Hieronder de dcdiag /v die ik heb uitgevoerd. Hierin is o.a. te zien dat er gisterenmiddag nog is gerepliceerd met de primary DC (src-fs01). De secondary DC zorg er wel voor dat de gebruikers kunnen aanloggen op het domein, echter kan ik dus geen group policy's aanpassen en het valt me ook op dat de netwerk mapping scripts niet meer worden gestart.
Overigens krijg ik de volgende melding wanneer ik probeer een grouppolicy te wijzigen:
Domain controller nog found for src.local
The domain controller for group policy operations is not available. You may cancel this operation for this session or retry using one of the following domain controller choises:
- The one with the operartions Master token for the PDC emulator
- The onde used by the Active Directory Snap-ins
- Use any available domain controller
Ik kan overigens niets meer doen met het overzetten van FSMO rollen, gezien de primary DC fysiek kapot is.
--------------------------------------------------------------------------------------
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine src-fs02, is a DC.
* Connecting to directory service on server src-fs02.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRC-FS02
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SRC-FS02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRC-FS02
Starting test: Replications
* Replications Check
[Replications Check,SRC-FS02] A recent replication attempt failed:
From SRC-FS01 to SRC-FS02
Naming Context: DC=ForestDnsZones,DC=src,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2013-02-04 09:54:10.
The last success occurred at 2013-02-03 13:53:50.
20 failures have occurred since the last success.
[SRC-FS01] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Printing RPC Extended Error Info:
Error Record 1, ProcessID is 2904 (DcDiag)
System Time is: 2/4/2013 9:11:16:51
Generating component is 8 (winsock)
Status is 1722: The RPC server is unavailable.
Detection location is 323
Error Record 2, ProcessID is 2904 (DcDiag)
System Time is: 2/4/2013 9:11:16:51
Generating component is 8 (winsock)
Status is 1237: The operation could not be completed. A retry should be performed.
Detection location is 313
Error Record 3, ProcessID is 2904 (DcDiag)
System Time is: 2/4/2013 9:11:16:51
Generating component is 8 (winsock)
Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Detection location is 311
NumberOfParameters is 3
Long val: 135
Pointer val: 0
Pointer val: 0
Error Record 4, ProcessID is 2904 (DcDiag)
System Time is: 2/4/2013 9:11:16:51
Generating component is 8 (winsock)
Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Detection location is 318
[Replications Check,SRC-FS02] A recent replication attempt failed:
From SRC-FS01 to SRC-FS02
Naming Context: DC=DomainDnsZones,DC=src,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2013-02-04 09:54:10.
The last success occurred at 2013-02-03 13:53:50.
20 failures have occurred since the last success.
[Replications Check,SRC-FS02] A recent replication attempt failed:
From SRC-FS01 to SRC-FS02
Naming Context: CN=Schema,CN=Configuration,DC=src,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2013-02-04 09:54:52.
The last success occurred at 2013-02-03 13:53:50.
20 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,SRC-FS02] A recent replication attempt failed:
From SRC-FS01 to SRC-FS02
Naming Context: CN=Configuration,DC=src,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2013-02-04 09:54:31.
The last success occurred at 2013-02-03 13:53:50.
20 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,SRC-FS02] A recent replication attempt failed:
From SRC-FS01 to SRC-FS02
Naming Context: DC=src,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2013-02-04 09:54:10.
The last success occurred at 2013-02-03 14:16:09.
20 failures have occurred since the last success.
The source remains down. Please check the machine.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
SRC-FS02: Current time is 2013-02-04 10:10:54.
DC=ForestDnsZones,DC=src,DC=local
Last replication recieved from SRC-FS01 at 2013-02-03 13:53:50.
DC=DomainDnsZones,DC=src,DC=local
Last replication recieved from SRC-FS01 at 2013-02-03 13:53:50.
CN=Schema,CN=Configuration,DC=src,DC=local
Last replication recieved from SRC-FS01 at 2013-02-03 13:53:50.
CN=Configuration,DC=src,DC=local
Last replication recieved from SRC-FS01 at 2013-02-03 13:53:50.
DC=src,DC=local
Last replication recieved from SRC-FS01 at 2013-02-03 14:16:09.
* Replication Site Latency Check
......................... SRC-FS02 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SRC-FS02.
