is stopped on [LHA4UCSDC1]
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [LHA4UCSDC1]
......................... LHA4UCSDC1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
LHA4UCSDC1 is in domain DC=lha4,DC=navy,DC=mil
Checking for CN=LHA4UCSDC1,OU=COMPOSE Domain Controllers,OU=COMPOSE
Use
rs and Computers,DC=lha4,DC=navy,DC=mil in domain DC=lha4,DC=navy,DC=mil on
2 se
rvers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil in domain
CN=Configu
ration,DC=lha4,DC=navy,DC=mil on 2 servers
Object is up-to-date on all servers.
......................... LHA4UCSDC1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/12/2006 21:23:55
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.
[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 03/13/2006 15:42:21
Event String: The File Replication Service is having trouble
enabling replication from LHA4UCSDC2 to
LHA4UCSDC1 for e:\sysvol\domain using the DNS
name lha4ucsdc2.lha4.navy.mil. FRS will keep
retrying.
Following are some of the reasons you would see
this warning.

[1] FRS can not correctly resolve the DNS name
lha4ucsdc2.lha4.navy.mil from this computer.
[2] FRS is not running on
lha4ucsdc2.lha4.navy.mil.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.

This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 03/13/2006 16:43:01
Event String: The File Replication Service has enabled
replication from LHA4UCSDC2 to LHA4UCSDC1 for
e:\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/13/2006 21:24:24
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/14/2006 21:24:40
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
An Warning Event occured. EventID: 0x800034FF
Time Generated: 03/15/2006 21:24:46
Event String: File Replication Service has detected and
suppressed an average of 15 or more file updates
every hour for the last 3 hours because the
updates did not change the contents of the file.
The tracking records in FRS debug logs will have
the filename and event time for the suppressed
updates. The tracking records have the date and
time followed by :T: as their prefix.

Updates that do not change the content of the
file are suppressed to prevent unnecessary
replication traffic. Following are common
examples of updates that do not change the
contents of the file.

[1] Overwriting a file with a copy of the same
file.
[2] Setting the same ACLs on a file multiple
times.
[3] Restoring an identical copy of the file over
an existing one.

Suppression of updates can be disabled by running
regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE, SYSTEM,
CurrentControlSet, Services, NtFrs, Parameters,
and create or update the value "Suppress
Identical Updates To Files" to 0 (Default is 1)
to force identical updates to replicate.
......................... LHA4UCSDC1 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minut
es.
......................... LHA4UCSDC1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:15
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:15
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:50:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:57:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:57:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:57:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:57:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:42
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:42
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/15/2006 23:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:05:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:05:09
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:14:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:14:46
(Event String could not be retrieved)
......................... LHA4UCSDC1 failed test systemlog

