DCDIAG fails with: call failed, error 1722, Could not open pipe with [server]:failed with 53 etc
I realise this might be slightly off topic, as I'm asking for advice on the OS configuration specific to a Domain Controller, rather than the Directory Service itself, but I thought this was still the best place for my question

I have a 2008 forest with a root domain and 4 child domains, 53 DC's in total over multiple sites.

I ran a DCDIAG /c /e from a DC in the root domain, and +40 of the DC's returned the following errors:

Starting test: Advertising
Fatal Error:DsGetDcName (DCName) call failed, error 1722 The Locator could not find the server.
DCName failed test Advertising

Starting test: MachineAccount
Could not open pipe with [DCName]:failed with 53
The network path was not found.
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
DCName passed test MachineAccount

Starting test: NCSecDesc
Ldap search capability attribute search failed on server DCName, return value = 81
DCName failed test NCSecDesc

Starting test: NetLogons
[DCName] An net use or LsaPolicy operation failed with error 53, The network path was not found..:
DCName failed test NetLogons"

I did some testing and worked out DC's that passed these tests were either in the same domain or the same site as the source DC. Conclusion; it was resolving the DNS name in the former and doing a broadcast lookup for DC's in the same site for the latter. Therefore all DC's in child domains and not in the same site failed the tests listed above.

Therefore my question is; is this normal, should I just expect a dcdiag /e to fail in a multi-domain forest?  How would you normally configure DNS or the OS of the DC to resolve this?  Do people normally change the network properties to append DNS suffixes for all the domains/is it okay to append the DNS suffixes, or will this cause issues on the DC? 


May 14th, 2015 9:01am

Hi,

Have you done any migration of DC's also Can you provide the output of following command.

Repadmin /replsum /errorsonly

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 9:23am

Hi

 First;error 1722 seems like there is connectivity issue,

- Have you checked the Firewall ports&Connectivity?

- Do you install AV on dc's,if yes check the AV logs.Also disbale AV and test.

check these articles also;

https://technet.microsoft.com/en-us/library/replication-error-1722-the-rpc-server-is-unavaible%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

http://blogs.technet.com/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx

May 14th, 2015 9:33am

Re DC migration, not that I know off recently.  However I've only been in the company a few weeks.

DC names changed below.

C:\Windows\system32>Repadmin /replsum /errorsonly
Replication Summary Start Time: 2015-05-14 10:24:04

Beginning data collection for replication summary, this may take awhile:
  ..................................................
  ......


Source DSA          largest delta    fails/total %%   error
 A-DC01                  10m:54s    0 /  18    0
 A-DC02                  10m:36s    0 /  16    0
 B-DC01                  36m:54s    0 /  36    0
 B-DC02                  27m:12s    0 /  36    0
 B-DC03                  22m:11s    0 /  23    0
 B-DC04                  10m:34s    0 /  18    0
 B-DC05                  24m:23s    0 /  25    0
 B-DC08                  36m:54s    0 /  25    0
 B-DC10                  34m:36s    0 /  27    0
 B-DC11                       0s    0 /   9    0
 B-DC12                  09m:13s    0 /   9    0
 B-DC13                  34m:36s    0 /  27    0
 C-DC30                  09m:18s    0 /  53    0
 D-DC01                  04m:47s    0 /  10    0
 D-DC02                  04m:32s    0 /   5    0
 E-DC02                       0s    0 /   9    0
 ROOTDC01                36m:54s    0 /  23    0
 F-DC11                  22m:50s    0 /  34    0
 F-DC12                  22m:32s    0 /  25    0
 F-DC13                  22m:31s    0 /  32    0
 F-DC15                  03m:10s    0 /   9    0
 F-DC16                  22m:38s    0 /  48    0
 ROOT03                  21m:26s    0 /  32    0
 G-DC09                  17m:59s    0 /  23    0
 H-DC01                  16m:51s    0 /  97    0
 H-DC02                  17m:19s    0 /  77    0
 H-DC03                  17m:24s    0 /  79    0
 H-DC04                  35m:28s    0 /  30    0
 J-DC01                  17m:44s    0 /  23    0
 K-DC01                  03m:22s    0 /   9    0
 L-DC01          26d.23h:39m:53s    9 /   9  100  (8446) The replication opera
tion failed to allocate memory.
 M-DC01                  06m:43s    0 /  27    0
 N-DC01                  08m:12s    0 /   9    0
 ROOT02                  17m:41s    0 /  23    0
 P-DC01                  36m:16s    0 /  18    0
 Q-DC03                  16m:58s    0 /  23    0


