Sign in with
Sign up | Sign in
Your question

Dc not Functioning Properly.

Last response: in Windows 2000/NT
Share
Anonymous
March 14, 2005 2:31:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi,
Iam having two win2000 Dcs(Seperated by WAN Link) in my Site, one of my Dc
is not functioning as a Domain Controller. There is no Sysvol and Netlogon
share. I shared the \winnt\SYSVOL\sysvol folder manualy, but the share was
automatically removed within a week. I ran netdiag utily and it fails in
Domain Membership Test. Iam getting 13508 (FRS) Warning without any 13509 id.
Plz advice to recover from this problem.

More about : functioning properly

Anonymous
March 14, 2005 11:30:01 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Is demoting this and starting again an option? If so, do that. ;-)

Otherwise, point the remote DC to the working one for DNS (assuming the DC
in the main office is your DNS server) and restart netlogon after ensuring
that you've not disabled and/ or stopped the DHCP Client Service.

In doing this the netlogon process will trigger the DHCP Client Service to
register SRV records in DNS. You will also now be able to resolve the other
DC.

Try replicating and waiting. Then look at this:
-- http://support.microsoft.com/?id=257338


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
Anonymous
March 14, 2005 11:30:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Both the Dcs are AD integrated DNS servers, and both have "A" records and
"Ptr" records and both can contact through FQDN names. I have also tried
restarting Netlogon and frs services, but it doesnt works. i have tried the
options in the microsoft support Link and all the tests are successful. Is
there any way to recreate the Sysvol share. Iam getting failure result in
Domain Membership Test(Netdiag).Also the Dc is not advertising.

"ptwilliams" wrote:

> Is demoting this and starting again an option? If so, do that. ;-)
>
> Otherwise, point the remote DC to the working one for DNS (assuming the DC
> in the main office is your DNS server) and restart netlogon after ensuring
> that you've not disabled and/ or stopped the DHCP Client Service.
>
> In doing this the netlogon process will trigger the DHCP Client Service to
> register SRV records in DNS. You will also now be able to resolve the other
> DC.
>
> Try replicating and waiting. Then look at this:
> -- http://support.microsoft.com/?id=257338
>
>
> --
>
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>
>
Related resources
Anonymous
March 14, 2005 11:30:03 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

dcdiag /e /c /v /s:server name /f:c:\dcdiag.log

when complete look at the dcdiag.log log


"C:\program files\support tools\netdiag" /v /l

when complete look at the netdiag.log file


"C:\program files\support tools\repadmin" /replsum /bysrc /bydest
/sort:D elta > c:\repadmin.log

"C:\program files\support tools\repadmin" /showreps server name >>
c:\repadmin.log

When complete look at repadmin.log

This should give you some details about failures




These links might provide some additional info to help provide details about
the tools
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q265706
http://support.microsoft.com/kb/229896

Server tools should be available on your installation cd at d:\support\tools


--

Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.



"Baskaran B" <BaskaranB@discussions.microsoft.com> wrote in message
news:AE35A7AE-577F-466C-8678-B7E748A46703@microsoft.com...
> Both the Dcs are AD integrated DNS servers, and both have "A" records and
> "Ptr" records and both can contact through FQDN names. I have also tried
> restarting Netlogon and frs services, but it doesnt works. i have tried
the
> options in the microsoft support Link and all the tests are successful. Is
> there any way to recreate the Sysvol share. Iam getting failure result in
> Domain Membership Test(Netdiag).Also the Dc is not advertising.
>
> "ptwilliams" wrote:
>
> > Is demoting this and starting again an option? If so, do that. ;-)
> >
> > Otherwise, point the remote DC to the working one for DNS (assuming the
DC
> > in the main office is your DNS server) and restart netlogon after
ensuring
> > that you've not disabled and/ or stopped the DHCP Client Service.
> >
> > In doing this the netlogon process will trigger the DHCP Client Service
to
> > register SRV records in DNS. You will also now be able to resolve the
other
> > DC.
> >
> > Try replicating and waiting. Then look at this:
> > -- http://support.microsoft.com/?id=257338
> >
> >
> > --
> >
> > Paul Williams
> >
> > http://www.msresource.net/
> > http://forums.msresource.net/
> >
> >
> >
Anonymous
March 14, 2005 11:30:03 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

The existence of A and PTR records simply proves that name-to-IP or
IP-to-name resolution works. Directory services are located through SRV
records, which these tests do not prove.

