Dear Experts,
I am getting this event id 16650. Actually, itz a newly promoted Domain Controller in the forest mean to say,itz an additional domain controller. While I was promoting, before it completed the promotion, accidently, they system got restarted. I have then renamed the machine + deleted the NTDS folder + deleted from sites&services and then promoted it again. It was succesfull but not all the records are created in DNS.
The evend id 16650 description is "The account-identifier allocator failed to initialize properly. The record data contains the NT error code that caused the failure. Windows 2000 will retry the initialization until it succeeds; until that time, account creation will be denied on this Domain Controller. Please look for other SAM event logs that may indicate the exact reason for the failure."
This machine is holding all the FSMO roles + RID pool too.
Where can I find SAM log for the exact reason of failure. I am attaching dcdiag/v test.
How can I resolve this issue without demoting this again.??
Awaiting your thoughts on this issue.
Regards,
Mohammed Athif Khaleel
Asst.Network Engineer
AlFaisaliah Group Information Technology
Tel.: +966-1-461-0077 x.209
Moble.: +966-59774015
Email: [EMAIL PROTECTED]
"Save Internet, Keep all the systems patched"
<<Dcdiag.txt>>
-----------------------------------------------------
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom/which they are addressed. If you have received this email in error please notify the system manager at the following email address: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Al Faisaliah Group. Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, arrive late or contain viruses. The sender therefore does not accept liability for any errors or omissions in the context of this message, which arise as a result of Internet transmission. Finally, the recipient should check this email and any attachments for the presence of viruses. Al Faisaliah Group accepts no liability for any damage caused by any virus transmitted by this email.
-----------------------------------------------------
DC Diagnosis Performing initial setup: * Verifing that the local machine DCWINS, is a DC. * Connecting to directory service on server DCWINS. * Collecting site info. * Identifying all servers. * Found 20 DC(s). Testing 1 of them. Done gathering initial info.
Doing initial non skippeable tests
Testing server: RiyadhSite\DCWINS
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... DCWINS passed test Connectivity
Doing primary tests
Testing server: RiyadhSite\DCWINS
Starting test: Replications
* Replications Check
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC02] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC02] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC02] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
[Replications Check,AFGDC1] DsReplicaGetInfo(REPSTO) failed with error 8453,
Replication access was denied..
......................... DCWINS passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=riyadh,DC=afg,DC=com
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=afg,DC=com
* Security Permissions Check for
CN=Configuration,DC=afg,DC=com
* Security Permissions Check for
DC=sdairy_khj,DC=afg,DC=com
* Security Permissions Check for
DC=khobar,DC=afg,DC=com
* Security Permissions Check for
DC=jeddah,DC=afg,DC=com
* Security Permissions Check for
DC=afg,DC=com
......................... DCWINS passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... DCWINS passed test NetLogons
Starting test: Advertising
The DC DCWINS is advertising itself as a DC and having a DS.
The DC DCWINS is advertising as an LDAP server
The DC DCWINS is advertising as having a writeable directory
The DC DCWINS is advertising as a Key Distribution Center
The DC DCWINS is advertising as a time server
The DS DCWINS is advertising as a GC.
......................... DCWINS passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=AFGDC1,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com
Role Domain Owner = CN=NTDS
Settings,CN=AFGDC1,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com
Role PDC Owner = CN=NTDS
Settings,CN=DCWINS,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com
Role Rid Owner = CN=NTDS
Settings,CN=DCWINS,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=RYD_DC3,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com
......................... DCWINS passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 14451 to 1073741823
* DCWINS.riyadh.afg.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 13951 to 14450
* rIDNextRID: 13951
* rIDPreviousAllocationPool is 13951 to 14450
......................... DCWINS passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/DCWINS.riyadh.afg.com/riyadh.afg.com
* SPN found :LDAP/DCWINS.riyadh.afg.com
* SPN found :LDAP/DCWINS
* SPN found :LDAP/DCWINS.riyadh.afg.com/RIYADH
* SPN found :LDAP/6233467c-f0b4-431f-bdd7-c87be2609091._msdcs.afg.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/6233467c-f0b4-431f-bdd7-c87be2609091/riyadh.afg.com
* SPN found :HOST/DCWINS.riyadh.afg.com/riyadh.afg.com
* SPN found :HOST/DCWINS.riyadh.afg.com
* SPN found :HOST/DCWINS
* SPN found :HOST/DCWINS.riyadh.afg.com/RIYADH
* SPN found :GC/DCWINS.riyadh.afg.com/afg.com
......................... DCWINS passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
......................... DCWINS passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
DCWINS is in domain DC=riyadh,DC=afg,DC=com
Checking for CN=DCWINS,OU=Domain Controllers,DC=riyadh,DC=afg,DC=com in
domain DC=riyadh,DC=afg,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=DCWINS,CN=Servers,CN=RiyadhSite,CN=Sites,CN=Configuration,DC=afg,DC=com in
domain CN=Configuration,DC=afg,DC=com on 1 servers
Object is up-to-date on all servers.
