Re: Forced client disconnect problem.
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 6 Dec 2005 11:26:20 -0600
I don't thing that the ISM service being stopped is a big deal since it is
only used for inter site replication for Active Directory using SMTP which
it sounds like you are not using. The problems for sysvol and kerberos may
or may not be significant depending on if they are one time events and not
repeating. As far as DNS the netdiag test should tell a lot more. Overall
this dcdiag result does not appear to show fatal problems. I would also run
the support tool gpotool on the domain controllers to further check for
sysvol and Group Policy replication problems. --- Steve
"Gerry Armstrong" <gerrya@xxxxxxxxxxx> wrote in message
news:11pb0j6njesjn16@xxxxxxxxxxxxxxxxxxxxx
> This is the result of the dcdiag /v test on the SBS2003 server, seems as
> if I have some issues. Also I did not request omission of the DNS as the
> end of the test states, I used the command "dcdiag /v". Any suggestions as
> to what my problem and solution could be?
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> * Verifying that the local machine towner-s1, is a DC.
> * Connecting to directory service on server towner-s1.
> * Collecting site info.
> * Identifying all servers.
> * Identifying all NC cross-refs.
> * Found 2 DC(s). Testing 1 of them.
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\TOWNER-S1
> Starting test: Connectivity
> * Active Directory LDAP Services Check
> * Active Directory RPC Services Check
> ......................... TOWNER-S1 passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\TOWNER-S1
> Starting test: Replications
> * Replications Check
> * Replication Latency Check
> DC=ForestDnsZones,DC=towner,DC=local
> Latency information for 1 entries in the vector were
> ignored.
> 1 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
> DC=DomainDnsZones,DC=towner,DC=local
> Latency information for 1 entries in the vector were
> ignored.
> 1 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
> CN=Schema,CN=Configuration,DC=towner,DC=local
> Latency information for 1 entries in the vector were
> ignored.
> 1 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
> CN=Configuration,DC=towner,DC=local
> Latency information for 1 entries in the vector were
> ignored.
> 1 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
> DC=towner,DC=local
> Latency information for 1 entries in the vector were
> ignored.
> 1 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
> * Replication Site Latency Check
> ......................... TOWNER-S1 passed test Replications
> Test omitted by user request: Topology
> Test omitted by user request: CutoffServers
> Starting test: NCSecDesc
> * Security Permissions check for all NC's on DC TOWNER-S1.
> * Security Permissions Check for
> DC=ForestDnsZones,DC=towner,DC=local
> (NDNC,Version 2)
> * Security Permissions Check for
> DC=DomainDnsZones,DC=towner,DC=local
> (NDNC,Version 2)
> * Security Permissions Check for
> CN=Schema,CN=Configuration,DC=towner,DC=local
> (Schema,Version 2)
> * Security Permissions Check for
> CN=Configuration,DC=towner,DC=local
> (Configuration,Version 2)
> * Security Permissions Check for
> DC=towner,DC=local
> (Domain,Version 2)
> ......................... TOWNER-S1 passed test NCSecDesc
> Starting test: NetLogons
> * Network Logons Privileges Check
> Verified share \\TOWNER-S1\netlogon
> Verified share \\TOWNER-S1\sysvol
> ......................... TOWNER-S1 passed test NetLogons
> Starting test: Advertising
> The DC TOWNER-S1 is advertising itself as a DC and having a DS.
> The DC TOWNER-S1 is advertising as an LDAP server
> The DC TOWNER-S1 is advertising as having a writeable directory
> The DC TOWNER-S1 is advertising as a Key Distribution Center
> The DC TOWNER-S1 is advertising as a time server
> The DS TOWNER-S1 is advertising as a GC.
> ......................... TOWNER-S1 passed test Advertising
> Starting test: KnowsOfRoleHolders
> Role Schema Owner = CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> Role Domain Owner = CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> Role PDC Owner = CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> Role Rid Owner = CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> Role Infrastructure Update Owner = CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> ......................... TOWNER-S1 passed test KnowsOfRoleHolders
> Starting test: RidManager
> * Available RID Pool for the Domain is 2609 to 1073741823
> * towner-s1.towner.local is the RID Master
> * DsBind with RID Master was successful
> * rIDAllocationPool is 1609 to 2108
> * rIDPreviousAllocationPool is 1609 to 2108
> * rIDNextRID: 1631
> ......................... TOWNER-S1 passed test RidManager
> Starting test: MachineAccount
> Checking machine account for DC TOWNER-S1 on DC TOWNER-S1.
