Hi Robert,
I'm openning ADUC from server.
1) I checked RID Master is available. (it is the RID master, there is no other DC on this domain)
2) i attached the dcdiag file.
Thanks for your interest.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
DC Diagnosis Performing initial setup: * Verifing that the local machine ntserver, is a DC. * Connecting to directory service on server ntserver. * Collecting site info. * Identifying all servers. * Found 4 DC(s). Testing 1 of them. Done gathering initial info.
Doing initial non skippeable tests Testing server: Default-First-Site-Name\NTSERVER Starting test: Connectivity * Active Directory LDAP Services Check * Active Directory RPC Services Check ......................... NTSERVER passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\NTSERVER Starting test: Replications * Replications Check [Replications Check,NTSERVER] A recent replication attempt failed: From EX_pak2 to NTSERVER Naming Context: CN=Schema,CN=Configuration,DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.47. The last success occurred at 2003-09-18 18:12.59. 8051 failures have occurred since the last success. The guid-based DNS name d13d4211-36e1-4f95-903c-a1cc5912c367._msdcs.pak.info is not registered on one or more DNS servers. [EX_pak2] DsBind() failed with error 1722, Win32 Error 1722. [Replications Check,NTSERVER] A recent replication attempt failed: From EX2pak to NTSERVER Naming Context: CN=Schema,CN=Configuration,DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.50. The last success occurred at 2003-10-16 11:48.47. 7379 failures have occurred since the last success. The guid-based DNS name a84dad48-3f52-49e9-a2bc-051e28fa43a8._msdcs.pak.info is not registered on one or more DNS servers. [EX2pak] DsBind() failed with error 1722, Win32 Error 1722. [Replications Check,NTSERVER] A recent replication attempt failed: From EX_pak2 to NTSERVER Naming Context: CN=Configuration,DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.41. The last success occurred at 2003-09-18 18:20.05. 8051 failures have occurred since the last success. The guid-based DNS name d13d4211-36e1-4f95-903c-a1cc5912c367._msdcs.pak.info is not registered on one or more DNS servers. [Replications Check,NTSERVER] A recent replication attempt failed: From EX2pak to NTSERVER Naming Context: CN=Configuration,DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.44. The last success occurred at 2003-10-16 12:05.19. 7379 failures have occurred since the last success. The guid-based DNS name a84dad48-3f52-49e9-a2bc-051e28fa43a8._msdcs.pak.info is not registered on one or more DNS servers. [Replications Check,NTSERVER] A recent replication attempt failed: From EX_pak2 to NTSERVER Naming Context: DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.35. The last success occurred at 2003-09-18 18:15.02. 8052 failures have occurred since the last success. The guid-based DNS name d13d4211-36e1-4f95-903c-a1cc5912c367._msdcs.pak.info is not registered on one or more DNS servers. [Replications Check,NTSERVER] A recent replication attempt failed: From EX2pak to NTSERVER Naming Context: DC=pak,DC=info The replication generated an error (8524): Win32 Error 8524 The failure occurred at 2004-08-20 14:54.38. The last success occurred at 2003-10-16 12:04.33. 7379 failures have occurred since the last success. The guid-based DNS name a84dad48-3f52-49e9-a2bc-051e28fa43a8._msdcs.pak.info is not registered on one or more DNS servers. ......................... NTSERVER passed test Replications Test omitted by user request: Topology Test omitted by user request: CutoffServers Starting test: NCSecDesc * Security Permissions Check for CN=Schema,CN=Configuration,DC=pak,DC=info * Security Permissions Check for CN=Configuration,DC=pak,DC=info * Security Permissions Check for DC=pak,DC=info ......................... NTSERVER passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check ......................... NTSERVER passed test NetLogons Starting test: Advertising The DC NTSERVER is advertising itself as a DC and having a DS. The DC NTSERVER is advertising as an LDAP server The DC NTSERVER is advertising as having a writeable directory The DC NTSERVER is advertising as a Key Distribution Center The DC NTSERVER is advertising as a time server The DS NTSERVER is advertising as a GC. ......................... NTSERVER passed test Advertising Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Role Domain Owner = CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Role PDC Owner = CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Role Rid Owner = CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Role Infrastructure Update Owner = CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info ......................... NTSERVER passed test KnowsOfRoleHolders Starting test: RidManager * Available RID Pool for the Domain is 6796 to 1073741823 * ntserver.pak.info is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 3796 to 4295 * rIDNextRID: 0 The DS has corrupt data: rIDPreviousAllocationPool value is not valid * rIDPreviousAllocationPool is 0 to 0 No rids allocated -- please check eventlog. ......................... NTSERVER failed test RidManager Starting test: MachineAccount * SPN found :LDAP/ntserver.pak.info/pak.info * SPN found :LDAP/ntserver.pak.info * SPN found :LDAP/NTSERVER * SPN found :LDAP/ntserver.pak.info/akat * SPN found :LDAP/4686c43d-de3a-4eec-afff-aaccd5181861._msdcs.pak.info * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/4686c43d-de3a-4eec-afff-aaccd5181861/pak.info * SPN found :HOST/ntserver.pak.info/pak.info * SPN found :HOST/ntserver.pak.info * SPN found :HOST/NTSERVER * SPN found :HOST/ntserver.pak.info/akat * SPN found :GC/ntserver.pak.info/pak.info ......................... NTSERVER passed test MachineAccount Starting test: Services * Checking Service: Dnscache * Checking Service: NtFrs * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: RpcSs * Checking Service: RPCLOCATOR * Checking Service: w32time * Checking Service: TrkWks * Checking Service: TrkSvr * Checking Service: NETLOGON ......................... NTSERVER passed test Services Test omitted by user request: OutboundSecureChannels Starting test: ObjectsReplicated NTSERVER is in domain DC=pak,DC=info Checking for CN=NTSERVER,OU=Domain Controllers,DC=pak,DC=info in domain DC=pak,DC=info on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=NTSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info in domain CN=Configuration,DC=pak,DC=info on 1 servers Object is up-to-date on all servers. ......................... NTSERVER passed test ObjectsReplicated Starting test: frssysvol * The File Replication Service Event log test The SYSVOL has been shared, and the AD is no longer prevented from starting by the File Replication Service. There are errors after the SYSVOL has been shared. The SYSVOL can prevent the AD from starting. An Warning Event occured. EventID: 0x800034FA Time Generated: 08/19/2004 22:41:38 Event String: Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller ntserver.pak.info for FRS replica set configuration information. The nTFRSMember object cn=ex_pak2,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=pak,dc=info has a invalid value for the attribute frsinfoputerReference. The nTFRSMember object cn=ex2kpak,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=pak,dc=info has a invalid value for the attribute frsinfoputerReference. An Warning Event occured. EventID: 0x800034C4 Time Generated: 08/19/2004 22:43:25 Event String: The File Replication Service is having trouble enabling replication from EX2pak to NTSERVER for c:\winnt\sysvol\domain using the DNS name ex2pak.pak.info. FRS will keep retrying. Following are some of the reasons you would see this warning. [1] FRS can not correctly resolve the DNS name ex2pak.pak.info from this infoputer. [2] FRS is not running on ex2pak.pak.info. [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers. This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established. ......................... NTSERVER passed test frssysvol Starting test: kccevent * The KCC Event log test An Warning Event occured. EventID: 0x800004F1 Time Generated: 08/20/2004 15:42:43 Event String: The attempt to establish a replication link with parameters Partition: DC=pak,DC=info Source DSA DN: CN=NTDS Settings,CN=EX2Kpak,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Source DSA Address: ace6ed30-713d-43d7-a684-0b4fe1319009._msdcs.pak.info Inter-site Transport (if any): failed with the following status: The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried. An Warning Event occured. EventID: 0x800004F1 Time Generated: 08/20/2004 15:42:46 Event String: The attempt to establish a replication link with parameters Partition: CN=Configuration,DC=pak,DC=info Source DSA DN: CN=NTDS Settings,CN=EX2Kpak,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Source DSA Address: ace6ed30-713d-43d7-a684-0b4fe1319009._msdcs.pak.info Inter-site Transport (if any): failed with the following status: The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried. An Warning Event occured. EventID: 0x800004F1 Time Generated: 08/20/2004 15:42:49 Event String: The attempt to establish a replication link with parameters Partition: CN=Schema,CN=Configuration,DC=pak,DC=info Source DSA DN: CN=NTDS Settings,CN=EX2Kpak,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pak,DC=info Source DSA Address: ace6ed30-713d-43d7-a684-0b4fe1319009._msdcs.pak.info Inter-site Transport (if any): failed with the following status: The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried. ......................... NTSERVER failed test kccevent Starting test: systemlog * The System Event log test An Error Event occured. EventID: 0x0000410A Time Generated: 08/20/2004 14:49:31 (Event String could not be retrieved) An Error Event occured. EventID: 0x0000410A Time Generated: 08/20/2004 15:20:31 (Event String could not be retrieved) ......................... NTSERVER failed test systemlog Running enterprise tests on : pak.info Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the infomand line arguments provided. ......................... pak.info passed test Intersite Starting test: FsmoCheck GC Name: \\ntserver.pak.info Locator Flags: 0xe00001fd PDC Name: \\ntserver.pak.info Locator Flags: 0xe00001fd Time Server Name: \\ntserver.pak.info Locator Flags: 0xe00001fd Preferred Time Server Name: \\ntserver.pak.info Locator Flags: 0xe00001fd KDC Name: \\ntserver.pak.info Locator Flags: 0xe00001fd ......................... pak.info passed test FsmoCheck