unable to find domain controller in the domain

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi,
I have two 2000 server domain controller with SP4 named DCAEXCH1 and
DCAFPSVR. Both are GC, and DCAEXCH1 also serve as exchange server and PDC
emulator master role holder.
Previously the two server unable to replicate with each other, give "access
denied " error msg when running dcdiag /q on DCAEXCH1, then I used netdom.exe
and the instruction specified from the link
(http://support.microsoft.com/kb/260575/EN-US) to reset my DCAEXCH1 computer
account password. What I did are below:

1. Stop KDC on DCAEXCH1
2. Issue the command netdom with correct parameter.
3. restart DCAEXCH1
4. Restart KDC.

Then run dcdiag /q on DCAEXCH1, got the following err :

[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context: CN=Schema,CN=Configuration,DC=dcadcas,DC=com
The replication generated an error (1908):
Could not find the domain controller for this domain.
The failure occurred at 2005-08-25 14:49.07.
The last success occurred at 2005-05-11 22:50.35.
2555 failures have occurred since the last success.
Kerberos Error.
A KDC was not found to authenticate the call.
Check that sufficient domain controllers are available.
[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context: CN=Configuration,DC=dcadcas,DC=com
The replication generated an error (1908):
Could not find the domain controller for this domain.
The failure occurred at 2005-08-25 14:49.07.
The last success occurred at 2005-05-11 23:12.20.
2555 failures have occurred since the last success.
Kerberos Error.
A KDC was not found to authenticate the call.
Check that sufficient domain controllers are available.
[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context: DC=dcadcas,DC=com
The replication generated an error (1908):
Could not find the domain controller for this domain.
The failure occurred at 2005-08-25 14:49.07.
The last success occurred at 2005-05-11 22:50.35.
2567 failures have occurred since the last success.
Kerberos Error.
A KDC was not found to authenticate the call.
Check that sufficient domain controllers are available.

Questions
1. Can I run netdom.exe to reset computer account password on the DC that
hold PDC emulator master role. Because i check other document, all said run
this command on the dc that not the PDC emulator. then where are the KDC
information stored). or where I did wrongly?
2. How can I verify my two DC are correctly running , what tools can help?
3. Any way can solve this problem?

Also paste the old output of command DCDIAG /Q which running on the same
server (DCAEXCH1) before I reset my computer account password:

[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context:
CN=Schema,CN=Configuration,DC=dcadcas,DC=com
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-08-18 13:46.26.
The last success occurred at 2005-05-11 22:50.35.
2378 failures have occurred since the last success.

[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context: CN=Configuration,DC=dcadcas,DC=com
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-08-18 13:46.03.
The last success occurred at 2005-05-11 23:12.20.
2378 failures have occurred since the last success.

[Replications Check,DCAEXCH1] A recent replication attempt failed:
From DCAFPSVR to DCAEXCH1
Naming Context: DC=dcadcas,DC=com
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-08-18 13:45.40.
The last success occurred at 2005-05-11 22:50.35.
2378 failures have occurred since the last success.

There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:56:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:56:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:56:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:09
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:32
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:55
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:55
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:55
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 08/18/2005 13:57:55
(Event String could not be retrieved)
.......................... DCAEXCH1 failed test kccevent


Very appreciate your kind help.

Rgds

Shermaine
1 answer Last reply
More about unable find domain controller domain
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    I have to run out so can't read and answer carefully but almost
    all such problems start in DNS trouble, so check the following,
    especically that your DCs are ALL STRICTLY DNS clients
    (themselves) of ONLY the internal DNS server (set) -- and the
    DNS servers themselves must be replicating the zone.

    IF you are using AD integrated DNS though, and the DNS AND
    AD are not replicated you are in a "catch-22" so temporarily
    point every DC to a single (favored master) DC-DNS, get them
    all registered in a single database.

    The rest is my standard suggestions on DNS for AD:

    1) Dynamic for the zone supporting AD
    2) All internal DNS clients NIC\IP properties must specify SOLELY
    that internal, dynamic DNS server (set.)
    3) DCs and even DNS servers are DNS clients too -- see #2
    4) If you have more than one Domain, every DNS server must
    be able to resolve ALL domains (either directly or indirectly)

    netdiag /fix

    ....or maybe:

    dcdiag /fix

    (Win2003 can do this from Support tools):
    nltest /dsregdns /server:DC-ServerNameGoesHere
    http://support.microsoft.com/kb/q260371/

    Ensure that DNS zones/domains are fully replicated to all DNS
    servers for that (internal) zone/domain.

    Also useful may be running DCDiag on each DC, sending the
    output to a text file, and searching for FAIL, ERROR, WARN.