Destination DSA     largest delta    fails/total %%   error
 A-DC01                  13m:47s    0 /  16    0
 A-DC02                  12m:12s    0 /  18    0
 B-DC01                  27m:36s    0 /  27    0
 B-DC02                  34m:56s    0 /  27    0
 B-DC03                  25m:50s    0 /  32    0
 B-DC05                  38m:00s    0 /  25    0
 B-DC06                  05m:58s    0 /   9    0
 B-DC08                  25m:27s    0 /  34    0
 B-DC10                  27m:38s    0 /  27    0
 B-DC11                  01m:23s    0 /   9    0
 B-DC12                  02m:49s    0 /   9    0
 B-DC13                  30m:30s    0 /  36    0
 C-DC30                  02m:04s    0 /  39    0
 D-DC01                  06m:06s    0 /  10    0
 D-DC02                  08m:18s    0 /  14    0
 E-DC02                  10m:38s    0 /   9    0
 R-DC01                  13m:21s    0 /   9    0
 S-DC01                  07m:19s    0 /   5    0
 ROOT01                  27m:38s    0 /  23    0
 F-DC11                  22m:44s    0 /  25    0
 F-DC12                  23m:03s    0 /  25    0
 F-DC13                  35m:41s    0 /  39    0
 F-DC15                  09m:02s    0 /   9    0
 F-DC16                  25m:14s    0 /  50    0
 ROOT03                  21m:52s    0 /  32    0
 G-DC09                  19m:24s    0 /  23    0
 S-DC01                  10m:42s    0 /   9    0
 T-DC01                  06m:46s    0 /   9    0
 U-DC01                  07m:41s    0 /   9    0
 H-DC01          26d.23h:40m:06s    9 /  43   20  (8446) The replication opera
tion failed to allocate memory.
 H-DC02                  17m:53s    0 /  41    0
 H-DC03                  18m:01s    0 /  43    0
 H-DC04                  23m:58s    0 /  30    0
 J-DC01                  19m:44s    0 /  23    0
 K-DC01                  11m:38s    0 /   9    0
 V-DC01                     :54s    0 /   9    0
 W-DC02                  05m:18s    0 /   9    0
 X-DC01                  06m:09s    0 /   9    0
 Y-DC02                  12m:44s    0 /   9    0
 M-DC01                  09m:58s    0 /  18    0
 N-DC01                  06m:59s    0 /   9    0
 Z-DC01                  14m:36s    0 /   9    0
 ROOT02                  18m:07s    0 /  23    0
 P-DC01                  06m:45s    0 /  18    0
 AA-DC01                 11m:23s    0 /  27    0
 Q-DC03                  18m:59s    0 /  23    0
 AB-DC02                 09m:55s    0 /   9    0
 AC-DC01                 39m:26s    0 /  27    0


Experienced the following operational errors trying to retrieve replication info
rmation:
          58 - B-DC04.APAC.domain.dom
          58 - AD-DC04.emea.domain.dom
          58 - AE-DC01.NA.domain.dom
          58 - AF-DC02.NA.domain.dom
          58 - L-DC01.NA.domain.dom

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 10:02am

Hi,

L-DC01          26d.23h:39m:53s    9 /   9  100  (8446) The replication operation failed to allocate memory.

H-DC01          26d.23h:40m:06s    9 /  43   20  (8446) The replication operation failed to allocate memory.

From above It seems L-DC01 is down since last 26 days.

          58 - B-DC04.APAC.domain.dom
          58 - AD-DC04.emea.domain.dom
          58 - AE-DC01.NA.domain.dom
          58 - AF-DC02.NA.domain.dom
          58 - L-DC01.NA.domain.dom

for above Check the DNS and Firewall etc. is configured correctly. 

May 14th, 2015 10:10am

Thanks Purvesh,

I'm aware that some DC's are down, I have a lot to fix!

Does that account for the DNS 'issue' I discussed with the 40+ DC's that are up and working?

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 10:21am

Hi,

can you provide the following command output.

dcdiag /v /c /d /e /s:FQDN

Also possible verify the DNS settings and subnets & Site configuration.

May 14th, 2015 10:26am

For me, it seems there are connectivity problems between the DCs so assure that no firewall is blocking ports http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

Also, You have to check your security software like antivirus or any other tools, its not blocking the communication b/w the DC's.

