Global Catalog Error?

J

Jeff

On my DC that holds all the FSMO roles, I get the following error after
rebooting:

Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 3/22/2004
Time: 9:36:49 PM
User: Everyone
Computer: MYDC
Description:
Unable to establish connection with global catalog.

I think this has happened since I replaced another DC with this one. Has
anyone seen this? How do I verify that there actually is a problem with the
GC?

Thanks,

Jeff
 
D

Doug Gabbard

Do you have a Global Catalog? Or was the DC you replaced the only GC?
Also, when you say "replaced" do you mean gracefully DCPROMO down and
DCPROMO a new DC. If you had a DC fail and you replaced it with the DC with
the same name you will have issues.

Look at a couple things.
1. Who is the GC and can you connect to it - (ping)
2. If you no longer have a GC then uses Sites and Services and make one
of your DCs a GC.
3. Run DCdiag -v to see any errors.

Doug
MCSE 2003/2000/NT4
 
J

Jeff

Do you have a Global Catalog? Or was the DC you replaced the only GC?
Click to expand...

We have another DC at our main site that is a GC.
Also, when you say "replaced" do you mean gracefully DCPROMO down and
DCPROMO a new DC. If you had a DC fail and you replaced it with the DC with
the same name you will have issues.
Click to expand...

Our Hardware is leased so replacing the DC was gracefully demoting the old
DC and running DCPROMO on the new hardware. The new hardware was installed
with a different name than the previous DC.
Look at a couple things.
1. Who is the GC and can you connect to it - (ping)
Click to expand...

Yes I can ping the other DC/GC.
2. If you no longer have a GC then uses Sites and Services and make one
of your DCs a GC.
3. Run DCdiag -v to see any errors.
Click to expand...

DCDiag on the DC in question returned one error trkwks service was not
running. I investigated and that service was set to manual startup?? Could
that service not running cause issues with AD similar to what I am seeing?

After starting the trkwks service, I re-ran dcdiag -v and there were no
errors.

Jeff
 
J

Jeff

Do you have any other errors? or issues? this may be a non issue - look at
these two articles:
Click to expand...

The only other issue I am seeing is that some PCs at my main site will
authenticate to a DC at a remote site. Not sure what is causing that to
happen??

Jeff
 
D

Doug Gabbard

For user's logging on to the incorrect site make sure the DCs in their site
are available by verifying some services are running such as Netlogon and
RPC as well as runing DcDiag and NetDiag with -v to look for possible
issues.. If either of these are stopped or paused users will authenticate
with DCs outside of their site.

These services can be paused even though the service shows started in the
GUI. A trace would show the services paused if that is what is the issue
is.

\doug
MCSE 2003/2000/NT4
 
J

Jeff

For user's logging on to the incorrect site make sure the DCs in their
site
are available by verifying some services are running such as Netlogon and
RPC as well as runing DcDiag and NetDiag with -v to look for possible
issues.. If either of these are stopped or paused users will authenticate
with DCs outside of their site.
Click to expand...

I'll run the diagnostic tools on the DCs and verify that services are
running properly. See if that sheds any light on the issue. . .
These services can be paused even though the service shows started in the
GUI. A trace would show the services paused if that is what is the issue
is.
Click to expand...

When you say "a trace" what do you mean? Is there a tool I need to use to do
that? Sorry for my ignorance. . .

thanks for all your help.

Jeff
 
D

Doug Gabbard

A trace is done with NetMon or some third party software. But if you
haven't looked at a trace before I don't think you want to try that. If you
would, run the following tools. Results will be saved to a text file using
the following commands (support tools need to be installed):

DCDIAG -v >c:\dcdiag.txt
NetDiag -v >c:\netdiag.txt
RepAdmin /showreps >showreps.txt

Then attach the results of these three to a reply.
 
J

Jeff

I've used NetMon before but I did not know it would show me if the netlogon
or RPC service was paused. . .

I'd prefer not to post the results of the three tests you listed to the
newsgroup. Can you send me an email at (e-mail address removed)? I will send
them to you directly.

Thanks again for your help.

Jeff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with Global catalog 5
Global Catalog 1
Global Catalog issue?? 4
Domain controller does not find GC 3
Global Catalog Server 3
Unable to establish connection with global catalog 1
Global catalog problems, event id: 1126 1
unable to assign gc role to any dc 9

Top