I have 2 Dcs (2012R2), both with two network cards, and pointing at each other as the preferred DNS on the network adapter.
However experience the following issue:
If I try to access the domain so \\ contoso.local can not therefore say that this is not available on any of the workstations as well as on the member servers, such as fileservers.
With this I can not ride the namespace for my file servers to do by replicating a namspace.
Could anyone help me?
Hi Ifernando,
>>I have 2 Dcs (2012R2), both with two network cards
Multihomed DC is not recommended. It would cause various issues.
Here are some references:
Active Directory communication fails on multihomed domain controllers:
https://support.microsoft.com/en-us/kb/272294
Symptoms of multihomed browsers:
https://support.microsoft.com/en-us/kb/191611
Have you tried to use IP address to connect and is it successful?
Best Regards,
Leo
Hi
I have 2 Dcs (2012R2), both with two network cards>>> That's not the correct configuration.You should not use 2 Nic on Domain Controller,
First remove the second nic,just leave 1 nic.And configure the dns for this nic.
- run "ipconfig /flushdns" then "ipconfig /registerdns" finaly check on dns correct records needs to create.
hi lfernando34,
PLease share the result of the commands listed below
repadmin /replsum /errorsonly
repadmin /showrepl
dcdiag
Thanks
Eric
Hi,
Please share the output of following commands.
IPCONFIG /All
repadmin /replsum /errorsonly
repadmin /showrepl
DCDIAG /v /c /d /e /s:contoso.com
I was using nic team in domain controllers, but just undo this setting.
Now the domain controllers only station with a network card
But I'm still the same problems
Command line: "dcdiag.exe
Diagn stico of the Directory Server
Performing initial setup: * Connecting to the directories service in cartorio.local server.
cartorio.local.currentTime = 20150901123210.0Z cartorio.local.highestaCommittedUSN = 2021068
cartorio.local.isSynchronized cartorio.local.isGlobalCatalogReady = 1 = 1 * ForestA AD identified.
Collecting overall specific data AD
* Collecting information from the site. Calling ldap_search_init_page
(hld,CN=Sites,CN=Configuration,DC=cartorio,DC=local,LDAP_SCOPE_SUBTREE,
(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at object site basis: CN = NTDS Site Settings, CN = Sorocaba, CN = Sites, CN = Configuration,
DC = office, DC = local
Getting ISTG and options for the site
Identifying all servers. Calling ldap_search_init_page
(hld,CN=Sites,CN=Configuration,DC=cartorio,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded ....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN
= Sites, CN = Configuration, DC = office, DC = local
Obtained objectGuid
Obtained InvocationID
Obtained dNSHostName
Obtained site info
All the info for the server collected
Getting information for the server CN = NTDS Settings, CN = SRVDC02, CN = Servers, CN = Sorocaba, CN
= Sites, CN = Configuration, DC = office, DC = local
Obtained objectGuid
Obtained InvocationID
Obtained dNSHostName
Obtained site info
All the info for the server collected
SRVDC01.currentTime = 20150901123210.0Z SRVDC01.highestaCommittedUSN = 2021068 SRVDC01.isSynchronized
SRVDC01.isGlobalCatalogReady = 1 = 1 * Identifying all cross-references NC. SRVDC02.currentTime =
20150901123210.0Z SRVDC02.highestaCommittedUSN = 1279749 SRVDC02.isSynchronized
SRVDC02.isGlobalCatalogReady = 1 = 1 * 2 DC (s) located (s). Testaando 2 of them. Collecting completed
initial information.