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 12:39pm

Devaraj, I suspected that too, so I used the PortQry tool to check that.  When I attempted to connect to a DC that I have an issue with using the either the IP address or FQDN I had no issues.  Using the name only, it couldn't resolve the name.  We don't have any internal network firewalls, or ACL between VLAN (so I'm told).  I will check the AV software, but I need to raise a change to do that.

thanks


  • Edited by idarryl Thursday, May 14, 2015 12:59 PM typo
May 14th, 2015 12:59pm

Hi,

make sure you have check the port for following.

portqry -n X.X.X.X -e 3269 -p both

portqry -n X.X.X.X -e 3268 -p both

portqry -n X.X.X.X -e 389 -p both

portqry -n X.X.X.X -e 53 -p both

portqry -n X.X.X.X -e 123 -p both

portqry -n X.X.X.X -e 135 -p both

portqry -n X.X.X.X -e 137 -p both

portqry -n X.X.X.X -e 88 -p both

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 1:11pm

I had check all of those except 123.  This is the FQDN output, followed by the dombios (single name) output:
The checks though FQDN seem to all pass for me, except 137, which i would expect, as it's not on the same subnet

PS that dcdiag /v /c /d /e /s:FQDN that you asked for is still running

=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 135 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 135 (epmap service): LISTENING
Using ephemeral source port
Querying Endpoint Mapper Database...
Server's response:
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49152]
UUID: 367abb81-9844-35f1-ad32-98f038001003 
ncacn_ip_tcp:A-DC01.uk.domain.dom[57795]
UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49353]
UUID: 3d267954-eeb7-11d1-b94e-00c04fa3080d 
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\HydraLsPipe]
UUID: 3d267954-eeb7-11d1-b94e-00c04fa3080d 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49192]
UUID: 12d4b7c8-77d5-11d1-8c24-00c04fa3080d 
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\HydraLsPipe]
UUID: 12d4b7c8-77d5-11d1-8c24-00c04fa3080d 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49192]
UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
ncacn_ip_tcp:A-DC01.uk.domain.dom[49180]
UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
ncacn_ip_tcp:A-DC01.uk.domain.dom[49180]
UUID: a00c021c-2be2-11d2-b678-0000f87a8f8e PERFMON SERVICE
ncacn_ip_tcp:A-DC01.uk.domain.dom[49180]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: 12345778-1234-abcd-ef00-0123456789ab 
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: 12345778-1234-abcd-ef00-0123456789ab 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: 12345778-1234-abcd-ef00-0123456789ab 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: 12345778-1234-abcd-ef00-0123456789ab 
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: 12345778-1234-abcd-ef00-0123456789ac 
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: 12345778-1234-abcd-ef00-0123456789ac 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: 12345778-1234-abcd-ef00-0123456789ac 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: 12345778-1234-abcd-ef00-0123456789ac 
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: 12345778-1234-abcd-ef00-0123456789ac 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49159]
UUID: 12345678-1234-abcd-ef00-01234567cffb 
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: 12345678-1234-abcd-ef00-01234567cffb 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: 12345678-1234-abcd-ef00-01234567cffb 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: 12345678-1234-abcd-ef00-01234567cffb 
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: 12345678-1234-abcd-ef00-01234567cffb 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49159]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\lsass]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\protected_storage]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_ip_tcp:A-DC01.uk.domain.dom[49155]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_http:A-DC01.uk.domain.dom[49158]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_ip_tcp:A-DC01.uk.domain.dom[49159]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\efsrpc]
UUID: 3473dd4d-2e88-4006-9cba-22570909dd10 WinHttp Auto-Proxy Service
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\W32TIME_ALT]
UUID: 1ff70682-0a51-30e8-076d-740be8cee98b 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 86d35949-83c9-4044-b424-db363231fd0c 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 86d35949-83c9-4044-b424-db363231fd0c 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: 7d814569-35b3-4850-bb32-83035fcebf6e IAS RPC server
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 7d814569-35b3-4850-bb32-83035fcebf6e IAS RPC server
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 7d814569-35b3-4850-bb32-83035fcebf6e IAS RPC server
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\atsvc]
UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
ncacn_ip_tcp:A-DC01.uk.domain.dom[49154]
UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\srvsvc]
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\eventlog]
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
ncacn_ip_tcp:A-DC01.uk.domain.dom[49153]
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\eventlog]
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
ncacn_ip_tcp:A-DC01.uk.domain.dom[49153]
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\eventlog]
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
ncacn_ip_tcp:A-DC01.uk.domain.dom[49153]
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
ncacn_np:A-DC01.uk.domain.dom[\\pipe\\eventlog]
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
ncacn_ip_tcp:A-DC01.uk.domain.dom[49153]
UUID: 76f226c3-ec14-4325-8a99-6a46348418af 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\InitShutdown]