* Security Permissions Check for
DC=ForestDnsZones,DC=src,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=src,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=src,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=src,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=src,DC=local
(Domain,Version 2)
......................... SRC-FS02 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\SRC-FS02\netlogon
Verified share \\SRC-FS02\sysvol
......................... SRC-FS02 passed test NetLogons
Starting test: Advertising
The DC SRC-FS02 is advertising itself as a DC and having a DS.
The DC SRC-FS02 is advertising as an LDAP server
The DC SRC-FS02 is advertising as having a writeable directory
The DC SRC-FS02 is advertising as a Key Distribution Center
The DC SRC-FS02 is advertising as a time server
......................... SRC-FS02 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SRC-FS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
Warning: SRC-FS01 is the Schema Owner, but is not responding to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it.
[SRC-FS01] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
Warning: SRC-FS01 is the Schema Owner, but is not responding to LDAP Bind.
Role Domain Owner = CN=NTDS Settings,CN=SRC-FS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
Warning: SRC-FS01 is the Domain Owner, but is not responding to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it.
Warning: SRC-FS01 is the Domain Owner, but is not responding to LDAP Bind.
Role PDC Owner = CN=NTDS Settings,CN=SRC-FS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
Warning: SRC-FS01 is the PDC Owner, but is not responding to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it.
Warning: SRC-FS01 is the PDC Owner, but is not responding to LDAP Bind.
Role Rid Owner = CN=NTDS Settings,CN=SRC-FS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
Warning: SRC-FS01 is the Rid Owner, but is not responding to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it.
Warning: SRC-FS01 is the Rid Owner, but is not responding to LDAP Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRC-FS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
Warning: SRC-FS01 is the Infrastructure Update Owner, but is not responding to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it.
Warning: SRC-FS01 is the Infrastructure Update Owner, but is not responding to LDAP Bind.
......................... SRC-FS02 failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2103 to 1073741823
* src-fs01.src.local is the RID Master
......................... SRC-FS02 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC SRC-FS02 on DC SRC-FS02.
* SPN found :LDAP/src-fs02.src.local/src.local
* SPN found :LDAP/src-fs02.src.local
* SPN found :LDAP/SRC-FS02
* SPN found :LDAP/src-fs02.src.local/SRC
* SPN found :LDAP/0b02a15f-a505-4703-aa4b-845afbde2247._msdcs.src.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/0b02a15f-a505-4703-aa4b-845afbde2247/src.local
* SPN found :HOST/src-fs02.src.local/src.local
* SPN found :HOST/src-fs02.src.local
* SPN found :HOST/SRC-FS02
* SPN found :HOST/src-fs02.src.local/SRC
* SPN found :GC/src-fs02.src.local/src.local
......................... SRC-FS02 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SRC-FS02 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
SRC-FS02 is in domain DC=src,DC=local
Checking for CN=SRC-FS02,OU=Domain Controllers,DC=src,DC=local in domain DC=src,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SRC-FS02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local in domain CN=Configuration,DC=src,DC=local on 1 servers
Object is up-to-date on all servers.
......................... SRC-FS02 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... SRC-FS02 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... SRC-FS02 passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... SRC-FS02 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC25A001D
Time Generated: 02/04/2013 10:00:49
(Event String could not be retrieved)
......................... SRC-FS02 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=SRC-FS02,OU=Domain Controllers,DC=src,DC=local and backlink on
CN=SRC-FS02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=SRC-FS02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=src,DC=local
and backlink on CN=SRC-FS02,OU=Domain Controllers,DC=src,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=SRC-FS02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=src,DC=local
and backlink on
CN=NTDS Settings,CN=SRC-FS02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=src,DC=local
are correct.
......................... SRC-FS02 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : src
Starting test: CrossRefValidation
......................... src passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... src passed test CheckSDRefDom
Running enterprise tests on : src.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... src.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Time Server Name: \\src-fs02.src.local
Locator Flags: 0xe00001f8
Preferred Time Server Name: \\src-fs02.src.local
Locator Flags: 0xe00001f8
KDC Name: \\src-fs02.src.local
Locator Flags: 0xe00001f8
......................... src.local failed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
/u/169878/crop60f2c3c12a642_cropped.png?f=community)
/u/65110/Avatar60x60.png?f=community){kind=avatar}
:strip_icc():strip_exif()/u/84973/images.jpg?f=community)