Testing server: Default-First-Site-Name\LHA4UCSDC2
Starting test: Replications
* Replications Check
......................... LHA4UCSDC2 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
CN=Configuration,DC=lha4,DC=navy,DC=mil
* Security Permissions Check for
DC=lha4,DC=navy,DC=mil
......................... LHA4UCSDC2 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... LHA4UCSDC2 passed test NetLogons
Starting test: Advertising
The DC LHA4UCSDC2 is advertising itself as a DC and having a DS.
The DC LHA4UCSDC2 is advertising as an LDAP server
The DC LHA4UCSDC2 is advertising as having a writeable directory
The DC LHA4UCSDC2 is advertising as a Key Distribution Center
The DC LHA4UCSDC2 is advertising as a time server
The DS LHA4UCSDC2 is advertising as a GC.
......................... LHA4UCSDC2 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Domain Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role PDC Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Rid Owner = CN=NTDS
Settings,CN=LHA4UCSDC1,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=LHA4UCSDC2,CN=Se
rvers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mi
l
......................... LHA4UCSDC2 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 18224 to 1073741823
* lha4ucsdc1.lha4.navy.mil is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 17224 to 17723
* rIDNextRID: 17447
* rIDPreviousAllocationPool is 17224 to 17723
......................... LHA4UCSDC2 passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil
* SPN found :LDAP/LHA4UCSDC2
* SPN found :LDAP/lha4ucsdc2.lha4.navy.mil/LHA4
* SPN found
:LDAP/f441be0c-d665-48d2-b5be-25a3652e9b4b._msdcs.lha4.navy
..mil
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/f441be0c-d665-48d2-b5
be-25a3652e9b4b/lha4.navy.mil
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil
* SPN found :HOST/LHA4UCSDC2
* SPN found :HOST/lha4ucsdc2.lha4.navy.mil/LHA4
* SPN found :GC/lha4ucsdc2.lha4.navy.mil/lha4.navy.mil
......................... LHA4UCSDC2 failed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
TrkWks Service is stopped on [LHA4UCSDC2]
* Checking Service: TrkSvr
TrkSvr Service is stopped on [LHA4UCSDC2]
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [LHA4UCSDC2]
......................... LHA4UCSDC2 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
LHA4UCSDC2 is in domain DC=lha4,DC=navy,DC=mil
Checking for CN=LHA4UCSDC2,OU=COMPOSE Domain Controllers,OU=COMPOSE
Use
rs and Computers,DC=lha4,DC=navy,DC=mil in domain DC=lha4,DC=navy,DC=mil on
2 se
rvers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=LHA4UCSDC2,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=lha4,DC=navy,DC=mil in domain
CN=Configu
ration,DC=lha4,DC=navy,DC=mil on 2 servers
Object is up-to-date on all servers.
......................... LHA4UCSDC2 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
......................... LHA4UCSDC2 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minut
es.
......................... LHA4UCSDC2 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:12:49
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:24
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
......................... LHA4UCSDC2 failed test systemlog

Running enterprise tests on : lha4.navy.mil
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... lha4.navy.mil passed test Intersite
Starting test: FsmoCheck
An Error Event occured. EventID: 0x00003004
Time Generated: 03/16/2006 00:35:34
(Event String could not be retrieved)
......................... LHA4UCSDC2 failed test systemlog

Running enterprise tests on : lha4.navy.mil
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... lha4.navy.mil passed test Intersite
Starting test: FsmoCheck
GC Name: \\lha4ucsdc2.lha4.navy.mil
Locator Flags: 0xe00001fc
PDC Name: \\lha4ucsdc1.lha4.navy.mil
Locator Flags: 0xe00001fd
Time Server Name: \\lha4ucsdc2.lha4.navy.mil
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\lha4ucsdc2.lha4.navy.mil
Locator Flags: 0xe00001fc
KDC Name: \\lha4ucsdc2.lha4.navy.mil
Locator Flags: 0xe00001fc
......................... lha4.navy.mil passed test FsmoCheck

Vincent Xu [MSFT] · Mar 16, 2006

Hi ,

I have following suggetstion:

1. hklm\system\currentcontrolset\services\netlogon\perameters\usedynamicdns
set it to 0

2. Please refer to:

326911 Event IDs 409 and 410 When You Start the DNS Server Service in
Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;EN-US;326911

Hope it helps.

Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================

--------------------

Thread-Topic: DNS Replication between DC1 & DC1 (Part2)
thread-index: AcZHHIbo1CA9EhAvS8e3pb8xUa1m9Q==
X-WBNR-Posting-Host: 205.56.129.195
From: =?Utf-8?B?QWxsZW4=?= <[email protected]>
References: <[email protected]>

Click to expand...

<#[email protected]>

Subject: Re: DNS Replication between DC1 & DC1 (Part2)
Date: Mon, 13 Mar 2006 20:05:27 -0800
Lines: 734
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.win2000.dns
Path: TK2MSFTNGXA03.phx.gbl
Xref: TK2MSFTNGXA03.phx.gbl microsoft.public.win2000.dns:52478
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.win2000.dns

Here is the netdiag /fix results for DC2:

Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
List of installed hotfixes :
KB329115 KB819696 KB823182 KB823559 KB824105 KB824141 KB824146 KB825119
KB826232 KB828035
KB828741 KB828749 KB834707-IE6SP1-20040929.091901
KB835732 KB840315 KB840987 KB841356 KB841873 KB867282-IE6SP1-20050127.163319
KB870763 KB873333 KB888113 KB890047 KB890175 KB890923-IE6SP1-20050225.103456
KB891711 KB893086 KB896727-IE6SP1-20050719.165959
KB899588 Q147222 Q320517 Q828026
Netcard queries test . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . : lha4ucsdc2.lha4.navy.mil
IP Address . . : 205.69.129.21
Subnet Mask. . . : 255.255.255.0
Default Gateway. . : 205.69.129.1
Primary WINS Server. : 205.69.129.20
Secondary WINS Server. : 205.69.129.21
Dns Servers. : 205.69.129.20
205.69.129.21
AutoConfiguration results. . : Passed
Default gateway test . . : Passed
NetBT name test. . : Passed
WINS service test. : Passed
Global results:
Domain membership test . : Passed
NetBT transports test. . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
Autonet address test . . : Passed
IP loopback ping test. . : Passed
Default gateway test . . : Passed
NetBT name test. . . . . : Passed
Winsock test . . . . . . : Passed
DNS test . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . : Passed
DC list test . . . . . . : Passed
Trust relationship test. : Passed
Secure channel for domain 'LHA4' is to '\\lha4ucsdc1.lha4.navy.mil'.
Kerberos test. . . . . . : Passed
LDAP test. . . . . . . . : Passed
Bindings test. . . . . . : Passed
WAN configuration test . : Skipped
No active remote access connections.
Modem diagnostics test . : Passed
IP Security test . . . . : Skipped
The IPSec Policy Agent service is not started.
The command completed successfully

Here is the netdiag /test:dns /v for DC2:
Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
Tests complete.
Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
DNS Domain Name: lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
Hotfixes :
Installed? Name
Yes KB329115
Yes KB819696
Yes KB823182
Yes KB823559
Yes KB824105
Yes KB824141
Yes KB824146
Yes KB825119
Yes KB826232
Yes KB828035
Yes KB828741
Yes KB828749
Yes KB834707-IE6SP1-20040929.091901
Yes KB835732
Yes KB840315
Yes KB840987
Yes KB841356
Yes KB841873
Yes KB867282-IE6SP1-20050127.163319
Yes KB870763
Yes KB873333
Yes KB888113
Yes KB890047
Yes KB890175
Yes KB890923-IE6SP1-20050225.103456
Yes KB891711
Yes KB893086
Yes KB896727-IE6SP1-20050719.165959
Yes KB899588
Yes Q147222
Yes Q320517
Yes Q828026
Netcard queries test . . . . . . . : Passed
Information of Netcard drivers:
---
Description: HP Network Teaming Virtual Miniport Driver - Packet Scheduler
Miniport
Device: \DEVICE\{338D13DC-CC19-4CC4-AAD5-1AFEB4C3883A}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
---
Description: HP Network Team #1
Device: \DEVICE\{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
----
Description: HP NC6136 Gigabit Server Adapter #2
Device: \DEVICE\{A8EA717A-21AF-41DE-A39D-7DB4DE8EAEA4}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 15942413
Bytes Sent (Optional): 0
Packets Received: 367349
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
Description: HP NC6136 Gigabit Server Adapter
Device: \DEVICE\{E67119CC-B54D-40DA-B3C3-5462B080B2A9}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 16841770
Bytes Sent (Optional): 0
Packets Received: 32775673
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
[PASS] - At least one netcard is in the 'Connected' state.
Per interface results:
Adapter : Local Area Connection
Adapter ID . . : {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Netcard queries test . : Passed
Global results:
Domain membership test . . : Passed
Machine is a . . : Domain Controller
Netbios Domain name. . : LHA4
Dns domain name. . . : lha4.navy.mil
Dns forest name. . : lha4.navy.mil
Domain Guid. . : {9274A107-395B-4A61-9F65-2175C1F18AB1}
Domain Sid . . : S-1-5-21-1165567745-1805261685-1847928074
Logon User . . : x
Logon Domain . . : LHA4
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
DNS test . . : Passed
Interface {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
DNS Domain: lha4.navy.mil
DNS Servers: 205.69.129.20 205.69.129.21
IP Address: 205.69.129.21
Expected registration with PDN (primary DNS domain name):
Hostname: lha4ucsdc2.lha4.navy.mil.
Authoritative zone: lha4.navy.mil.
Primary DNS server: lha4ucsdc1.lha4.navy.mil 205.69.129.20
Authoritative NS:205.69.129.20 205.69.129.21
Verify DNS registration:
Name: lha4ucsdc2.lha4.navy.mil
Expected IP: 205.69.129.21
Server 205.69.129.20: NO_ERROR
Server 205.69.129.21: NO_ERROR
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
Check the DNS registration for DCs entries on DNS server '205.69.129.20'
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.m il.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.m il
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.20'.
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are
multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.20 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.20 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Check the DNS registration for DCs entries on DNS server '205.69.129.21'
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.m il.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_ldap._tcp.9274a107-395b-4a61-9f65-2175c1f18ab1.domains._msdcs.lha4.navy.m il
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is correct on DNS server '205.69.129.21'.
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 3268 lha4ucsdc2.lha4.navy.mil
SRV 0 100 3268 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.21 is:
DNS NAME = lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = gc._msdcs.lha4.navy.mil.
DNS DATA = A 205.69.129.21
The record on DNS server 205.69.129.21 is:
DNS NAME = gc._msdcs.lha4.navy.mil
DNS DATA = A 205.69.129.21
A 205.69.129.20
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME =
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kerberos._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kerberos._udp.lha4.navy.mil
DNS DATA = SRV 0 100 88 lha4ucsdc2.lha4.navy.mil
SRV 0 100 88 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.21'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.21', no need to
re-register.
+
The record on your DC is:
DNS NAME = _kpasswd._udp.lha4.navy.mil.
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.21 is:
DNS NAME = _kpasswd._udp.lha4.navy.mil
DNS DATA = SRV 0 100 464 lha4ucsdc2.lha4.navy.mil
SRV 0 100 464 lha4ucsdc1.lha4.navy.mil
+
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
The command completed successfully