The following will prove if DNS is working or not:

C:\>nslookup
>set type=srv
>_ldap._tcp.dc._msdcs.domain-name

OR

C:\>netdiag /test:D ns


With regards to generating the SYSVOL, lets ensure that DNS *IS* fine first...

We'll then look at how you can recreate SYSVOL.


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
Anonymous
March 16, 2005 5:15:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Dear Paul,
I have tested my DNS with Nslookup for _ldap._tcp.dc._msdcs.domain-name srv
record, and it sounds good, also netdiag /test:D ns is also completing without
any errors.Hope my DNS is working properly.Mr Paul Bergson suggested for
Dcdiag and netdiag utilities and i found some errors on it, i have pasted the
error below.

Domain name - Mydomain
DC1 - Working DC
DC2 - Problematic DC

dcdiag /e /c /v /s:D C2 /f:c:\dcdiag.log

Starting test: Advertising
Warning: DsGetDcName returned information for \\DC1.Mydomain.com,
when we were trying to reach DC2.
Server is not responding or is not considered suitable.
The DC DC2 is advertising itself as a DC and having a DS.
The DC DC2 is advertising as an LDAP server
The DC DC2 is advertising as having a writeable directory
The DC DC2 is advertising as a Key Distribution Center
The DC DC2 is advertising as a time server
......................... DC2 failed test Advertising

netdiag /v /l

Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to the
local machine. This machine is not working properly as a DC.
Machine is a . . . . . . . . . : Domain Controller
Netbios Domain name. . . . . . : Mydomain
Dns domain name. . . . . . . . : Mydomain.com
Dns forest name. . . . . . . . : Mydomain.com
Domain Guid. . . . . . . . . . : {0D3D00A0-167B-4649-A8B0-193CEA679424}
Domain Sid . . . . . . . . . . : S-1-5-21-796845957-1035525444-725345543
Logon User . . . . . . . . . . : balakrb1
Logon Domain . . . . . . . . . : Mydomain

result shows Failure in Domain Membership and Advertising tests.
Waiting for ur reply with patience.
Regards
Baskaran B

"ptwilliams" wrote:

> The existence of A and PTR records simply proves that name-to-IP or
> IP-to-name resolution works. Directory services are located through SRV
> records, which these tests do not prove.
>
> The following will prove if DNS is working or not:
>
> C:\>nslookup
> >set type=srv
> >_ldap._tcp.dc._msdcs.domain-name
>
> OR
>
> C:\>netdiag /test:D ns
>
>
> With regards to generating the SYSVOL, lets ensure that DNS *IS* fine first...
>
> We'll then look at how you can recreate SYSVOL.
>
>
> --
>
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
Anonymous
March 16, 2005 5:53:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Dear Paul Bergson,

I have tried the dcdiag and netdiag utilities and found some errors, i have
pasted the errors below,

Domain - Mydomain
Working Dc - DC1
Problematic Dc - DC2

dcdiag /e /c /v /s:D C2 /f:c:\dcdiag.log

Starting test: Advertising
Warning: DsGetDcName returned information for \\DC1.Mydomain.com,
when we were trying to reach DC2.
Server is not responding or is not considered suitable.
The DC DC2 is advertising itself as a DC and having a DS.
The DC DC2 is advertising as an LDAP server
The DC DC2 is advertising as having a writeable directory
The DC DC2 is advertising as a Key Distribution Center
The DC DC2 is advertising as a time server
......................... DC2 failed test Advertising

netdiag /v /l

Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to the
local machine. This machine is not working properly as a DC.
Machine is a . . . . . . . . . : Domain Controller
Netbios Domain name. . . . . . : Mydomain
Dns domain name. . . . . . . . : Mydomain.com
Dns forest name. . . . . . . . : Mydomain.com
Domain Guid. . . . . . . . . . : {0D3D00A0-167B-4649-A8B0-193CEA679424}
Domain Sid . . . . . . . . . . : S-1-5-21-796845957-1035525444-725345543
Logon User . . . . . . . . . . : balakrb1
Logon Domain . . . . . . . . . : Mydomain

