M
Mahmoud87
Hi Guys,
I got my domain controller installed on Windows server 2019 working perfectly fine and no issues, few days ago added an additional domain controller running on Windows server 2016 standard. Finished the step correctly and I can see the second domain replicated all the settings fine no issues running the DNS on the new server working fine. My one issue that I can't connect to the additional domain via active directory I can see it online but when I connect to it it gives the error RPC server is unavailable, however if I do the same thing from the new domain controller I can connect to both of DC the primary and the new one., also they both showing online on active dirctory.
I have checked the Firewall rules, services and the NIC settings all seems to be correct and I am not sure where elese to look. I can ping the new domain controller via NetBios, DNS and IP from anywhere including the primary domain controller. I also noticed I can't browse to the additional domain controller SysVol and Netlogon dirctory from any location unlike I can do on the primary one.
I have troubleshooted these and can confirm all of them are ok.
Common causes of RPC errors include:
I have also ran this command on the additional domain controller and saw some errors but not sure really where to start and how to fix.
Dcdiag /v /c /d /e /s
CName >c:\dcdiag.log
Command Line: "dcdiag.exe
/v /c /d /e /sc-replica1.home.local"
Directory Server Diagnosis
Performing initial setup:
* Connecting to directory service on server Dc-replica1.home.local.
Dc-replica1.home.local.currentTime = 20191102013751.0Z
Dc-replica1.home.local.highestCommittedUSN = 24879
Dc-replica1.home.local.isSynchronized = 1
Dc-replica1.home.local.isGlobalCatalogReady = 1
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Home,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Home,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC-REPLICA1,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
DC-REPLICA1.currentTime = 20191102013751.0Z
DC-REPLICA1.highestCommittedUSN = 24879
DC-REPLICA1.isSynchronized = 1
DC-REPLICA1.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
DC.currentTime = 20191102013753.0Z
DC.highestCommittedUSN = 885009
DC.isSynchronized = 1
DC.isGlobalCatalogReady = 1
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=2
pszRootDomain=Home.local
pszNC=
pszRootDomainFQDN=DC=Home,DC=local
pszConfigNc=CN=Configuration,DC=Home,DC=local
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=Home,DC=local
fAdam=0
iSiteOptions=0
dwTombstoneLifeTimeDays=180
dwForestBehaviorVersion=7
HomeServer=1, DC-REPLICA1
SERVER: pServer[0].pszName=DC
pServer[0].pszGuidDNSName (binding str)=0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
pServer[0].pszDNSName=DC.Home.local
pServer[0].pszLdapPort=(null)
pServer[0].pszSslPort=(null)
pServer[0].pszDn=CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pServer[0].pszComputerAccountDn=CN=DC,OU=Domain Controllers,DC=Home,DC=local
pServer[0].uuidObjectGuid=0a8ecec3-eff3-42cf-92a0-d50acb244196
pServer[0].uuidInvocationId=4168d597-7ef6-464e-9da6-71a225789644
pServer[0].iSite=0 (SCCM-MP)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=2411cb50 01d5911e
pServer[0].ftRemoteConnectTime=24d0ae80 01d5911e
pServer[0].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=DomainDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[1]=DC=ForestDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[4]=DC=Home,DC=local
SERVER: pServer[1].pszName=DC-REPLICA1
pServer[1].pszGuidDNSName (binding str)=6f1bc80d-bfd5-4365-a0cf-e4ff02e3fd91._msdcs.Home.local
pServer[1].pszDNSName=DC-Replica1.Home.local
pServer[1].pszLdapPort=(null)
pServer[1].pszSslPort=(null)
pServer[1].pszDn=CN=NTDS Settings,CN=DC-REPLICA1,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pServer[1].pszComputerAccountDn=CN=DC-REPLICA1,OU=Domain Controllers,DC=Home,DC=local
pServer[1].uuidObjectGuid=6f1bc80d-bfd5-4365-a0cf-e4ff02e3fd91
pServer[1].uuidInvocationId=44e3a429-7500-4551-b645-7f48e97cff7e
pServer[1].iSite=0 (SCCM-MP)
pServer[1].iOptions=1
pServer[1].ftLocalAcquireTime=240f5a50 01d5911e
pServer[1].ftRemoteConnectTime=239f8180 01d5911e
pServer[1].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=DomainDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[1]=DC=ForestDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[4]=DC=Home,DC=local
SITES: pSites[0].pszName=SCCM-MP
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pSites[0].pszISTG=CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pSites[0].iSiteOption=0
pSites[0].cServers=2
NC: pNCs[0].pszName=DomainDnsZones
pNCs[0].pszDn=DC=DomainDnsZones,DC=Home,DC=local
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=5b3937bb-40db-44e4-8443-4bf9f47ea678,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[0].aCrInfo[0].pszDnsRoot=DomainDnsZones.Home.local
pNCs[0].aCrInfo[0].iSourceServer=1
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=ForestDnsZones
pNCs[1].pszDn=DC=ForestDnsZones,DC=Home,DC=local
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=195d540d-c323-4ec0-9c2c-b09a6ad453a6,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[1].aCrInfo[0].pszDnsRoot=ForestDnsZones.Home.local
pNCs[1].aCrInfo[0].iSourceServer=1
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=Home,DC=local
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[2].aCrInfo[0].pszDnsRoot=Home.local
pNCs[2].aCrInfo[0].iSourceServer=1
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=Home,DC=local
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[3].aCrInfo[0].pszDnsRoot=Home.local
pNCs[3].aCrInfo[0].iSourceServer=1
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=Home
pNCs[4].pszDn=DC=Home,DC=local
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=HOME,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[4].aCrInfo[0].pszDnsRoot=Home.local
pNCs[4].aCrInfo[0].iSourceServer=1
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: DomainDnsZones, ForestDnsZones, Schema, Configuration, Home,
2 TARGETS: DC, DC-REPLICA1,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: SCCM-MP\DC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC ... OK.