Printing October pDsInfo
GLOBAL:
ulNumServers = 2
pszRootDomain = cartorio.local
pszNC =
pszRootDomainFQDN = DC = office, DC = local
pszConfigNc = CN = Configuration, DC = office, DC = local
pszPartitionsDn = CN = Partitions, CN = Configuration, DC = office, DC = local
Fadama = 0
iSiteOptions = 0
dwTombstoneLifeTimeDays = 180
dwForestaBehaviorVersion = 6
HomeServer = 0, SRVDC01
SERVER: pserver [0] = .pszName SRVDC01
PSERVER [0] .pszGuidDNSName (binding str) = f8fee521-f567-4845-ac67-e6a680be7d66._msdcs.cartorio.local
PSERVER [0] = .pszDNSName SRVDC01.cartorio.local
PSERVER [0] = .pszLdapPort (null)
PSERVER [0] = .pszSslPort (null)
PSERVER [0] .pszDn = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
PSERVER [0] = CN = SRVDC01 .pszComputerAccountDn, OU = Domain Controllers, DC = office, DC = local
PSERVER [0] = .uuidObjectGuid f8fee521-f567-4845-ac67-e6a680be7d66
PSERVER [0] = .uuidInvocationId 23a851a0-eb6f-4b51-BA6A-9417ba922efb
PSERVER [0] = 0 .iSite (Sorocaba)
PSERVER [0] = 1 .iOptions
PSERVER [0] = .ftLocalAcquireTime 3911e4d0 01d0e4b2
PSERVER [0] = .ftRemoteConnectTime 38ae4100 01d0e4b2
PSERVER [0] .ppszMaster / FullReplicaNCs:
ppszMaster / FullReplicaNCs [0] = DC = DomainDnsZones, DC = office, DC = local
ppszMaster / FullReplicaNCs [1] = DC = ForestaDnsZones, DC = office, DC = local
ppszMaster / FullReplicaNCs [2] = CN = Schema, CN = Configuration, DC = office, DC = local
ppszMaster / FullReplicaNCs [3] = CN = Configuration, DC = office, DC = local
ppszMaster / FullReplicaNCs [4] = = DC office, DC = local
SERVER: pserver [1] = .pszName SRVDC02
PSERVER [1] .pszGuidDNSName (binding str) = f0637c9d-2196-470c-a691-290fde6508b6._msdcs.cartorio.local
PSERVER [1] = .pszDNSName SRVDC02.cartorio.local
PSERVER [1] .pszLdapPort = (null)
PSERVER [1] .pszSslPort = (null)
PSERVER [1] .pszDn = CN = NTDS Settings, CN = SRVDC02, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
PSERVER [1] .pszComputerAccountDn = CN = SRVDC02, OU = Domain Controllers, DC = office, DC = local
PSERVER [1] = .uuidObjectGuid f0637c9d-2196-470c-a691-290fde6508b6
PSERVER [1] = .uuidInvocationId d8fe05c5-e79d-434C-9e74-9d31767ffe9d
PSERVER [1] .iSite = 0 (Sorocaba)
PSERVER [1] = 1 .iOptions
PSERVER [1] = .ftLocalAcquireTime 39142ec0 01d0e4b2
PSERVER [1] = .ftRemoteConnectTime 38ae4100 01d0e4b2
PSERVER [1] .ppszMaster / FullReplicaNCs:
ppszMaster / FullReplicaNCs [0] = DC = DomainDnsZones, DC = office, DC = local
ppszMaster / FullReplicaNCs [1] = DC = ForestaDnsZones, DC = office, DC = local
ppszMaster / FullReplicaNCs [2] = CN = Schema, CN = Configuration, DC = office, DC = local
ppszMaster / FullReplicaNCs [3] = CN = Configuration, DC = office, DC = local
ppszMaster / FullReplicaNCs [4] = = DC office, DC = local
SITES: pSites [0] = .pszName Sorocaba
pSites [0] .pszSiteSettings = CN = NTDS Site Settings, CN = Sorocaba, CN = Sites, CN = Configuration, DC
= office, DC = local
pSites [0] .pszISTG = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
pSites [0] = 0 .iSiteOption
pSites [0] = 2 .cServers
NC: NCPs [0] = DomainDnsZones .pszName
NACP [0] = DC = DomainDnsZones .pszDn, DC = office, DC = local
NACP [0] .aCrInfo [0] = 0x00000201 .dwFlags
pNCs[0].aCrInfo[0].pszDn=CN=196aae76-6bc2-4351-81f9-
f74df2aff75a,CN=Partitions,CN=Configuration,DC=cartorio,DC=local
NACP [0] .aCrInfo [0] = DomainDnsZones.cartorio.local .pszDnsRoot
NACP [0] .aCrInfo [0] = 0 .iSourceServer
NACP [0] .aCrInfo [0] = .pszSourceServer (null)
NACP [0] .aCrInfo [0] = 0x00000005 .ulSystemFlags