i have also checked Repadmin and it didnt show any errors, i also paste the
repadmin report,

repadmin" /showreps DC2 >> c:\repadmin2.log

Mydomain\DC2
DSA Options : (none)
objectGuid : 9a1a783a-903d-4fbb-9c41-f48861e06891
invocationID: c610e3c5-0293-4312-b961-c62ae992ea9f

==== INBOUND NEIGHBORS ======================================

CN=Schema,CN=Configuration,DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
Last attempt @ 2005-03-16 13:17.30 was successful.

CN=Configuration,DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
Last attempt @ 2005-03-16 13:18.01 was successful.

DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
Last attempt @ 2005-03-16 13:17.30 was successful.

==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============

CN=Schema,CN=Configuration,DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1

CN=Configuration,DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1

DC=Mydomain,DC=com
Mydomain\DC1 via RPC
objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1

Waiting for ur reply with patience
Regards
Baskaran B

"Paul Bergson" wrote:

> dcdiag /e /c /v /s:server name /f:c:\dcdiag.log
>
> when complete look at the dcdiag.log log
>
>
> "C:\program files\support tools\netdiag" /v /l
>
> when complete look at the netdiag.log file
>
>
> "C:\program files\support tools\repadmin" /replsum /bysrc /bydest
> /sort:D elta > c:\repadmin.log
>
> "C:\program files\support tools\repadmin" /showreps server name >>
> c:\repadmin.log
>
> When complete look at repadmin.log
>
> This should give you some details about failures
>
>
>
>
> These links might provide some additional info to help provide details about
> the tools
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;q265706
> http://support.microsoft.com/kb/229896
>
> Server tools should be available on your installation cd at d:\support\tools
>
>
> --
>
> Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> "Baskaran B" <BaskaranB@discussions.microsoft.com> wrote in message
> news:AE35A7AE-577F-466C-8678-B7E748A46703@microsoft.com...
> > Both the Dcs are AD integrated DNS servers, and both have "A" records and
> > "Ptr" records and both can contact through FQDN names. I have also tried
> > restarting Netlogon and frs services, but it doesnt works. i have tried
> the
> > options in the microsoft support Link and all the tests are successful. Is
> > there any way to recreate the Sysvol share. Iam getting failure result in
> > Domain Membership Test(Netdiag).Also the Dc is not advertising.
> >
> > "ptwilliams" wrote:
> >
> > > Is demoting this and starting again an option? If so, do that. ;-)
> > >
> > > Otherwise, point the remote DC to the working one for DNS (assuming the
> DC
> > > in the main office is your DNS server) and restart netlogon after
> ensuring
> > > that you've not disabled and/ or stopped the DHCP Client Service.
> > >
> > > In doing this the netlogon process will trigger the DHCP Client Service
> to
> > > register SRV records in DNS. You will also now be able to resolve the
> other
> > > DC.
> > >
> > > Try replicating and waiting. Then look at this:
> > > -- http://support.microsoft.com/?id=257338
> > >
> > >
> > > --
> > >
> > > Paul Williams
> > >
> > > http://www.msresource.net/
> > > http://forums.msresource.net/
> > >
> > >
> > >
>
>
>
Anonymous
March 16, 2005 7:15:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

OK, let's try a non-authorative restore of SYSVOL...

On the troublesome DC, drill down to this registry key (regedit):

HKLM\ SYSTEM\ CurrentControlSet\ Services\ NtFrs\ Parameters\
Backup/Restore\ Process at Startup

And set the BurFlags value to D2 (Hex)


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/


"Baskaran B" wrote:

> Dear Paul,
> I have tested my DNS with Nslookup for _ldap._tcp.dc._msdcs.domain-name srv
> record, and it sounds good, also netdiag /test:D ns is also completing without
> any errors.Hope my DNS is working properly.Mr Paul Bergson suggested for
> Dcdiag and netdiag utilities and i found some errors on it, i have pasted the
> error below.
>
> Domain name - Mydomain
> DC1 - Working DC
> DC2 - Problematic DC
>
> dcdiag /e /c /v /s:D C2 /f:c:\dcdiag.log
>
> Starting test: Advertising
> Warning: DsGetDcName returned information for \\DC1.Mydomain.com,
> when we were trying to reach DC2.
> Server is not responding or is not considered suitable.
> The DC DC2 is advertising itself as a DC and having a DS.
> The DC DC2 is advertising as an LDAP server
> The DC DC2 is advertising as having a writeable directory
> The DC DC2 is advertising as a Key Distribution Center
> The DC DC2 is advertising as a time server
> ......................... DC2 failed test Advertising
>
> netdiag /v /l
>
> Domain membership test . . . . . . : Failed
> [WARNING] Ths system volume has not been completely replicated to the
> local machine. This machine is not working properly as a DC.
> Machine is a . . . . . . . . . : Domain Controller
> Netbios Domain name. . . . . . : Mydomain
> Dns domain name. . . . . . . . : Mydomain.com
> Dns forest name. . . . . . . . : Mydomain.com
> Domain Guid. . . . . . . . . . : {0D3D00A0-167B-4649-A8B0-193CEA679424}
> Domain Sid . . . . . . . . . . : S-1-5-21-796845957-1035525444-725345543
> Logon User . . . . . . . . . . : balakrb1
> Logon Domain . . . . . . . . . : Mydomain
>
> result shows Failure in Domain Membership and Advertising tests.
> Waiting for ur reply with patience.
> Regards
> Baskaran B
>
> "ptwilliams" wrote:
>
> > The existence of A and PTR records simply proves that name-to-IP or
> > IP-to-name resolution works. Directory services are located through SRV
> > records, which these tests do not prove.
> >
> > The following will prove if DNS is working or not:
> >
> > C:\>nslookup
> > >set type=srv
> > >_ldap._tcp.dc._msdcs.domain-name
> >
> > OR
> >
> > C:\>netdiag /test:D ns
> >
> >
> > With regards to generating the SYSVOL, lets ensure that DNS *IS* fine first...
> >
> > We'll then look at how you can recreate SYSVOL.
> >
> >
> > --
> >
> > Paul Williams
> >
> > http://www.msresource.net/
> > http://forums.msresource.net/
> >
Anonymous
March 16, 2005 11:21:10 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

PT has you going I don't want to create two separate threads. It appears to
show a sysvol problem and he has you doing the right stuff. He is very
knowledgeable.

Best of luck.

--

Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.