* Active Directory RPC Services Check
......................... DC passed test Connectivity
Testing server: SCCM-MP\DC-REPLICA1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC-REPLICA1 ... OK.
* Active Directory RPC Services Check
......................... DC-REPLICA1 passed test Connectivity
Doing primary tests
Testing server: SCCM-MP\DC
Starting test: Advertising
The DC DC is advertising itself as a DC and having a DS.
The DC DC is advertising as an LDAP server
The DC DC is advertising as having a writeable directory
The DC DC is advertising as a Key Distribution Center
Warning: DC is not advertising as a time server.
The DS DC is advertising as a GC.
......................... DC failed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC-REPLICA1 for domain Home.local in site SCCM-MP
Checking machine account for DC DC on DC DC-REPLICA1.
* SPN found :LDAP/DC.Home.local/Home.local
* SPN found :LDAP/DC.Home.local
* SPN found :LDAP/DC
* SPN found :LDAP/DC.Home.local/HOME
* SPN found :LDAP/0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/0a8ecec3-eff3-42cf-92a0-d50acb244196/Home.local
* SPN found :HOST/DC.Home.local/Home.local
* SPN found :HOST/DC.Home.local
* SPN found :HOST/DC
* SPN found :HOST/DC.Home.local/HOME
* SPN found :GC/DC.Home.local/Home.local
Checking for CN=DC,OU=Domain Controllers,DC=Home,DC=local in domain DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
[DC] No security related replication errors were found on this DC! To
target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
The event log DFS Replication on server DC.Home.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... DC failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
The event log Directory Service on server DC.Home.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... DC failed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Domain Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role PDC Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Rid Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
......................... DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC on DC DC.
* SPN found :LDAP/DC.Home.local/Home.local
* SPN found :LDAP/DC.Home.local
* SPN found :LDAP/DC
* SPN found :LDAP/DC.Home.local/HOME
* SPN found :LDAP/0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/0a8ecec3-eff3-42cf-92a0-d50acb244196/Home.local
* SPN found :HOST/DC.Home.local/Home.local
* SPN found :HOST/DC.Home.local
* SPN found :HOST/DC
* SPN found :HOST/DC.Home.local/HOME
* SPN found :GC/DC.Home.local/Home.local
......................... DC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC.
* Security Permissions Check for
DC=DomainDnsZones,DC=Home,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=ForestDnsZones,DC=Home,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Home,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Home,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=Home,DC=local
(Domain,Version 3)
......................... DC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC\netlogon
Verified share \\DC\sysvol
......................... DC passed test NetLogons
Starting test: ObjectsReplicated
DC is in domain DC=Home,DC=local
Checking for CN=DC,OU=Domain Controllers,DC=Home,DC=local in domain DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local in domain CN=Configuration,DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
......................... DC passed test ObjectsReplicated
Starting test: OutboundSecureChanne
Appreciate your replies, thanks
Continue reading...
I got my domain controller installed on Windows server 2019 working perfectly fine and no issues, few days ago added an additional domain controller running on Windows server 2016 standard. Finished the step correctly and I can see the second domain replicated all the settings fine no issues running the DNS on the new server working fine. My one issue that I can't connect to the additional domain via active directory I can see it online but when I connect to it it gives the error RPC server is unavailable, however if I do the same thing from the new domain controller I can connect to both of DC the primary and the new one., also they both showing online on active dirctory.