NACP [0] .aCrInfo [0] = TRUE .bEnabled
NACP [0] .aCrInfo [0] = .ftWhenCreated 00000000 00000000 NACP [0] .aCrInfo [0] = .pszSDReferenceDomain
(null)
NACP [0] .aCrInfo [0] = .pszNetBiosName (null)
NACP [0] .aCrInfo [0] = -1 .cReplicas
NACP [0] .aCrInfo [0] = .aszReplicas
NC: NCPs [1] = .pszName ForestaDnsZones
NACP [1] .pszDn = DC = ForestaDnsZones, DC = office, DC = local
NACP [1] .aCrInfo [0] = 0x00000201 .dwFlags
pNCs[1].aCrInfo[0].pszDn=CN=d42ab36f-940c-4b8b-a377-
62827506f15e,CN=Partitions,CN=Configuration,DC=cartorio,DC=local
NACP [1] .aCrInfo [0] = ForestaDnsZones.cartorio.local .pszDnsRoot
NACP [1] .aCrInfo [0] = 0 .iSourceServer
NACP [1] .aCrInfo [0] = .pszSourceServer (null)
NACP [1] .aCrInfo [0] = 0x00000005 .ulSystemFlags
NACP [1] .aCrInfo [0] = TRUE .bEnabled
NACP [1] .aCrInfo [0] = .ftWhenCreated 00000000 00000000 NACP [1] .aCrInfo [0] = .pszSDReferenceDomain
(null)
NACP [1] .aCrInfo [0] = .pszNetBiosName (null)
NACP [1] .aCrInfo [0] = -1 .cReplicas
NACP [1] .aCrInfo [0] = .aszReplicas
NC: NCPs [2] .pszName = Schema
NACP [2] .pszDn = CN = Schema, CN = Configuration, DC = office, DC = local
NACP [2] .aCrInfo [0] = 0x00000201 .dwFlags
NACP [2] .aCrInfo [0] = .pszDn CN = Enterprise Schema, CN = Partitions, CN = Configuration, DC = office,
DC = local
NACP [2] .aCrInfo [0] = cartorio.local .pszDnsRoot
NACP [2] .aCrInfo [0] = 0 .iSourceServer
NACP [2] .aCrInfo [0] = .pszSourceServer (null)
NACP [2] .aCrInfo [0] = 0x00000001 .ulSystemFlags
NACP [2] .aCrInfo [0] = TRUE .bEnabled
NACP [2] .aCrInfo [0] = .ftWhenCreated 00000000 00000000 NACP [2] .aCrInfo [0] = .pszSDReferenceDomain
(null)
NACP [2] .aCrInfo [0] = .pszNetBiosName (null)
NACP [2] .aCrInfo [0] = -1 .cReplicas
NACP [2] .aCrInfo [0] = .aszReplicas
NC: NCPs [3] = Configuration .pszName
NACP [3] .pszDn = CN = Configuration, DC = office, DC = local
NACP [3] .aCrInfo [0] = 0x00000201 .dwFlags
NACP [3] .aCrInfo [0] = .pszDn CN = Enterprise Configuration, CN = Partitions, CN = Configuration, DC =
office, DC = local
NACP [3] .aCrInfo [0] = cartorio.local .pszDnsRoot
NACP [3] .aCrInfo [0] = 0 .iSourceServer
NACP [3] .aCrInfo [0] = .pszSourceServer (null)
NACP [3] .aCrInfo [0] = 0x00000001 .ulSystemFlags
NACP [3] .aCrInfo [0] = TRUE .bEnabled
NACP [3] .aCrInfo [0] = .ftWhenCreated 00000000 00000000 NACP [3] .aCrInfo [0] = .pszSDReferenceDomain
(null)
NACP [3] .aCrInfo [0] = .pszNetBiosName (null)
NACP [3] .aCrInfo [0] = -1 .cReplicas
NACP [3] .aCrInfo [0] = .aszReplicas
NC: NCPs [4] = .pszName Cartorio
NACP [4] = DC = .pszDn office, DC = local
NACP [4] .aCrInfo [0] = 0x00000201 .dwFlags
NACP [4] .aCrInfo [0] = CN = .pszDn office, CN = Partitions, CN = Configuration, DC = office, DC = local
NACP [4] .aCrInfo [0] = cartorio.local .pszDnsRoot
NACP [4] .aCrInfo [0] = 0 .iSourceServer
NACP [4] .aCrInfo [0] = .pszSourceServer (null)
NACP [4] .aCrInfo [0] = 0x00000003 .ulSystemFlags
NACP [4] .aCrInfo [0] = TRUE .bEnabled
NACP [4] .aCrInfo [0] = .ftWhenCreated 00000000 00000000 NACP [4] .aCrInfo [0] = .pszSDReferenceDomain
(null)
NACP [4] .aCrInfo [0] = .pszNetBiosName (null)
NACP [4] .aCrInfo [0] = -1 .cReplicas
NACP [4] .aCrInfo [0] = .aszReplicas
5 NC TARGETS: DomainDnsZones, ForestaDnsZones, Schema, Configuration, office,
2 TARGETS: SRVDC01, SRVDC02,
============================================= Done Printing pDsInfo
Performing initial tests necessary
Testaando the server: Sorocaba \ SRVDC01 Starting test: Connectivity * Active Directory LDAP Services
Check
Determining IP4 connectivity
Failure Analysis: SRVDC01 ... OK.
* Active Directory RPC Services Check
......................... SRVDC01 passed the test Connectivity
Testaando the server: Sorocaba \ SRVDC02 Starting test: Connectivity * Active Directory LDAP Services
Check
Determining IP4 connectivity
Failure Analysis: SRVDC02 ... OK.
* Active Directory RPC Services Check
......................... SRVDC02 passed the test ConnectivityExecutando the main tests
Testaando the server: Sorocaba \ SRVDC01 Starting test: Advertising The DC SRVDC01 is advertising
itself as a DC and having a DS.
The DC SRVDC01 advertising is an LDAP server
The DC SRVDC01 is the advertising having a writeable directory
The DC SRVDC01 is advertising as a Key Distribution Center
The DC SRVDC01 is advertising as a time server
The DS SRVDC01 is advertising the GC.
......................... SRVDC01 passed the test Advertising Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC SRVDC01 for domain cartorio.local site in Sorocaba
Checking machine account for DC SRVDC01 on DC SRVDC01.
* SPN found: LDAP / SRVDC01.cartorio.local / cartorio.local
* SPN found: LDAP / SRVDC01.cartorio.local
* SPN found: LDAP / SRVDC01
* SPN found: LDAP / SRVDC01.cartorio.local / notary
* SPN found: LDAP / f8fee521-f567-4845-ac67-e6a680be7d66._msdcs.cartorio.local
* SPN found: E3514235-4B06-11D1-AB04-00C04FC2DCD2 / f8fee521-f567-4845-ac67-e6a680be7d66 /
cartorio.local
* SPN found: HOST / SRVDC01.cartorio.local / cartorio.local
* SPN found: HOST / SRVDC01.cartorio.local
* SPN found: HOST / SRVDC01
* SPN found: HOST / SRVDC01.cartorio.local / notary
* SPN found: GC / SRVDC01.cartorio.local / cartorio.local
[SRVDC01] No Replication relative error ... safety was located nestae domain controller! For
direct connection to a specific source domain controller use / replsource: <domain controller>.
......................... SRVDC01 passed the test CheckSecurityError Starting test: Topology
Configuration CutoffServers * Check Aliveness
* Analyzing the system alive replication topology for DC = DomainDnsZones, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for DC = ForestaDnsZones, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for CN = Schema, CN = Configuration, DC =
office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for CN = Configuration, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
......................... SRVDC01 passed the test CutoffServers Starting test: frsevent * Test
Event Log File Replication Service
Ignore the test, because the server is running DFRS. ......................... SRVDC01 passed
the test frsevent Starting test: DFSREvent The DFS Replication Event Log.
There are warning events or error in last 24 hours after the SYSVOL share. SYSVOL replication
problems may cause Group Policy problems.