> * SPN found :LDAP/towner-s1.towner.local/towner.local
> * SPN found :LDAP/towner-s1.towner.local
> * SPN found :LDAP/TOWNER-S1
> * SPN found :LDAP/towner-s1.towner.local/TOWNER
> * SPN found
> :LDAP/c309bfa7-ea14-49dc-9430-2518c993b3a0._msdcs.towner.local
> * SPN found
> :E3514235-4B06-11D1-AB04-00C04FC2DCD2/c309bfa7-ea14-49dc-9430-2518c993b3a0/towner.local
> * SPN found :HOST/towner-s1.towner.local/towner.local
> * SPN found :HOST/towner-s1.towner.local
> * SPN found :HOST/TOWNER-S1
> * SPN found :HOST/towner-s1.towner.local/TOWNER
> * SPN found :GC/towner-s1.towner.local/towner.local
> ......................... TOWNER-S1 passed test MachineAccount
> Starting test: Services
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> * Checking Service: IsmServ
> IsmServ Service is stopped on [TOWNER-S1]
> * Checking Service: kdc
> * Checking Service: SamSs
> * Checking Service: LanmanServer
> * Checking Service: LanmanWorkstation
> * Checking Service: RpcSs
> * Checking Service: w32time
> * Checking Service: NETLOGON
> ......................... TOWNER-S1 failed test Services
> Test omitted by user request: OutboundSecureChannels
> Starting test: ObjectsReplicated
> TOWNER-S1 is in domain DC=towner,DC=local
> Checking for CN=TOWNER-S1,OU=Domain Controllers,DC=towner,DC=local
> in domain DC=towner,DC=local on 1 servers
> Object is up-to-date on all servers.
> Checking for CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
> in domain CN=Configuration,DC=towner,DC=local on 1 servers
> Object is up-to-date on all servers.
> ......................... TOWNER-S1 passed test ObjectsReplicated
> Starting test: frssysvol
> * The File Replication Service SYSVOL ready test
> File Replication Service's SYSVOL is ready
> ......................... TOWNER-S1 passed test frssysvol
> Starting test: frsevent
> * The File Replication Service Event log test
> There are warning or error events within the last 24 hours after
> the
>
> SYSVOL has been shared. Failing SYSVOL replication problems may
> cause
>
> Group Policy problems.
> An Warning Event occured. EventID: 0x800034C4
> Time Generated: 12/06/2005 00:47:11
> (Event String could not be retrieved)
> ......................... TOWNER-S1 failed test frsevent
> Starting test: kccevent
> * The KCC Event log test
> Found no KCC errors in Directory Service Event log in the last 15
> minutes.
> ......................... TOWNER-S1 passed test kccevent
> Starting test: systemlog
> * The System Event log test
> An Error Event occured. EventID: 0x40000005
> Time Generated: 12/06/2005 07:58:51
> Event String: The kerberos client received a KRB_AP_ERR_TKT_NYV
>
> error from the server LOIS$. This indicates that
>
> the ticket used against that server is not yet
>
> valid (in relationship to that server time).
>
> Contact your system administrator to make sure
>
> the client and server times are in sync, and that
>
> the KDC in realm TOWNER.LOCAL is in sync with
>
> the KDC in the client realm.
> ......................... TOWNER-S1 failed test systemlog
> Test omitted by user request: VerifyReplicas
> Starting test: VerifyReferences
> The system object reference (serverReference)
>
> CN=TOWNER-S1,OU=Domain Controllers,DC=towner,DC=local and backlink
> on
>
>
> CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
>
> are correct.
> The system object reference (frsComputerReferenceBL)
>
> CN=TOWNER-S1,CN=Domain System Volume (SYSVOL share),CN=File
> Replication Service,CN=System,DC=towner,DC=local
>
> and backlink on CN=TOWNER-S1,OU=Domain
> Controllers,DC=towner,DC=local
>
> are correct.
> The system object reference (serverReferenceBL)
>
> CN=TOWNER-S1,CN=Domain System Volume (SYSVOL share),CN=File
> Replication Service,CN=System,DC=towner,DC=local
>
> and backlink on
>
> CN=NTDS
> Settings,CN=TOWNER-S1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=towner,DC=local
>
> are correct.
> ......................... TOWNER-S1 passed test VerifyReferences
> Test omitted by user request: VerifyEnterpriseReferences
> Test omitted by user request: CheckSecurityError
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test CheckSDRefDom
>
> Running partition tests on : towner
> Starting test: CrossRefValidation
> ......................... towner passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... towner passed test CheckSDRefDom
>
> Running enterprise tests on : towner.local
> Starting test: Intersite
> Skipping site Default-First-Site-Name, this site is outside the
> scope
>
> provided by the command line arguments provided.
> ......................... towner.local passed test Intersite
> Starting test: FsmoCheck
> GC Name: \\towner-s1.towner.local
> Locator Flags: 0xe00003fd
> PDC Name: \\towner-s1.towner.local
> Locator Flags: 0xe00003fd
> Time Server Name: \\towner-s1.towner.local
> Locator Flags: 0xe00003fd
> Preferred Time Server Name: \\towner-s1.towner.local
> Locator Flags: 0xe00003fd
> KDC Name: \\towner-s1.towner.local
> Locator Flags: 0xe00003fd
> ......................... towner.local passed test FsmoCheck
> Test omitted by user request: DNS
> Test omitted by user request: DNS
>
>
.
- References:
- Forced client disconnect problem.
- From: Gerry Armstrong
- Re: Forced client disconnect problem.
- From: Steven L Umbach
- Re: Forced client disconnect problem.
- From: Gerry Armstrong
- Forced client disconnect problem.
- Prev by Date: Re: Forced client disconnect problem.
- Next by Date: Re: Forced client disconnect problem.
- Previous by thread: Re: Forced client disconnect problem.
- Next by thread: Server not asking for credentials
- Index(es):
Relevant Pages
|