I have checked the Firewall rules, services and the NIC settings all seems to be correct and I am not sure where elese to look. I can ping the new domain controller via NetBios, DNS and IP from anywhere including the primary domain controller. I also noticed I can't browse to the additional domain controller SysVol and Netlogon dirctory from any location unlike I can do on the primary one.
I have troubleshooted these and can confirm all of them are ok.
Common causes of RPC errors include:
- Errors resolving a DNS or NetBIOS name.
- The RPC service or related services may not be running.
- Problems with network connectivity.
- File and printer sharing is not enabled.
I have also ran this command on the additional domain controller and saw some errors but not sure really where to start and how to fix.
Dcdiag /v /c /d /e /s
CName >c:\dcdiag.logCommand Line: "dcdiag.exe
/v /c /d /e /s
c-replica1.home.local"Directory Server Diagnosis
Performing initial setup:
* Connecting to directory service on server Dc-replica1.home.local.
Dc-replica1.home.local.currentTime = 20191102013751.0Z
Dc-replica1.home.local.highestCommittedUSN = 24879
Dc-replica1.home.local.isSynchronized = 1
Dc-replica1.home.local.isGlobalCatalogReady = 1
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Home,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Home,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC-REPLICA1,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
DC-REPLICA1.currentTime = 20191102013751.0Z
DC-REPLICA1.highestCommittedUSN = 24879
DC-REPLICA1.isSynchronized = 1
DC-REPLICA1.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
DC.currentTime = 20191102013753.0Z
DC.highestCommittedUSN = 885009
DC.isSynchronized = 1
DC.isGlobalCatalogReady = 1
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=2
pszRootDomain=Home.local
pszNC=
pszRootDomainFQDN=DC=Home,DC=local
pszConfigNc=CN=Configuration,DC=Home,DC=local
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=Home,DC=local
fAdam=0
iSiteOptions=0
dwTombstoneLifeTimeDays=180
dwForestBehaviorVersion=7
HomeServer=1, DC-REPLICA1
SERVER: pServer[0].pszName=DC
pServer[0].pszGuidDNSName (binding str)=0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
pServer[0].pszDNSName=DC.Home.local
pServer[0].pszLdapPort=(null)
pServer[0].pszSslPort=(null)
pServer[0].pszDn=CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pServer[0].pszComputerAccountDn=CN=DC,OU=Domain Controllers,DC=Home,DC=local
pServer[0].uuidObjectGuid=0a8ecec3-eff3-42cf-92a0-d50acb244196
pServer[0].uuidInvocationId=4168d597-7ef6-464e-9da6-71a225789644
pServer[0].iSite=0 (SCCM-MP)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=2411cb50 01d5911e
pServer[0].ftRemoteConnectTime=24d0ae80 01d5911e
pServer[0].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=DomainDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[1]=DC=ForestDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[4]=DC=Home,DC=local
SERVER: pServer[1].pszName=DC-REPLICA1
pServer[1].pszGuidDNSName (binding str)=6f1bc80d-bfd5-4365-a0cf-e4ff02e3fd91._msdcs.Home.local
pServer[1].pszDNSName=DC-Replica1.Home.local
pServer[1].pszLdapPort=(null)
pServer[1].pszSslPort=(null)
pServer[1].pszDn=CN=NTDS Settings,CN=DC-REPLICA1,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pServer[1].pszComputerAccountDn=CN=DC-REPLICA1,OU=Domain Controllers,DC=Home,DC=local
pServer[1].uuidObjectGuid=6f1bc80d-bfd5-4365-a0cf-e4ff02e3fd91
pServer[1].uuidInvocationId=44e3a429-7500-4551-b645-7f48e97cff7e
pServer[1].iSite=0 (SCCM-MP)
pServer[1].iOptions=1
pServer[1].ftLocalAcquireTime=240f5a50 01d5911e
pServer[1].ftRemoteConnectTime=239f8180 01d5911e
pServer[1].ppszMaster/FullReplicaNCs:
ppszMaster/FullReplicaNCs[0]=DC=DomainDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[1]=DC=ForestDnsZones,DC=Home,DC=local
ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=Home,DC=local
ppszMaster/FullReplicaNCs[4]=DC=Home,DC=local
SITES: pSites[0].pszName=SCCM-MP
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pSites[0].pszISTG=CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
pSites[0].iSiteOption=0
pSites[0].cServers=2
NC: pNCs[0].pszName=DomainDnsZones
pNCs[0].pszDn=DC=DomainDnsZones,DC=Home,DC=local
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=5b3937bb-40db-44e4-8443-4bf9f47ea678,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[0].aCrInfo[0].pszDnsRoot=DomainDnsZones.Home.local
pNCs[0].aCrInfo[0].iSourceServer=1
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=ForestDnsZones
pNCs[1].pszDn=DC=ForestDnsZones,DC=Home,DC=local
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=195d540d-c323-4ec0-9c2c-b09a6ad453a6,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[1].aCrInfo[0].pszDnsRoot=ForestDnsZones.Home.local