Click to expand...

Guest · Mar 17, 2006

I will give that a shot this weekend. I looked at the article that was noted
and it raise a question. When I do the interface tab under properties for my
DNS servers, do I want to list the IP's for both DNS Servers or just the one
for that particular server. Right now it has both DNS servers listed for IP's
to listen on. But, I wasnt sure if that was right or not.

Thanks,
Allen

Vincent Xu said:
Hi ,

I have following suggetstion:

1. hklm\system\currentcontrolset\services\netlogon\perameters\usedynamicdns
set it to 0

2. Please refer to:

326911 Event IDs 409 and 410 When You Start the DNS Server Service in
Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;EN-US;326911

Hope it helps.

Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================

--------------------

Thread-Topic: DNS Replication between DC1 & DC1 (Part2)
thread-index: AcZHHIbo1CA9EhAvS8e3pb8xUa1m9Q==
X-WBNR-Posting-Host: 205.56.129.195
From: =?Utf-8?B?QWxsZW4=?= <[email protected]>
References: <[email protected]>

Click to expand...

<#[email protected]>

Subject: Re: DNS Replication between DC1 & DC1 (Part2)
Date: Mon, 13 Mar 2006 20:05:27 -0800
Lines: 734
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.win2000.dns
Path: TK2MSFTNGXA03.phx.gbl
Xref: TK2MSFTNGXA03.phx.gbl microsoft.public.win2000.dns:52478
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.win2000.dns

Here is the netdiag /fix results for DC2:

Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
List of installed hotfixes :
KB329115 KB819696 KB823182 KB823559 KB824105 KB824141 KB824146 KB825119
KB826232 KB828035
KB828741 KB828749 KB834707-IE6SP1-20040929.091901
KB835732 KB840315 KB840987 KB841356 KB841873 KB867282-IE6SP1-20050127.163319
KB870763 KB873333 KB888113 KB890047 KB890175 KB890923-IE6SP1-20050225.103456
KB891711 KB893086 KB896727-IE6SP1-20050719.165959
KB899588 Q147222 Q320517 Q828026
Netcard queries test . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . : lha4ucsdc2.lha4.navy.mil
IP Address . . : 205.69.129.21
Subnet Mask. . . : 255.255.255.0
Default Gateway. . : 205.69.129.1
Primary WINS Server. : 205.69.129.20
Secondary WINS Server. : 205.69.129.21
Dns Servers. : 205.69.129.20
205.69.129.21
AutoConfiguration results. . : Passed
Default gateway test . . : Passed
NetBT name test. . : Passed
WINS service test. : Passed
Global results:
Domain membership test . : Passed
NetBT transports test. . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
Autonet address test . . : Passed
IP loopback ping test. . : Passed
Default gateway test . . : Passed
NetBT name test. . . . . : Passed
Winsock test . . . . . . : Passed
DNS test . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . : Passed
DC list test . . . . . . : Passed
Trust relationship test. : Passed
Secure channel for domain 'LHA4' is to '\\lha4ucsdc1.lha4.navy.mil'.
Kerberos test. . . . . . : Passed
LDAP test. . . . . . . . : Passed
Bindings test. . . . . . : Passed
WAN configuration test . : Skipped
No active remote access connections.
Modem diagnostics test . : Passed
IP Security test . . . . : Skipped
The IPSec Policy Agent service is not started.
The command completed successfully

Here is the netdiag /test:dns /v for DC2:
Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
0' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server '205.69.129.2
1' and other DCs also have some of the names registered.
Tests complete.
Computer Name: LHA4UCSDC2
DNS Host Name: lha4ucsdc2.lha4.navy.mil
DNS Domain Name: lha4.navy.mil
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 11 Stepping 4, GenuineIntel
Hotfixes :
Installed? Name
Yes KB329115
Yes KB819696
Yes KB823182
Yes KB823559
Yes KB824105
Yes KB824141
Yes KB824146
Yes KB825119
Yes KB826232
Yes KB828035
Yes KB828741
Yes KB828749
Yes KB834707-IE6SP1-20040929.091901
Yes KB835732
Yes KB840315
Yes KB840987
Yes KB841356
Yes KB841873
Yes KB867282-IE6SP1-20050127.163319
Yes KB870763
Yes KB873333
Yes KB888113
Yes KB890047
Yes KB890175
Yes KB890923-IE6SP1-20050225.103456
Yes KB891711
Yes KB893086
Yes KB896727-IE6SP1-20050719.165959
Yes KB899588
Yes Q147222
Yes Q320517
Yes Q828026
Netcard queries test . . . . . . . : Passed
Information of Netcard drivers:
---
Description: HP Network Teaming Virtual Miniport Driver - Packet Scheduler
Miniport
Device: \DEVICE\{338D13DC-CC19-4CC4-AAD5-1AFEB4C3883A}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
---
Description: HP Network Team #1
Device: \DEVICE\{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 2000 Gbps
Packets Sent: 32709003
Bytes Sent (Optional): 1839737188
Packets Received: 32514273
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): -1094368184
Directed Bytes Recd (Optional): -1094368184
----
Description: HP NC6136 Gigabit Server Adapter #2
Device: \DEVICE\{A8EA717A-21AF-41DE-A39D-7DB4DE8EAEA4}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 15942413
Bytes Sent (Optional): 0
Packets Received: 367349
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
Description: HP NC6136 Gigabit Server Adapter
Device: \DEVICE\{E67119CC-B54D-40DA-B3C3-5462B080B2A9}
Media State: Connected
Device State: Connected
Connect Time: 10:22:22
Media Speed: 1000 Gbps
Packets Sent: 16841770
Bytes Sent (Optional): 0
Packets Received: 32775673
Directed Pkts Recd (Optional): 32418091
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0
----
[PASS] - At least one netcard is in the 'Connected' state.
Per interface results:
Adapter : Local Area Connection
Adapter ID . . : {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
Netcard queries test . : Passed
Global results:
Domain membership test . . : Passed
Machine is a . . : Domain Controller
Netbios Domain name. . : LHA4
Dns domain name. . . : lha4.navy.mil
Dns forest name. . : lha4.navy.mil
Domain Guid. . : {9274A107-395B-4A61-9F65-2175C1F18AB1}
Domain Sid . . : S-1-5-21-1165567745-1805261685-1847928074
Logon User . . : x
Logon Domain . . : LHA4
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
1 NetBt transport currently configured.
DNS test . . : Passed
Interface {09C52A23-01CB-4DEF-BC8B-0F5DBB8ABD4E}
DNS Domain: lha4.navy.mil
DNS Servers: 205.69.129.20 205.69.129.21
IP Address: 205.69.129.21
Expected registration with PDN (primary DNS domain name):
Hostname: lha4ucsdc2.lha4.navy.mil.
Authoritative zone: lha4.navy.mil.
Primary DNS server: lha4ucsdc1.lha4.navy.mil 205.69.129.20
Authoritative NS:205.69.129.20 205.69.129.21
Verify DNS registration:
Name: lha4ucsdc2.lha4.navy.mil
Expected IP: 205.69.129.21
Server 205.69.129.20: NO_ERROR
Server 205.69.129.21: NO_ERROR
The DNS registration for lha4ucsdc2.lha4.navy.mil is correct on all DNS
servers
Check the DNS registration for DCs entries on DNS server '205.69.129.20'
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.lha4.navy.mil.
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil.
The record on DNS server 205.69.129.20 is:
DNS NAME = _ldap._tcp.lha4.navy.mil
DNS DATA = SRV 0 100 389 lha4ucsdc2.lha4.navy.mil
SRV 0 100 389 lha4ucsdc1.lha4.navy.mil
+
The Record is different on DNS server '205.69.129.20'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '205.69.129.20', no need to
re-register.
+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.lha4.navy.mil.

