Server can't replicate AD anymore

[Guest]

Hi

my 2 domain controllers don't seem to like eachother anymore
When i check ADRM one server says it can't replicate, access denied !
When I try to open AD users & computers it says 'the target principal name is incorrect', same with other applications which rely on AD
When i try to change security on file/directories - the same.

here is my dcdiag output of the server with troubles....i don't know where to start (yet
Maybe you guys and girls can help me out
Leo

DC Diagnosi

Performing initial setup
Done gathering initial info

Doing initial non skippeable test

Testing server: Default-First-Site-Name\HOOFDSERVE
Starting test: Connectivit
......................... HOOFDSERVER passed test Connectivit

Doing primary test

Testing server: Default-First-Site-Name\HOOFDSERVE
Starting test: Replication
[Replications Check,HOOFDSERVER] A recent replication attempt failed
From SERVER to HOOFDSERVE
Naming Context: CN=Schema,CN=Configuration,DC=regenboog,DC=loca
The replication generated an error (5)
Access is denied
The failure occurred at 2004-03-23 09:02.52
The last success occurred at 2004-02-06 12:49.35
1127 failures have occurred since the last success
[SERVER] DsBind() failed with error -2146893022
The target principal name is incorrect.
[Replications Check,HOOFDSERVER] A recent replication attempt failed
From SERVER to HOOFDSERVE
Naming Context: CN=Configuration,DC=regenboog,DC=loca
The replication generated an error (5)
Access is denied
The failure occurred at 2004-03-23 09:19.06
The last success occurred at 2004-02-06 13:00.13
1260 failures have occurred since the last success
[Replications Check,HOOFDSERVER] A recent replication attempt failed
From SERVER to HOOFDSERVE
Naming Context: DC=regenboog,DC=loca
The replication generated an error (5)
Access is denied
The failure occurred at 2004-03-23 09:18.36
The last success occurred at 2004-02-06 13:09.21
1499 failures have occurred since the last success
......................... HOOFDSERVER passed test Replication
Starting test: NCSecDes
......................... HOOFDSERVER passed test NCSecDes
Starting test: NetLogon
......................... HOOFDSERVER passed test NetLogon
Starting test: Advertisin
Warning: DsGetDcName returned information for \\server.regenboog.local, when we were trying to reach HOOFDSERVER
Server is not responding or is not considcl
ered suitable
[SERVER] LDAP bind failed with error 31
A device attached to the system is not functioning.
Server HOOFDSERVER is advertising as a global catalog, bu
it could not be verified that the server thought it was a GC
......................... HOOFDSERVER failed test Advertisin
Starting test: KnowsOfRoleHolder
Warning: SERVER is the PDC Owner, but is not responding to DS RPC Bind
Warning: SERVER is the PDC Owner, but is not responding to LDAP Bind
......................... HOOFDSERVER failed test KnowsOfRoleHolder
Starting test: RidManage
......................... HOOFDSERVER passed test RidManage
Starting test: MachineAccoun
......................... HOOFDSERVER passed test MachineAccoun
Starting test: Service
......................... HOOFDSERVER passed test Service
Starting test: ObjectsReplicate
......................... HOOFDSERVER passed test ObjectsReplicate
Starting test: frssysvo
Error: No record of File Replication System, SYSVOL started
The Active Directory may be prevented from starting
There are errors after the SYSVOL has been shared
The SYSVOL can prevent the AD from starting
......................... HOOFDSERVER passed test frssysvol
Starting test: kccevent
......................... HOOFDSERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000041B
Time Generated: 03/23/2004 08:53:29
Event String: The DHCP/BINL service has determined that it is

An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:30
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:30
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:30
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:30
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:31
Event String: Driver hp deskjet 930c series required for

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:31
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:31
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:31
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:32
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:32
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:33
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:33
Event String: The printer could not be installed.
......................... HOOFDSERVER failed test systemlog

Running enterprise tests on : regenboog.local
Starting test: Intersite
......................... regenboog.local passed test Intersite
Starting test: FsmoCheck
......................... regenboog.local passed test FsmoCheck

 

[Karin Galli [MS]]

Check if "Access this computer from the network" right is enabled and is
given to the Enterprise Domain Controllers group.