pNCs[1].aCrInfo[0].iSourceServer=1
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=Home,DC=local
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[2].aCrInfo[0].pszDnsRoot=Home.local
pNCs[2].aCrInfo[0].iSourceServer=1
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=Home,DC=local
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[3].aCrInfo[0].pszDnsRoot=Home.local
pNCs[3].aCrInfo[0].iSourceServer=1
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=Home
pNCs[4].pszDn=DC=Home,DC=local
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=HOME,CN=Partitions,CN=Configuration,DC=Home,DC=local
pNCs[4].aCrInfo[0].pszDnsRoot=Home.local
pNCs[4].aCrInfo[0].iSourceServer=1
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: DomainDnsZones, ForestDnsZones, Schema, Configuration, Home,
2 TARGETS: DC, DC-REPLICA1,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: SCCM-MP\DC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC ... OK.
* Active Directory RPC Services Check
......................... DC passed test Connectivity
Testing server: SCCM-MP\DC-REPLICA1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Failure Analysis: DC-REPLICA1 ... OK.
* Active Directory RPC Services Check
......................... DC-REPLICA1 passed test Connectivity
Doing primary tests
Testing server: SCCM-MP\DC
Starting test: Advertising
The DC DC is advertising itself as a DC and having a DS.
The DC DC is advertising as an LDAP server
The DC DC is advertising as having a writeable directory
The DC DC is advertising as a Key Distribution Center
Warning: DC is not advertising as a time server.
The DS DC is advertising as a GC.
......................... DC failed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC-REPLICA1 for domain Home.local in site SCCM-MP
Checking machine account for DC DC on DC DC-REPLICA1.
* SPN found :LDAP/DC.Home.local/Home.local
* SPN found :LDAP/DC.Home.local
* SPN found :LDAP/DC
* SPN found :LDAP/DC.Home.local/HOME
* SPN found :LDAP/0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/0a8ecec3-eff3-42cf-92a0-d50acb244196/Home.local
* SPN found :HOST/DC.Home.local/Home.local
* SPN found :HOST/DC.Home.local
* SPN found :HOST/DC
* SPN found :HOST/DC.Home.local/HOME
* SPN found :GC/DC.Home.local/Home.local
Checking for CN=DC,OU=Domain Controllers,DC=Home,DC=local in domain DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
[DC] No security related replication errors were found on this DC! To
target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=Home,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
The event log DFS Replication on server DC.Home.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... DC failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
The event log Directory Service on server DC.Home.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... DC failed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Domain Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role PDC Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Rid Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local
......................... DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC on DC DC.
* SPN found :LDAP/DC.Home.local/Home.local
* SPN found :LDAP/DC.Home.local
* SPN found :LDAP/DC
* SPN found :LDAP/DC.Home.local/HOME
* SPN found :LDAP/0a8ecec3-eff3-42cf-92a0-d50acb244196._msdcs.Home.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/0a8ecec3-eff3-42cf-92a0-d50acb244196/Home.local
* SPN found :HOST/DC.Home.local/Home.local
* SPN found :HOST/DC.Home.local
* SPN found :HOST/DC
* SPN found :HOST/DC.Home.local/HOME
* SPN found :GC/DC.Home.local/Home.local
......................... DC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC.
* Security Permissions Check for
DC=DomainDnsZones,DC=Home,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=ForestDnsZones,DC=Home,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Home,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Home,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=Home,DC=local
(Domain,Version 3)
......................... DC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC\netlogon
Verified share \\DC\sysvol
......................... DC passed test NetLogons
Starting test: ObjectsReplicated
DC is in domain DC=Home,DC=local
Checking for CN=DC,OU=Domain Controllers,DC=Home,DC=local in domain DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC,CN=Servers,CN=SCCM-MP,CN=Sites,CN=Configuration,DC=Home,DC=local in domain CN=Configuration,DC=Home,DC=local on 2 servers
Object is up-to-date on all servers.
......................... DC passed test ObjectsReplicated
Starting test: OutboundSecureChanne
Appreciate your replies, thanks
Continue reading...