P
Paul Roman
A little bit of background...
I've been running a W2k server in basic file and print server mode for
some time without any problems. I also admin a small (4 W/S) NT4 domain
and have some support experience of larger NT4 corporate domains. But
now, partly as a learning exercise and partly because I require roaming
profiles, better access control, etc, I've tried to implement AD on my
network (1 server, 3+ clients).
So, foolishly perhaps, I fired-up the 'Configure Your Server' app/wizard
and followed the steps in the AD wizard. It appears thats not the whole
story. So much for wizards! Further reading has lead me to setup DNS and
DHCP but I still don't have a working domain.
What are the correct steps and sequence to setup AD?
(General terms should be enough to point me in the right direction, eg.
1.Setup DNS 2.Setup DHCP 3....)
Can I correct my current setup?
(Output from netdiag and dcdiag at the end of this post. Any others
useful?)
Recommended books?
Thanks
Paul
C:\>netdiag
....................................
Computer Name: WORKTIME-SERV
DNS Host Name: worktime-serv.worktime.ltd.uk
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 4 Stepping 4, AuthenticAMD
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : worktime-serv
IP Address . . . . . . . . : 192.168.7.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.7.1
Dns Servers. . . . . . . . : 192.168.7.10
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'192.168.7.10'.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'WORKTIME'.
[ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'WORKTIME': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Skipped
'WORKTIME': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The
specified domain either does not exist or could not be contacted.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
C:\>dcdiag
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\WORKTIME-SERV
Starting test: Connectivity
......................... WORKTIME-SERV passed test
Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\WORKTIME-SERV
Starting test: Replications
......................... WORKTIME-SERV passed test
Replications
Starting test: NCSecDesc
......................... WORKTIME-SERV passed test NCSecDesc
Starting test: NetLogons
......................... WORKTIME-SERV passed test NetLogons
Starting test: Advertising
Fatal Error
sGetDcName (WORKTIME-SERV) call failed, error 1355
The Locator could not find the server.
......................... WORKTIME-SERV failed test Advertising
Starting test: KnowsOfRoleHolders
......................... WORKTIME-SERV passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... WORKTIME-SERV passed test RidManager
Starting test: MachineAccount
......................... WORKTIME-SERV passed test
MachineAccount
Starting test: Services
......................... WORKTIME-SERV passed test Services
Starting test: ObjectsReplicated
......................... WORKTIME-SERV passed test
ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... WORKTIME-SERV passed test frssysvol
Starting test: kccevent
......................... WORKTIME-SERV passed test kccevent
Starting test: systemlog
......................... WORKTIME-SERV passed test systemlog
Running enterprise tests on : worktime.ltd.uk
Starting test: Intersite
......................... worktime.ltd.uk passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error
1355
A Global Catalog Server could not be located - All GC's are
down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed,
error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... worktime.ltd.uk failed test FsmoCheck
END
I've been running a W2k server in basic file and print server mode for
some time without any problems. I also admin a small (4 W/S) NT4 domain
and have some support experience of larger NT4 corporate domains. But
now, partly as a learning exercise and partly because I require roaming
profiles, better access control, etc, I've tried to implement AD on my
network (1 server, 3+ clients).
So, foolishly perhaps, I fired-up the 'Configure Your Server' app/wizard
and followed the steps in the AD wizard. It appears thats not the whole
story. So much for wizards! Further reading has lead me to setup DNS and
DHCP but I still don't have a working domain.
What are the correct steps and sequence to setup AD?
(General terms should be enough to point me in the right direction, eg.
1.Setup DNS 2.Setup DHCP 3....)
Can I correct my current setup?
(Output from netdiag and dcdiag at the end of this post. Any others
useful?)
Recommended books?
Thanks
Paul
C:\>netdiag
....................................
Computer Name: WORKTIME-SERV
DNS Host Name: worktime-serv.worktime.ltd.uk
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 4 Stepping 4, AuthenticAMD
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : worktime-serv
IP Address . . . . . . . . : 192.168.7.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.7.1
Dns Servers. . . . . . . . : 192.168.7.10
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'192.168.7.10'.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{E64D9FA9-C8BF-466C-B863-9CEDA88137D3}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'WORKTIME'.
[ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'WORKTIME': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Skipped
'WORKTIME': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The
specified domain either does not exist or could not be contacted.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
C:\>dcdiag
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\WORKTIME-SERV
Starting test: Connectivity
......................... WORKTIME-SERV passed test
Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\WORKTIME-SERV
Starting test: Replications
......................... WORKTIME-SERV passed test
Replications
Starting test: NCSecDesc
......................... WORKTIME-SERV passed test NCSecDesc
Starting test: NetLogons
......................... WORKTIME-SERV passed test NetLogons
Starting test: Advertising
Fatal Error
sGetDcName (WORKTIME-SERV) call failed, error 1355The Locator could not find the server.
......................... WORKTIME-SERV failed test Advertising
Starting test: KnowsOfRoleHolders
......................... WORKTIME-SERV passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... WORKTIME-SERV passed test RidManager
Starting test: MachineAccount
......................... WORKTIME-SERV passed test
MachineAccount
Starting test: Services
......................... WORKTIME-SERV passed test Services
Starting test: ObjectsReplicated
......................... WORKTIME-SERV passed test
ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... WORKTIME-SERV passed test frssysvol
Starting test: kccevent
......................... WORKTIME-SERV passed test kccevent
Starting test: systemlog
......................... WORKTIME-SERV passed test systemlog
Running enterprise tests on : worktime.ltd.uk
Starting test: Intersite
......................... worktime.ltd.uk passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error
1355
A Global Catalog Server could not be located - All GC's are
down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed,
error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... worktime.ltd.uk failed test FsmoCheck
END