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
ncacn_np:A-DC01.uk.domain.dom[\\PIPE\\InitShutdown]
Total endpoints found: 79
==== End of RPC Endpoint Mapper query response ====
portqry.exe -n A-DC01.uk.domain.dom -e 135 -p TCP exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 389 -p BOTH ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 389 (ldap service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 389...
LDAP query response:
currentdate: 05/14/2015 13:16:38 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=dom
dsServiceName: CN=NTDS Settings,CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
namingContexts: CN=Configuration,DC=domain,DC=dom
defaultNamingContext: DC=UK,DC=domain,DC=dom
schemaNamingContext: CN=Schema,CN=Configuration,DC=domain,DC=dom
configurationNamingContext: CN=Configuration,DC=domain,DC=dom
rootDomainNamingContext: DC=domain,DC=dom
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 343266713
supportedSASLMechanisms: GSSAPI
dnsHostName: A-DC01.UK.domain.dom
ldapServiceName: domain.dom:A-DC01$@UK.domain.dom
serverName: CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 4
forestFunctionality: 2
domainControllerFunctionality: 4
======== End of LDAP query response ========
UDP port 389 (unknown service): LISTENING or FILTERED
Using ephemeral source port
Sending LDAP query to UDP port 389...
LDAP query response:
currentdate: 05/14/2015 13:16:42 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=dom
dsServiceName: CN=NTDS Settings,CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
namingContexts: CN=Configuration,DC=domain,DC=dom
defaultNamingContext: DC=UK,DC=domain,DC=dom
schemaNamingContext: CN=Schema,CN=Configuration,DC=domain,DC=dom
configurationNamingContext: CN=Configuration,DC=domain,DC=dom
rootDomainNamingContext: DC=domain,DC=dom
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 343266723
supportedSASLMechanisms: GSSAPI
dnsHostName: A-DC01.UK.domain.dom
ldapServiceName: domain.dom:A-DC01$@UK.domain.dom
serverName: CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 4
forestFunctionality: 2
domainControllerFunctionality: 4
======== End of LDAP query response ========
UDP port 389 is LISTENING
portqry.exe -n A-DC01.uk.domain.dom -e 389 -p BOTH exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 636 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 636 (ldaps service): LISTENING
portqry.exe -n A-DC01.uk.domain.dom -e 636 -p TCP exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 3268 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 3268 (msft-gc service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 3268...
LDAP query response:
currentdate: 05/14/2015 13:16:43 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=dom
dsServiceName: CN=NTDS Settings,CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
namingContexts: CN=Configuration,DC=domain,DC=dom
defaultNamingContext: DC=UK,DC=domain,DC=dom
schemaNamingContext: CN=Schema,CN=Configuration,DC=domain,DC=dom
configurationNamingContext: CN=Configuration,DC=domain,DC=dom
rootDomainNamingContext: DC=domain,DC=dom
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 343266723
supportedSASLMechanisms: GSSAPI
dnsHostName: A-DC01.UK.domain.dom
ldapServiceName: domain.dom:A-DC01$@UK.domain.dom
serverName: CN=A-DC01,CN=Servers,CN=UK-London,CN=Sites,CN=Configuration,DC=domain,DC=dom
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 4
forestFunctionality: 2
domainControllerFunctionality: 4
======== End of LDAP query response ========
portqry.exe -n A-DC01.uk.domain.dom -e 3268 -p TCP exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 3269 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 3269 (msft-gc-ssl service): LISTENING
portqry.exe -n A-DC01.uk.domain.dom -e 3269 -p TCP exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 53 -p BOTH ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 53 (domain service): LISTENING
UDP port 53 (domain service): LISTENING
portqry.exe -n A-DC01.uk.domain.dom -e 53 -p BOTH exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 88 -p BOTH ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 88 (kerberos service): LISTENING
UDP port 88 (kerberos service): LISTENING or FILTERED
portqry.exe -n A-DC01.uk.domain.dom -e 88 -p BOTH exits with return code 0x00000002.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 445 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 445 (microsoft-ds service): LISTENING
portqry.exe -n A-DC01.uk.domain.dom -e 445 -p TCP exits with return code 0x00000000.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 137 -p UDP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
UDP port 137 (dombios-ns service): LISTENING or FILTERED
Using ephemeral source port
Attempting domBIOS adapter status query to UDP port 137...
domBIOS name for 10.11.4.10 not found (timeout)
Adapter status query failed.
UDP port: FILTERED
portqry.exe -n A-DC01.uk.domain.dom -e 137 -p UDP exits with return code 0x00000001.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 138 -p UDP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
UDP port 138 (dombios-dgm service): LISTENING or FILTERED
portqry.exe -n A-DC01.uk.domain.dom -e 138 -p UDP exits with return code 0x00000002.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 139 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 139 (dombios-ssn service): FILTERED
portqry.exe -n A-DC01.uk.domain.dom -e 139 -p TCP exits with return code 0x00000002.
=============================================
 Starting portqry.exe -n A-DC01.uk.domain.dom -e 42 -p TCP ...
Querying target system called:
 A-DC01.uk.domain.dom
Attempting to resolve name to IP address...
Name resolved to 10.11.4.10
querying...
TCP port 42 (nameserver service): FILTERED
portqry.exe -n A-DC01.uk.domain.dom -e 42 -p TCP exits with return code 0x00000002.