Error event. EventID: 0xC000138A generated Time: 08/31/2015 21:15:12 Event String: The DFS
Replication service encountered an error when communicating with the SRVDC02 partner for replication
group Domain System Volume. Partner DNS address: SRVDC02.cartorio.local Optional data if available:
Partner WINS Address: SRVDC02 partner's IP address: 192.168.0.2 The Service will make another attempt to
estaabelecer the connection periodically. Additional Information: Error: 1753 (The mapper endpoints not
have more points available end.) Connection ID: 090F14CE-8A52-4378-AC98-C700A27C507A Identification
Replication Group: 15CBF179-7EC3-42DC-B3CF-47AE0C5070FA ......................... SRVDC01 not passed the
test DFSREvent Starting test: SysVolCheck * The SYSVOL test ready File Replication Service
The SYSVOL File Replication Service is ready
......................... SRVDC01 passed the test SysVolCheck Starting test: frssysvol * The
SYSVOL test ready File Replication Service
The SYSVOL File Replication Service is ready
......................... SRVDC01 passed the test frssysvol Starting test: kccevent * The KCC
Event log tests
Found in KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... SRVDC01 passed the test kccevent Starting test: KnowsOfRoleHolders
Role Schema Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers , CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
Role Domain Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites,
CN = Configuration, DC = office, DC = local
Role PDC Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN
= Configuration, DC = office, DC = local
Role Rid Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN
= Configuration, DC = office, DC = local
Role Infrastructure Update Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN =
Sorocaba, CN = Sites, CN = Configuration, DC = office, DC = local
......................... SRVDC01 passed the test KnowsOfRoleHolders Starting test:
MachineAccount Checking machine account for DC SRVDC01 on DC SRVDC01.
* SPN found: LDAP / SRVDC01.cartorio.local / cartorio.local
* SPN found: LDAP / SRVDC01.cartorio.local
* SPN found: LDAP / SRVDC01
* SPN found: LDAP / SRVDC01.cartorio.local / notary
* SPN found: LDAP / f8fee521-f567-4845-ac67-e6a680be7d66._msdcs.cartorio.local
* SPN found: E3514235-4B06-11D1-AB04-00C04FC2DCD2 / f8fee521-f567-4845-ac67-e6a680be7d66 /
cartorio.local
* SPN found: HOST / SRVDC01.cartorio.local / cartorio.local
* SPN found: HOST / SRVDC01.cartorio.local
* SPN found: HOST / SRVDC01
* SPN found: HOST / SRVDC01.cartorio.local / notary
* SPN found: GC / SRVDC01.cartorio.local / cartorio.local
......................... SRVDC01 passed the test MachineAccount Starting test: NCSecDesc *
Security Permissions Check for all NC's on DC SRVDC01.
* Verification of security permissions for DomainDnsZones DC =, DC = office, DC = local
(NDNC, Version 3)
* Verification of security permissions for ForestaDnsZones DC =, DC = office, DC = local
(NDNC, Version 3)
* Verification of security permissions for CN = Schema, CN = Configuration, DC = office, DC =
local
(Schema, Version 3)
* Verification of security permissions for CN = Configuration, DC = office, DC = local
(Configuration, Version 3)
* Verification of security permissions for DC = office, DC = local
(Domain, Version 3)
......................... SRVDC01 passed the test NCSecDesc Starting test: NetLogons * Network
Logons Privileges Check
Verified share \\ SRVDC01 \ netlogon
Verified share \\ SRVDC01 \ sysvol
......................... SRVDC01 passed the test NetLogons Starting test: ObjectsReplicated
SRVDC01 is in domain DC = office, DC = local
Checking for CN = SRVDC01, OU = Domain Controllers, DC = office, DC = local DC = domain in
office, DC = local on 2 servers
Object is up-to-date on all servers.
Checking for CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local in domain CN = Configuration, DC = office, DC = local on 2
servers
Object is up-to-date on all servers.
......................... SRVDC01 passed the test ObjectsReplicated Starting test:
OutboundSecureChannels * The Outbound Secure Channels tests
** The Saida security channel test was not performed because / testadomain: was not inserted
......................... SRVDC01 passed the test OutboundSecureChannels Starting test: Replications *
Replications Check
DC = DomainDnsZones, DC = office, DC = local has 5 cursors.
DC = ForestaDnsZones, DC = office, DC = local has 5 cursors.
CN = Schema, CN = Configuration, DC = office, DC = local has 5 cursors.
CN = Configuration, DC = office, DC = local has 5 cursors.
DC = office, DC = local has 5 cursors.