"Baskaran B" <BaskaranB@discussions.microsoft.com> wrote in message
news:46F9C69E-89A8-4BC6-8F19-717384293053@microsoft.com...
> Dear Paul Bergson,
>
> I have tried the dcdiag and netdiag utilities and found some errors, i
have
> pasted the errors below,
>
> Domain - Mydomain
> Working Dc - DC1
> Problematic Dc - DC2
>
> dcdiag /e /c /v /s:D C2 /f:c:\dcdiag.log
>
> Starting test: Advertising
> Warning: DsGetDcName returned information for \\DC1.Mydomain.com,
> when we were trying to reach DC2.
> Server is not responding or is not considered suitable.
> The DC DC2 is advertising itself as a DC and having a DS.
> The DC DC2 is advertising as an LDAP server
> The DC DC2 is advertising as having a writeable directory
> The DC DC2 is advertising as a Key Distribution Center
> The DC DC2 is advertising as a time server
> ......................... DC2 failed test Advertising
>
> netdiag /v /l
>
> Domain membership test . . . . . . : Failed
> [WARNING] Ths system volume has not been completely replicated to the
> local machine. This machine is not working properly as a DC.
> Machine is a . . . . . . . . . : Domain Controller
> Netbios Domain name. . . . . . : Mydomain
> Dns domain name. . . . . . . . : Mydomain.com
> Dns forest name. . . . . . . . : Mydomain.com
> Domain Guid. . . . . . . . . . :
{0D3D00A0-167B-4649-A8B0-193CEA679424}
> Domain Sid . . . . . . . . . . :
S-1-5-21-796845957-1035525444-725345543
> Logon User . . . . . . . . . . : balakrb1
> Logon Domain . . . . . . . . . : Mydomain
>
> i have also checked Repadmin and it didnt show any errors, i also paste
the
> repadmin report,
>
> repadmin" /showreps DC2 >> c:\repadmin2.log
>
> Mydomain\DC2
> DSA Options : (none)
> objectGuid : 9a1a783a-903d-4fbb-9c41-f48861e06891
> invocationID: c610e3c5-0293-4312-b961-c62ae992ea9f
>
> ==== INBOUND NEIGHBORS ======================================
>
> CN=Schema,CN=Configuration,DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
> Last attempt @ 2005-03-16 13:17.30 was successful.
>
> CN=Configuration,DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
> Last attempt @ 2005-03-16 13:18.01 was successful.
>
> DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
> Last attempt @ 2005-03-16 13:17.30 was successful.
>
> ==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============
>
> CN=Schema,CN=Configuration,DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
>
> CN=Configuration,DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
>
> DC=Mydomain,DC=com
> Mydomain\DC1 via RPC
> objectGuid: b498d6d6-0552-4e70-8a1e-46fe67f899f1
>
> Waiting for ur reply with patience
> Regards
> Baskaran B
>
> "Paul Bergson" wrote:
>
> > dcdiag /e /c /v /s:server name /f:c:\dcdiag.log
> >
> > when complete look at the dcdiag.log log
> >
> >
> > "C:\program files\support tools\netdiag" /v /l
> >
> > when complete look at the netdiag.log file
> >
> >
> > "C:\program files\support tools\repadmin" /replsum /bysrc /bydest
> > /sort:D elta > c:\repadmin.log
> >
> > "C:\program files\support tools\repadmin" /showreps server name >>
> > c:\repadmin.log
> >
> > When complete look at repadmin.log
> >
> > This should give you some details about failures
> >
> >
> >
> >
> > These links might provide some additional info to help provide details
about
> > the tools
> > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q265706
> > http://support.microsoft.com/kb/229896
> >
> > Server tools should be available on your installation cd at
d:\support\tools
> >
> >
> > --
> >
> > Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
> >
> > This posting is provided "AS IS" with no warranties, and confers no
rights.
> >
> >
> >
> > "Baskaran B" <BaskaranB@discussions.microsoft.com> wrote in message
> > news:AE35A7AE-577F-466C-8678-B7E748A46703@microsoft.com...
> > > Both the Dcs are AD integrated DNS servers, and both have "A" records
and
> > > "Ptr" records and both can contact through FQDN names. I have also
tried
> > > restarting Netlogon and frs services, but it doesnt works. i have
tried
> > the
> > > options in the microsoft support Link and all the tests are
successful. Is
> > > there any way to recreate the Sysvol share. Iam getting failure result
in
> > > Domain Membership Test(Netdiag).Also the Dc is not advertising.
> > >
> > > "ptwilliams" wrote:
> > >
> > > > Is demoting this and starting again an option? If so, do that. ;-)
> > > >
> > > > Otherwise, point the remote DC to the working one for DNS (assuming
the
> > DC
> > > > in the main office is your DNS server) and restart netlogon after
> > ensuring
> > > > that you've not disabled and/ or stopped the DHCP Client Service.
> > > >
> > > > In doing this the netlogon process will trigger the DHCP Client
Service
> > to
> > > > register SRV records in DNS. You will also now be able to resolve
the
> > other
> > > > DC.
> > > >
> > > > Try replicating and waiting. Then look at this:
> > > > -- http://support.microsoft.com/?id=257338
> > > >
> > > >
> > > > --
> > > >
> > > > Paul Williams
> > > >
> > > > http://www.msresource.net/
> > > > http://forums.msresource.net/
> > > >
> > > >
> > > >
> >
> >
> >
Anonymous
March 17, 2005 1:29:01 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi Ptwilliams,
After doing this in the troublesome dc, should i restart it?
will the sysvol share and netlogon share will recreate?
should i revert back the registry change once the shares get recreated? or
any thing else should i do ..
wiating for ur reply..