------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------

=============================================
 Starting portqry.exe -n A-DC01 -e 135 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 135 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 389 -p BOTH ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 389 -p BOTH exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 636 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 636 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 3268 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 3268 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 3269 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 3269 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 53 -p BOTH ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 53 -p BOTH exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 88 -p BOTH ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 88 -p BOTH exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 445 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 445 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 137 -p UDP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 137 -p UDP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 138 -p UDP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 138 -p UDP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 139 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 139 -p TCP exits with return code 0x00000063.
=============================================
 Starting portqry.exe -n A-DC01 -e 42 -p TCP ...
Querying target system called:
 A-DC01
Attempting to resolve name to IP address...
Failed to resolve name to IP address
portqry.exe -n A-DC01 -e 42 -p TCP exits with return code 0x00000063.

May 14th, 2015 1:39pm

Hi,

By any chance do you have AV :Symantec :SEP v11.0.6005.562 installed on DC's?

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 1:44pm

From above PortQuey output everything is LISTENING. DCDIAG output will give more details.
May 14th, 2015 1:49pm

Purvesh, thank you for all your help so far, I really, really appreciate it.

Unfortunately not on the AV front.  We use McAfee VirusScan Enterprise 8.8 on both the target and source server that I'm using for diagnoses.  I can turn it off on both servers the second the DCDIAG you asked for finishs, I didn't want to do it before hand for fear of changing the results.

Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 1:54pm

Ok. Send the DCDIAG report here.
May 14th, 2015 1:57pm

I advise you to turn off the security software on DCs post your change approval and share the results.
Free Windows Admin Tool Kit Click here and download it now
May 14th, 2015 1:58pm

Hello,

please do NOT post complete output here, this make the thread unreadable.

Please UPLOAD the following files for starting:

ipconfig /all >c:\ipconfig.log [from each DC/DNS Server]
dcdiag /v /c /d /e /s:dcname >c:\dcdiag.log
repadmin /showrepl dc* /verbose /all /intersite >c:\repl.log  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)
ADREPLSTATUS http://www.microsoft.com/en-us/download/details.aspx?id=30005 can also be exported to file.

As the output will become large, DON'T post them into the thread, please use Windows OneDrive (https://onedrive.live.com) [with open access!] and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.

May 14th, 2015 6:43pm

Hi idarryl,

From the current information it seems it is caused by blocked ports, please refer the following KB to confirm your firewall settings is correct.

The related KB:

How to configure a firewall for domains and trusts

http://support.microsoft.com/default.aspx?scid=kb;EN-US;179442

All the below error may also occur when your issue appered, please refer the following KB to fix them first.

Troubleshooting AD Replication error 8446: The replication operation failed to allocate memory

https://support.microsoft.com/en-us/kb/2693500

Event ID 1699 Replication Change List Creation

https://technet.microsoft.com/en-us/library/cc733224(v=ws.10).aspx

Event ID 1699 is logged many times and fills the Directory Service event log of a Windows Server 2008-based writable domain controller

https://support.microsoft.com/en-us/kb/953392

Im glad to be of help to you!

Free Windows Admin Tool Kit Click here and download it now
May 18th, 2015 2:29am

Hi,

Any updates on above?

May 18th, 2015 3:43am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics