G
Guest
Running W2KSP
First and second domain controllers were physically removed after third DC was added. Fourth DC was added after
The RID Operations Manager shows and error as well as the Schema Owner thinks it belongs to one on the removed DC's. The old DC's are permanently gone (SDM001,SDM02). CAS and SDM are the current DC'
I am not sure which steps I show follow to correct this proble
Here is the DCDIAG /v info
Domain Controller Diagnosi
Performing initial setup
* Verifying that the local machine CAS, is a DC.
* Connecting to directory service on server CAS
* Collecting site info
* Identifying all servers
* Found 2 DC(s). Testing 1 of them
Done gathering initial info
Doing initial required test
Testing server: Default-First-Site-Name\CA
Starting test: Connectivit
* Active Directory LDAP Services Chec
* Active Directory RPC Services Chec
......................... CAS passed test Connectivit
Doing primary test
Testing server: Default-First-Site-Name\CA
Starting test: Replication
* Replications Chec
......................... CAS passed test Replication
Test omitted by user request: Topolog
Test omitted by user request: CutoffServer
Starting test: NCSecDes
* Security Permissions Check fo
CN=Schema,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
* Security Permissions Check fo
CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
* Security Permissions Check fo
DC=ahs-ream,DC=osb,DC=ore
......................... CAS passed test NCSecDes
Starting test: NetLogon
* Network Logons Privileges Chec
......................... CAS passed test NetLogon
Starting test: Advertisin
The DC CAS is advertising itself as a DC and having a DS
The DC CAS is advertising as an LDAP serve
The DC CAS is advertising as having a writeable director
The DC CAS is advertising as a Key Distribution Cente
The DC CAS is advertising as a time serve
......................... CAS passed test Advertisin
Starting test: KnowsOfRoleHolder
Role Schema Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Schema Owner, but is deleted
Role Domain Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Domain Owner, but is deleted
Role PDC Owner = CN=NTDS Settings,CN=SDM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Role Rid Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Rid Owner, but is deleted
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SDM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
......................... CAS failed test KnowsOfRoleHolder
Starting test: RidManage
* Available RID Pool for the Domain is 3102 to 107374182
Warning: FSMO Role Owner is deleted.
ldap_search_sW of CN=SDM01DEL:c8401599-303c-4ab7-8330-92e2e59731b9,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea for hostname failed with 2: The system cannot find the file specified.
......................... CAS failed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
* SPN found :LDAP/CAS.ahs-ream.osb.orea
* SPN found :LDAP/CAS
* SPN found :LDAP/CAS.ahs-ream.osb.orea/ahs-ream
* SPN found :LDAP/d09963d2-1c4f-49e0-84ce-dd380509f609._msdcs.ahs-ream.osb.orea
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/d09963d2-1c4f-49e0-84ce-dd380509f609/ahs-ream.osb.orea
* SPN found :HOST/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
* SPN found :HOST/CAS.ahs-ream.osb.orea
* SPN found :HOST/CAS
* SPN found :HOST/CAS.ahs-ream.osb.orea/ahs-ream
* SPN found :GC/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
......................... CAS passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
......................... CAS passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
CAS is in domain DC=ahs-ream,DC=osb,DC=orea
Checking for CN=CAS,OU=Domain Controllers,DC=ahs-ream,DC=osb,DC=orea in domain DC=ahs-ream,DC=osb,DC=orea on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CAS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea in domain CN=Configuration,DC=ahs-ream,DC=osb,DC=orea on 1 servers
Object is up-to-date on all servers.
......................... CAS passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/01/2004 13:23:02
Event String: The File Replication Service is having trouble
enabling replication from SDM02 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM02.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM02.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM02.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 12:13:20
Event String: The File Replication Service is having trouble
enabling replication from SDM to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 06/02/2004 12:20:06
Event String: The File Replication Service has enabled
replication from SDM to CAS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 15:45:00
Event String: The File Replication Service is having trouble
enabling replication from SDM02 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM02.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM02.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM02.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 16:13:24
Event String: The File Replication Service is having trouble
enabling replication from SDM01 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM01.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM01.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM01.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
......................... CAS passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... CAS passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... CAS passed test systemlog
Running enterprise tests on : ahs-ream.osb.orea
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ahs-ream.osb.orea passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\SDM.ahs-ream.osb.orea
Locator Flags: 0xe00001f9
Time Server Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
Preferred Time Server Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
KDC Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
......................... ahs-ream.osb.orea failed test FsmoCheck
First and second domain controllers were physically removed after third DC was added. Fourth DC was added after
The RID Operations Manager shows and error as well as the Schema Owner thinks it belongs to one on the removed DC's. The old DC's are permanently gone (SDM001,SDM02). CAS and SDM are the current DC'
I am not sure which steps I show follow to correct this proble
Here is the DCDIAG /v info
Domain Controller Diagnosi
Performing initial setup
* Verifying that the local machine CAS, is a DC.