Regards
Baskaran B

"ptwilliams" wrote:

> OK, let's try a non-authorative restore of SYSVOL...
>
> On the troublesome DC, drill down to this registry key (regedit):
>
> HKLM\ SYSTEM\ CurrentControlSet\ Services\ NtFrs\ Parameters\
> Backup/Restore\ Process at Startup
>
> And set the BurFlags value to D2 (Hex)
>
>
> --
>
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>
> "Baskaran B" wrote:
>
> > Dear Paul,
> > I have tested my DNS with Nslookup for _ldap._tcp.dc._msdcs.domain-name srv
> > record, and it sounds good, also netdiag /test:D ns is also completing without
> > any errors.Hope my DNS is working properly.Mr Paul Bergson suggested for
> > Dcdiag and netdiag utilities and i found some errors on it, i have pasted the
> > error below.
> >
> > Domain name - Mydomain
> > DC1 - Working DC
> > DC2 - Problematic DC
> >
> > dcdiag /e /c /v /s:D C2 /f:c:\dcdiag.log
> >
> > Starting test: Advertising
> > Warning: DsGetDcName returned information for \\DC1.Mydomain.com,
> > when we were trying to reach DC2.
> > Server is not responding or is not considered suitable.
> > The DC DC2 is advertising itself as a DC and having a DS.
> > The DC DC2 is advertising as an LDAP server
> > The DC DC2 is advertising as having a writeable directory
> > The DC DC2 is advertising as a Key Distribution Center
> > The DC DC2 is advertising as a time server
> > ......................... DC2 failed test Advertising
> >
> > netdiag /v /l
> >
> > Domain membership test . . . . . . : Failed
> > [WARNING] Ths system volume has not been completely replicated to the
> > local machine. This machine is not working properly as a DC.
> > Machine is a . . . . . . . . . : Domain Controller
> > Netbios Domain name. . . . . . : Mydomain
> > Dns domain name. . . . . . . . : Mydomain.com
> > Dns forest name. . . . . . . . : Mydomain.com
> > Domain Guid. . . . . . . . . . : {0D3D00A0-167B-4649-A8B0-193CEA679424}
> > Domain Sid . . . . . . . . . . : S-1-5-21-796845957-1035525444-725345543
> > Logon User . . . . . . . . . . : balakrb1
> > Logon Domain . . . . . . . . . : Mydomain
> >
> > result shows Failure in Domain Membership and Advertising tests.
> > Waiting for ur reply with patience.
> > Regards
> > Baskaran B
> >
> > "ptwilliams" wrote:
> >
> > > The existence of A and PTR records simply proves that name-to-IP or
> > > IP-to-name resolution works. Directory services are located through SRV
> > > records, which these tests do not prove.
> > >
> > > The following will prove if DNS is working or not:
> > >
> > > C:\>nslookup
> > > >set type=srv
> > > >_ldap._tcp.dc._msdcs.domain-name
> > >
> > > OR
> > >
> > > C:\>netdiag /test:D ns
> > >
> > >
> > > With regards to generating the SYSVOL, lets ensure that DNS *IS* fine first...
> > >
> > > We'll then look at how you can recreate SYSVOL.
> > >
> > >
> > > --
> > >
> > > Paul Williams
> > >
> > > http://www.msresource.net/
> > > http://forums.msresource.net/
> > >
Anonymous
March 17, 2005 11:38:53 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Sorry, my instructions were a little vague.

Stop NtFrs
Change the reg value
Start NtFrs
Wait ten minutes.
Look at the NtFrs event logs.

Rebooting won't hurt at this point ;-)


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
Anonymous
March 18, 2005 12:59:03 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi,
I have done the instructions given by u.Following is the observations,
Event id-13565 :FRS initialized System Volume
Event id-13553 :FRS added the computer to replica set
Event id-13554 :FRS added connections to replica set
outbound connection to DC1
inbound connection from DC1

after this i got the usual warning Event 13508: FRS is having trouble
enabling replication ftom DC1.