Cheers!


--
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Hi,

my 2 domain controllers don't seem to like eachother anymore!
When i check ADRM one server says it can't replicate, access denied !?
When I try to open AD users & computers it says 'the target principal name

is incorrect', same with other applications which rely on AD.

When i try to change security on file/directories - the same.

here is my dcdiag output of the server with troubles....i don't know where to start (yet)
Maybe you guys and girls can help me out?
Leon


DC Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial non skippeable tests

Testing server: Default-First-Site-Name\HOOFDSERVER
Starting test: Connectivity
......................... HOOFDSERVER passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\HOOFDSERVER
Starting test: Replications
[Replications Check,HOOFDSERVER] A recent replication attempt failed:
From SERVER to HOOFDSERVER
Naming Context: CN=Schema,CN=Configuration,DC=regenboog,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2004-03-23 09:02.52.
The last success occurred at 2004-02-06 12:49.35.
1127 failures have occurred since the last success.
[SERVER] DsBind() failed with error -2146893022,
The target principal name is incorrect..
[Replications Check,HOOFDSERVER] A recent replication attempt failed:
From SERVER to HOOFDSERVER
Naming Context: CN=Configuration,DC=regenboog,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2004-03-23 09:19.06.
The last success occurred at 2004-02-06 13:00.13.
1260 failures have occurred since the last success.
[Replications Check,HOOFDSERVER] A recent replication attempt failed:
From SERVER to HOOFDSERVER
Naming Context: DC=regenboog,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2004-03-23 09:18.36.
The last success occurred at 2004-02-06 13:09.21.
1499 failures have occurred since the last success.
......................... HOOFDSERVER passed test Replications
Starting test: NCSecDesc
......................... HOOFDSERVER passed test NCSecDesc
Starting test: NetLogons
......................... HOOFDSERVER passed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for

\\server.regenboog.local, when we were trying to reach HOOFDSERVER.

Server is not responding or is not considcls
ered suitable.
[SERVER] LDAP bind failed with error 31,
A device attached to the system is not functioning..
Server HOOFDSERVER is advertising as a global catalog, but
it could not be verified that the server thought it was a GC.
......................... HOOFDSERVER failed test Advertising
Starting test: KnowsOfRoleHolders
Warning: SERVER is the PDC Owner, but is not responding to DS RPC Bind.
Warning: SERVER is the PDC Owner, but is not responding to LDAP Bind.
......................... HOOFDSERVER failed test KnowsOfRoleHolders
Starting test: RidManager
......................... HOOFDSERVER passed test RidManager
Starting test: MachineAccount
......................... HOOFDSERVER passed test MachineAccount
Starting test: Services
......................... HOOFDSERVER passed test Services
Starting test: ObjectsReplicated
......................... HOOFDSERVER passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... HOOFDSERVER passed test frssysvol
Starting test: kccevent
......................... HOOFDSERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000041B
Time Generated: 03/23/2004 08:53:29
Event String: The DHCP/BINL service has determined that it is

An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:30
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:30
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:30
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:30
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:31
Event String: Driver hp deskjet 930c series required for

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:31
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:31
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:31
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:32
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:32
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 03/23/2004 08:55:33
Event String: Driver HP LaserJet 4000 Series PCL 5e required

An Error Event occured. EventID: 0x00000452
Time Generated: 03/23/2004 08:55:33
Event String: The printer could not be installed.
......................... HOOFDSERVER failed test systemlog

Running enterprise tests on : regenboog.local
Starting test: Intersite
......................... regenboog.local passed test Intersite
Starting test: FsmoCheck
......................... regenboog.local passed test FsmoCheck

 

[Guest]

Thx Karin, but i told i can't change security settings, it will give the error

I tried to restart with the Kerberos service disabled and it started working again !!!
Replication seems fine and i can change security settings again

Tomorrow i will try to restart with kerberos enabled to check if the problem is completely solved

Leon