* Connecting to directory service on server CAS
* Collecting site info
* Identifying all servers
* Found 2 DC(s). Testing 1 of them
Done gathering initial info
Doing initial required test
Testing server: Default-First-Site-Name\CA
Starting test: Connectivit
* Active Directory LDAP Services Chec
* Active Directory RPC Services Chec
......................... CAS passed test Connectivit
Doing primary test
Testing server: Default-First-Site-Name\CA
Starting test: Replication
* Replications Chec
......................... CAS passed test Replication
Test omitted by user request: Topolog
Test omitted by user request: CutoffServer
Starting test: NCSecDes
* Security Permissions Check fo
CN=Schema,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
* Security Permissions Check fo
CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
* Security Permissions Check fo
DC=ahs-ream,DC=osb,DC=ore
......................... CAS passed test NCSecDes
Starting test: NetLogon
* Network Logons Privileges Chec
......................... CAS passed test NetLogon
Starting test: Advertisin
The DC CAS is advertising itself as a DC and having a DS
The DC CAS is advertising as an LDAP serve
The DC CAS is advertising as having a writeable director
The DC CAS is advertising as a Key Distribution Cente
The DC CAS is advertising as a time serve
......................... CAS passed test Advertisin
Starting test: KnowsOfRoleHolder
Role Schema Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Schema Owner, but is deleted
Role Domain Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Domain Owner, but is deleted
Role PDC Owner = CN=NTDS Settings,CN=SDM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Role Rid Owner = CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
Warning: CN="NTDS Setting
DEL:dd71fe3c-33c4-4db9-812d-7360a1abbe2b",CN="SDM0
DEL:c8401599-303c-4ab7-8330-92e2e59731b9",CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea is the Rid Owner, but is deleted
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SDM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=ore
......................... CAS failed test KnowsOfRoleHolder
Starting test: RidManage
* Available RID Pool for the Domain is 3102 to 107374182
Warning: FSMO Role Owner is deleted.
ldap_search_sW of CN=SDM01DEL:c8401599-303c-4ab7-8330-92e2e59731b9,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea for hostname failed with 2: The system cannot find the file specified.
......................... CAS failed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
* SPN found :LDAP/CAS.ahs-ream.osb.orea
* SPN found :LDAP/CAS
* SPN found :LDAP/CAS.ahs-ream.osb.orea/ahs-ream
* SPN found :LDAP/d09963d2-1c4f-49e0-84ce-dd380509f609._msdcs.ahs-ream.osb.orea
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/d09963d2-1c4f-49e0-84ce-dd380509f609/ahs-ream.osb.orea
* SPN found :HOST/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
* SPN found :HOST/CAS.ahs-ream.osb.orea
* SPN found :HOST/CAS
* SPN found :HOST/CAS.ahs-ream.osb.orea/ahs-ream
* SPN found :GC/CAS.ahs-ream.osb.orea/ahs-ream.osb.orea
......................... CAS passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
......................... CAS passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
CAS is in domain DC=ahs-ream,DC=osb,DC=orea
Checking for CN=CAS,OU=Domain Controllers,DC=ahs-ream,DC=osb,DC=orea in domain DC=ahs-ream,DC=osb,DC=orea on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CAS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ahs-ream,DC=osb,DC=orea in domain CN=Configuration,DC=ahs-ream,DC=osb,DC=orea on 1 servers
Object is up-to-date on all servers.
......................... CAS passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/01/2004 13:23:02
Event String: The File Replication Service is having trouble
enabling replication from SDM02 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM02.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM02.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM02.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 12:13:20
Event String: The File Replication Service is having trouble
enabling replication from SDM to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 06/02/2004 12:20:06
Event String: The File Replication Service has enabled
replication from SDM to CAS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 15:45:00
Event String: The File Replication Service is having trouble
enabling replication from SDM02 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM02.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM02.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM02.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 06/02/2004 16:13:24
Event String: The File Replication Service is having trouble
enabling replication from SDM01 to CAS for
c:\winnt\sysvol\domain using the DNS name
SDM01.ahs-ream.osb.orea. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
SDM01.ahs-ream.osb.orea from this computer.
[2] FRS is not running on
SDM01.ahs-ream.osb.orea.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
......................... CAS passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... CAS passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... CAS passed test systemlog
Running enterprise tests on : ahs-ream.osb.orea
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ahs-ream.osb.orea passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\SDM.ahs-ream.osb.orea
Locator Flags: 0xe00001f9
Time Server Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
Preferred Time Server Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
KDC Name: \\CAS.ahs-ream.osb.orea
Locator Flags: 0xe00001f8
......................... ahs-ream.osb.orea failed test FsmoCheck