Click to expand...

Click to expand...

Kevin D. Goodknecht Sr. [MVP] · Mar 17, 2006

Allen said:
Kevin,

I noticed the modem test failure as well. Which is interesting
because I
dont have a modem on any server on our network. But I will have to
look into that as it may be something I am not thinking of.

lha4ucsdc2 does the job of domain controller as well as ISA Server
2000. We have a Smart Filter Plug-in that is installed on it as well.
We use it to block outside websites based on content and such. We
also cache a few sites but not many. The network configuration for
ISA is pretty much default for the most part. We have the routing
configured in as well as the LAT & LDT.

dcdiag /e for the most part passes on both DC's. The MachineAccount
test fails but this is because we have it in a different OU called
COMPOSE Domain Controllers. SPAWAR installed this network last year
in July and had the OU setup like this. I imagine this test has
failed for quite some time. Services test failed as well but only
because we have three services disabled. TrkWks, TrkSvr, and SMTPSVC
services are the ones disabled. We have those disabled since we dont

Distributed Link Tracking on Windows-based domain controllers
http://support.microsoft.com/kb/312403/en-us

Guest · Mar 18, 2006

Kevin,

I just wanted to say thank you for all of your assistance. I learned a lot
and made a lot of notes as well. We have our DNS servers replicating now like
they are supose to. I only have the Event ID 409 to work on this weekend and
Vincent Xu has given me a link reference to fix that. The link you sent me is
very interesting. I think my next move now is to find some real good info on
AD, DNS, and the intricates of the Global Catalog.

Thanks,
allen

File Replication Service.	1	Jun 17, 2004
DNS problem =?ISO-8859-1?Q?=BF=3F?=	6	Mar 5, 2005
Going to AD Integrated DNS	3	Feb 13, 2004
Replication/DNS question	4	Feb 22, 2006
IE errors caused by DNS?	6	Mar 5, 2004
Adding a second DNS server in a W2K AD domain	5	Jan 26, 2004
AD/DC Problem with DNS - unable to join Domain	3	Jan 13, 2005
AD DNS Design Problem	8	Jun 30, 2003

DNS Replication between DC1 & DC1

Guest

Kevin D. Goodknecht Sr. [MVP]

Guest

Kevin D. Goodknecht Sr. [MVP]

Guest

Guest

Kevin D. Goodknecht Sr. [MVP]

Guest

Guest

Guest

Vincent Xu [MSFT]

Guest

Kevin D. Goodknecht Sr. [MVP]

Guest

Ask a Question

Similar Threads