I have checked for RPC connectivity between the two DCs by RPC Ping utility
and found RPC connectivity fine.
In my working DC, DC1 there is only Sysvol share and there is no Netlogon
share. will this be any problem?
what should i do next?
waiting for ur reply
Regards
Baskaran B

"ptwilliams" wrote:

> Sorry, my instructions were a little vague.
>
> Stop NtFrs
> Change the reg value
> Start NtFrs
> Wait ten minutes.
> Look at the NtFrs event logs.
>
> Rebooting won't hurt at this point ;-)
>
>
> --
>
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>
>
Anonymous
March 19, 2005 4:50:57 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Wait a while. Restart NtFrs.

If it's having trouble replicating and we've proved DNS is OK, then it could
well be physical topology issues.


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
Anonymous
May 4, 2005 6:06:13 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I picked up on this issue after searching on "dsgetdcname". I'm getting the
same error when running DCDIAG. It looks like this was never resolved. I've
followed all the steps in this thread that I can. Any more suggestions?

"ptwilliams" wrote:

> Wait a while. Restart NtFrs.
>
> If it's having trouble replicating and we've proved DNS is OK, then it could
> well be physical topology issues.
>
>
> --
>
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>
>
Anonymous
May 6, 2005 9:05:23 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi Nick,

Can you please elaborate on your problem, and what issues you are seeing?

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net
Anonymous
May 6, 2005 9:05:24 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Glad to. Thanks for picking up on my request.

We are trying to add a domain controller to an existing 2000 domain. There
is currently only one DC on the domain. I believe, although I'm not sure,
that it may have been a domain upgraded from NT 4.0 years ago.

Joining the domain works fine. Promoting to DC seems to be fine but further
investigation reveals that Sysvol/netlogon shares are not replicated and
browsing is sometimes now a problem on the domain (This may be dependent on
what DC authenticates the logon?)

Running DCDIAG reports the errors:

Starting test: Advertising
Warning: DsGetDcName returned information for
\\wilke1.WHQ.wilkecpa.com, when we were trying to reach WILKE2.
Server is not responding or is not considered suitable.
......................... WILKE2 failed test Advertising

Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... WILKE2 passed test frssysvol

Starting test: systemlog
An Error Event occured. EventID: 0xC0001F60
Time Generated: 05/06/2005 11:55:03
Event String: The browser service has failed to retrieve the

......................... WILKE2 failed test systemlog

Note the domain name "whq.wilkecpa.com". Is that alright?

Thanks in advance, looking forward to hearing from you.

"ptwilliams" wrote:

> Hi Nick,
>
> Can you please elaborate on your problem, and what issues you are seeing?
>
> --
> Paul Williams
> Microsoft MVP - Windows Server - Directory Services
> http://www.msresource.net | http://forums.msresource.net
>
>
>
>
Anonymous
May 10, 2005 1:09:00 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi Nick,

Run netdiag /test:D ns

Point the DC at the internal DNS server (usually the DC) and restart
NETLOGON after ensuring that the DNS zone accepts dynamic updates and the
DHCP Client service is running on the DCs.

Does the AD DNS name, and the DNS zone name match? If not, have a look at
this:
-- http://www.msresource.net/content/view/40/46/

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net
Anonymous
May 12, 2005 3:38:03 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Thanks for all your help on this. I ended up opening a support call on the
issue. It turned out that I was suffering from NTFRS problems, resulting
from insufficient space on the system partition. We moved SYSVOL to another
partition, fixed NTFRS problems, things are working.

"ptwilliams" wrote:

> Hi Nick,
>
> Run netdiag /test:D ns
>
> Point the DC at the internal DNS server (usually the DC) and restart
> NETLOGON after ensuring that the DNS zone accepts dynamic updates and the
> DHCP Client service is running on the DCs.
>
> Does the AD DNS name, and the DNS zone name match? If not, have a look at
> this:
> -- http://www.msresource.net/content/view/40/46/
>
> --
> Paul Williams
> Microsoft MVP - Windows Server - Directory Services
> http://www.msresource.net | http://forums.msresource.net
>
>
>
!