......................... DCWINS passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 03:18:58
Event String: The File Replication Service is having trouble
enabling replication from RYD-DC1 to DCWINS for
c:\winnt\sysvol\domain using the DNS name
ryd-dc1.riyadh.afg.com. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
ryd-dc1.riyadh.afg.com from this computer.
[2] FRS is not running on
ryd-dc1.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 03:19:04
Event String: The File Replication Service is having trouble
enabling replication from AFPDC001 to DCWINS for
c:\winnt\sysvol\domain using the DNS name
AFPDC001.riyadh.afg.com. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
AFPDC001.riyadh.afg.com from this computer.
[2] FRS is not running on
AFPDC001.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 03:20:05
Event String: The File Replication Service is having trouble
enabling replication from RIY04-DC01 to DCWINS
for c:\winnt\sysvol\domain using the DNS name
RIY04-DC01.riyadh.afg.com. FRS will keep
retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
RIY04-DC01.riyadh.afg.com from this computer.
[2] FRS is not running on
RIY04-DC01.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 05:39:03
Event String: The File Replication Service is having trouble
enabling replication from MEGA-DC1 to DCWINS for
c:\winnt\sysvol\domain using the DNS name
mega-dc1.riyadh.afg.com. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
mega-dc1.riyadh.afg.com from this computer.
[2] FRS is not running on
mega-dc1.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 05:39:04
Event String: The File Replication Service is having trouble
enabling replication from RYD_DC3 to DCWINS for
c:\winnt\sysvol\domain using the DNS name
ryd_dc3.riyadh.afg.com. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
ryd_dc3.riyadh.afg.com from this computer.
[2] FRS is not running on
ryd_dc3.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 04/24/2004 05:42:45
Event String: The File Replication Service has enabled
replication from MEGA-DC1 to DCWINS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 04/24/2004 05:44:57
Event String: The File Replication Service has enabled
replication from RYD_DC3 to DCWINS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 04/24/2004 09:12:29
Event String: The File Replication Service has enabled
replication from RIY04-DC01 to DCWINS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/24/2004 15:34:25
Event String: The File Replication Service is having trouble
enabling replication from SAFISULAIDC1 to DCWINS
for c:\winnt\sysvol\domain using the DNS name
safisulaidc1.riyadh.afg.com. FRS will keep
retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
safisulaidc1.riyadh.afg.com from this computer.
[2] FRS is not running on
safisulaidc1.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
An Warning Event occured. EventID: 0x800034C5
Time Generated: 04/24/2004 15:43:02
Event String: The File Replication Service has enabled
replication from SAFISULAIDC1 to DCWINS for
c:\winnt\sysvol\domain after repeated retries.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 04/25/2004 04:45:23
Event String: The File Replication Service is having trouble
enabling replication from RYD-DC1 to DCWINS for
c:\winnt\sysvol\domain using the DNS name
ryd-dc1.riyadh.afg.com. FRS will keep retrying.
Following are some of the reasons you would see
this warning.
[1] FRS can not correctly resolve the DNS name
ryd-dc1.riyadh.afg.com from this computer.
[2] FRS is not running on
ryd-dc1.riyadh.afg.com.
[3] The topology information in the Active
Directory for this replica has not yet replicated
to all the Domain Controllers.
This event log message will appear once per
connection, After the problem is fixed you will
see another event log message indicating that the
connection has been established.
......................... DCWINS passed test frssysvol
Starting test: kccevent
* The KCC Event log test
An Information Event occured. EventID: 0x40000456
Time Generated: 04/25/2004 11:11:06
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000677
Time Generated: 04/25/2004 11:11:06
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:17
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:21
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:21
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:22
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:25
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:28
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:31
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:32
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:34
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:40
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:41
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:45
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:49
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:11:52
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:46
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800004F1
Time Generated: 04/25/2004 11:21:47
(Event String could not be retrieved)
......................... DCWINS failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:23:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:25:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:27:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:29:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:31:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:33:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:35:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:37:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000044F
Time Generated: 04/25/2004 10:38:47
Event String: An internal communication error occurred.
Redirected printing will no longer function.
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:39:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:41:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:43:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:45:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000410A
Time Generated: 04/25/2004 10:47:35
(Event String could not be retrieved)
......................... DCWINS failed test systemlog
Running enterprise tests on : afg.com
Starting test: Intersite
Skipping site KhobarSite, this site is outside the scope provided by
the command line arguments provided.
Skipping site KharjSite, this site is outside the scope provided by
the command line arguments provided.
Skipping site JeddahSite, this site is outside the scope provided by
the command line arguments provided.
Skipping site RiyadhSite, this site is outside the scope provided by
the command line arguments provided.
......................... afg.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\DCWINS.riyadh.afg.com
Locator Flags: 0xe00001fd
PDC Name: \\DCWINS.riyadh.afg.com
Locator Flags: 0xe00001fd
Time Server Name: \\DCWINS.riyadh.afg.com
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\DCWINS.riyadh.afg.com
Locator Flags: 0xe00001fd
KDC Name: \\DCWINS.riyadh.afg.com
Locator Flags: 0xe00001fd
......................... afg.com passed test FsmoCheck
