We are tearing our hair out at this moment. Please help a man staring into
the depths of insanity.
We have a Win2K SP2 server (MachineA) running AD in native mode, as the only
domain controller on the network.
We have added another Win2K SP2 server (MachineB) to the network, and ran
dcpromo on it successfully to join it as a domain controller.
Under AD Users and Computers, the machines show up as domain controllers.
All the DNS entries seem ok - we have both machines running DNS integrated
with the AD.
All is fine. Users can log on. However.
1) If we turn off MachineA no one can logon to the network
2) If we try & dcpromo MachineA to be just a member server, then we get the
error message about "no domain controller is available"
We think that it is something to do with SYSVOL and NETLOGON but cannot find
the solution. The FRS service is running on both machines.
We have tried everything that we could find on the web.
We have run dcdiag and netdiag on both machines with the following results:
###### MachineA DCDiag ########
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\MachineA
Starting test: Connectivity
......................... MachineA passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\MachineA
Starting test: Replications
......................... MachineA passed test Replications
Starting test: NCSecDesc
......................... MachineA passed test NCSecDesc
Starting test: NetLogons
......................... MachineA passed test NetLogons
Starting test: Advertising
......................... MachineA passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MachineA passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MachineA passed test RidManager
Starting test: MachineAccount
* MachineA is not trusted for account delegation
......................... MachineA failed test MachineAccount
Starting test: Services
......................... MachineA passed test Services
Starting test: ObjectsReplicated
......................... MachineA passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... MachineA passed test frssysvol
Starting test: kccevent
......................... MachineA passed test kccevent
Starting test: systemlog
......................... MachineA passed test systemlog
Running enterprise tests on : OurDomain.com
Starting test: Intersite
......................... OurDomain.com passed test Intersite
Starting test: FsmoCheck
......................... OurDomain.com passed test FsmoCheck
###### MachineB DCDiag ########
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\MachineB
Starting test: Connectivity
......................... MachineB passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\MachineB
Starting test: Replications
......................... MachineB passed test Replications
Starting test: NCSecDesc
......................... MachineB passed test NCSecDesc
Starting test: NetLogons
......................... MachineB passed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for
\\MachineA.OurDomain.com, when we were trying to reach MachineB.
Server is not responding or is not considered suitable.
......................... MachineB failed test Advertising
Starting test: KnowsOfRoleHolders
......................... MachineB passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MachineB passed test RidManager
Starting test: MachineAccount
......................... MachineB passed test MachineAccount
Starting test: Services
Could not open SMTPSVC Service on [MachineB]:failed with 1060:
Win32 Error 1060
......................... MachineB failed test Services
Starting test: ObjectsReplicated
......................... MachineB passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... MachineB passed test frssysvol
Starting test: kccevent
......................... MachineB passed test kccevent
Starting test: systemlog
......................... MachineB passed test systemlog
Running enterprise tests on : OurDomain.com
Starting test: Intersite
......................... OurDomain.com passed test Intersite
Starting test: FsmoCheck
......................... OurDomain.com passed test FsmoCheck
###### MachineA NetDiag ########
.....................................
Computer Name: MachineA
DNS Host Name: MachineA.OurDomain.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 5 Model 8 Stepping 12, AuthenticAMD
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'Eicon DIVA 2.01 S/T (USB)' may not be working
because it has not received any packets.
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : MachineA.OurDomain.com
IP Address . . . . . . . . : 192.168.10.2
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.10.109
Dns Servers. . . . . . . . : 127.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'127.0.0.1' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
###### MachineB NetDiag ########
......................................
Computer Name: MachineB
DNS Host Name: MachineB.OurDomain.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it
has not received any packets.
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : MachineB.OurDomain.com
IP Address . . . . . . . . : 192.168.10.6
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.10.109
Dns Servers. . . . . . . . : 127.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Adapter : {33ED5761-2667-4254-B381-03ECF79157DA}
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : MachineB
IP Address . . . . . . . . : 169.254.230.53
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 127.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to the
local machine. This machine is not working properly as a DC.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
2 NetBt transports currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'127.0.0.1' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
The redir is bound to 2 NetBt transports.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
The browser is bound to 2 NetBt transports.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'OURDOMAIN' is to '\\MachineA.OurDomain.com'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
Regards,
Julian.
Julian Lyndon-Smith
IT Director
Dot R Limited
http://www.dotr.com
[EMAIL PROTECTED]
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