    Single Label domain zone names are a problem Google:
    [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


    --
    Herb Martin, MCSE, MVP
    Accelerated MCSE
    http://www.LearnQuick.Com
    [phone number on web site]

    "xiaomei" <xiaomei@discussions.microsoft.com> wrote in message
    news:C2424E53-C0DF-4F69-A2BF-1C40199B35AA@microsoft.com...
    > Hi,
    > I have two 2000 server domain controller with SP4 named DCAEXCH1 and
    > DCAFPSVR. Both are GC, and DCAEXCH1 also serve as exchange server and PDC
    > emulator master role holder.
    > Previously the two server unable to replicate with each other, give
    > "access
    > denied " error msg when running dcdiag /q on DCAEXCH1, then I used
    > netdom.exe
    > and the instruction specified from the link
    > (http://support.microsoft.com/kb/260575/EN-US) to reset my DCAEXCH1
    > computer
    > account password. What I did are below:
    >
    > 1. Stop KDC on DCAEXCH1
    > 2. Issue the command netdom with correct parameter.
    > 3. restart DCAEXCH1
    > 4. Restart KDC.
    >
    > Then run dcdiag /q on DCAEXCH1, got the following err :
    >
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context: CN=Schema,CN=Configuration,DC=dcadcas,DC=com
    > The replication generated an error (1908):
    > Could not find the domain controller for this domain.
    > The failure occurred at 2005-08-25 14:49.07.
    > The last success occurred at 2005-05-11 22:50.35.
    > 2555 failures have occurred since the last success.
    > Kerberos Error.
    > A KDC was not found to authenticate the call.
    > Check that sufficient domain controllers are available.
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context: CN=Configuration,DC=dcadcas,DC=com
    > The replication generated an error (1908):
    > Could not find the domain controller for this domain.
    > The failure occurred at 2005-08-25 14:49.07.
    > The last success occurred at 2005-05-11 23:12.20.
    > 2555 failures have occurred since the last success.
    > Kerberos Error.
    > A KDC was not found to authenticate the call.
    > Check that sufficient domain controllers are available.
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context: DC=dcadcas,DC=com
    > The replication generated an error (1908):
    > Could not find the domain controller for this domain.
    > The failure occurred at 2005-08-25 14:49.07.
    > The last success occurred at 2005-05-11 22:50.35.
    > 2567 failures have occurred since the last success.
    > Kerberos Error.
    > A KDC was not found to authenticate the call.
    > Check that sufficient domain controllers are available.
    >
    > Questions
    > 1. Can I run netdom.exe to reset computer account password on the DC that
    > hold PDC emulator master role. Because i check other document, all said
    > run
    > this command on the dc that not the PDC emulator. then where are the KDC
    > information stored). or where I did wrongly?
    > 2. How can I verify my two DC are correctly running , what tools can help?
    > 3. Any way can solve this problem?
    >
    > Also paste the old output of command DCDIAG /Q which running on the same
    > server (DCAEXCH1) before I reset my computer account password:
    >
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context:
    > CN=Schema,CN=Configuration,DC=dcadcas,DC=com
    > The replication generated an error (5):
    > Access is denied.
    > The failure occurred at 2005-08-18 13:46.26.
    > The last success occurred at 2005-05-11 22:50.35.
    > 2378 failures have occurred since the last success.
    >
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context: CN=Configuration,DC=dcadcas,DC=com
    > The replication generated an error (5):
    > Access is denied.
    > The failure occurred at 2005-08-18 13:46.03.
    > The last success occurred at 2005-05-11 23:12.20.
    > 2378 failures have occurred since the last success.
    >
    > [Replications Check,DCAEXCH1] A recent replication attempt failed:
    > From DCAFPSVR to DCAEXCH1
    > Naming Context: DC=dcadcas,DC=com
    > The replication generated an error (5):
    > Access is denied.
    > The failure occurred at 2005-08-18 13:45.40.
    > The last success occurred at 2005-05-11 22:50.35.
    > 2378 failures have occurred since the last success.
    >
    > There are errors after the SYSVOL has been shared.
    > The SYSVOL can prevent the AD from starting.
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:56:46
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:56:46
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:56:46
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:09
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:32
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:55
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:55
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:55
    > (Event String could not be retrieved)
    > An Warning Event occured. EventID: 0x800004F1
    > Time Generated: 08/18/2005 13:57:55
    > (Event String could not be retrieved)
    > ......................... DCAEXCH1 failed test kccevent
    >
    >
    > Very appreciate your kind help.
    >
    > Rgds
    >
    > Shermaine
Ask a new question

Read More

Domain Domain Controller Active Directory Windows