* Replication Latency Check
DC = DomainDnsZones, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
DC = ForestaDnsZones, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
CN = Schema, CN = Configuration, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
CN = Configuration, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
......................... SRVDC01 passed the test Replications Starting test: RidManager
ridManagerReference = CN = RID Manager $, CN = System, DC = office, DC = local
* Available RID Pool for the Domain is 4100 to 1073741823
fSMORoleOwner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
* SRVDC01.cartorio.local is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN = RID Set, CN = SRVDC01, OU = Domain Controllers, DC = office, DC = local
* RIDAllocationPool is 2600 to 3099
* RIDPreviousAllocationPool is 2600 to 3099
* RidNextRid: 2639
......................... SRVDC01 passed the test RidManager Starting test: Services * Checking
Service: EventSystem
EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SRVDC01 passed the test Services Starting test: systemlog * The
System Event log tests
Error event. EventID: 0x0000272C generated Time: 01/09/2015 09:31:03 Event String: The DCOM
could not communicate with the computer 200 175 182 139 using a set of protocols required by PID bec (C:
\ Windows \ system32 \ dcdiag .exe). Error event. EventID: 0x0000272C generated Time: 01/09/2015
09:31:20 Event String: The DCOM could not communicate with the computer 200.175.5.139 using a set of
protocols required by PID bec (C: \ Windows \ system32 \ dcdiag .exe). Error event. EventID: 0x0000272C
generated Time: 01/09/2015 09:31:36 Event String: The DCOM could not communicate with the computer
200.204.0.10 using one of the configured protocols required by PID bec (C: \ Windows \ system32 \ dcdiag
.exe). Error event. EventID: 0x0000272C generated Time: 01/09/2015 09:31:53 Event String: The DCOM could
not communicate with the computer 200.204.0.138 using a set of protocols required by PID bec (C: \
Windows \ system32 \ dcdiag .exe). ......................... SRVDC01 not passed the test systemlog
Starting test: Topology Configuration * Topology Integrity Check
* Analyzing the connection topology for DC = DomainDnsZones, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for DC = ForestaDnsZones, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for CN = Schema, CN = Configuration, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for CN = Configuration, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
......................... SRVDC01 passed the test Topology Starting test:
VerifyEnterpriseReferences ................ ......... SRVDC01 passed the test VerifyEnterpriseReferences
Starting test: VerifyReferences The reference system object (serverReference) CN = SRVDC01, OU = Domain
Controllers, DC = office, DC = local and regressive bond CN = SRVDC01, CN = Servers, CN = Sorocaba, CN =
Sites, CN = Configuration, DC = office, DC = local station correct.
The reference system object (serverReferenceBL) CN = SRVDC01, CN = Topology, CN = Domain System
Volume, CN = DFSR-GlobalSettings, CN = System, DC = office, DC = local and regressive bond CN = NTDS
Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN = Configuration, DC = office, DC =
local station correct.
The reference system object (msDFSR-ComputerReferenceBL) CN = SRVDC01, CN = Topology, CN =
Domain System Volume, CN = DFSR-GlobalSettings, CN = System, DC = office, DC = local and regressive bond
CN = SRVDC01 , OU = Domain Controllers, DC = office, DC = local station correct.
......................... SRVDC01 passed the test VerifyReferences Starting test:
VerifyReplicas ................ ......... SRVDC01 passed the test VerifyReplicas
Testaando the server: Sorocaba \ SRVDC02 Starting test: Advertising The DC SRVDC02 is advertising
itself as a DC and having a DS.
The DC SRVDC02 advertising is an LDAP server
The DC SRVDC02 is the advertising having a writeable directory
The DC SRVDC02 is advertising as a Key Distribution Center
The DC SRVDC02 is advertising as a time server
The DS SRVDC02 is advertising the GC.
......................... SRVDC02 passed the test Advertising Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC SRVDC01 for domain cartorio.local site in Sorocaba
Checking machine account for DC SRVDC02 on DC SRVDC01.
* SPN found: LDAP / SRVDC02.cartorio.local / cartorio.local
* SPN found: LDAP / SRVDC02.cartorio.local
* SPN found: LDAP / SRVDC02
* SPN found: LDAP / SRVDC02.cartorio.local / notary
* SPN found: LDAP / f0637c9d-2196-470c-a691-290fde6508b6._msdcs.cartorio.local
* SPN found: E3514235-4B06-11D1-AB04-00C04FC2DCD2 / f0637c9d-2196-470c-a691-290fde6508b6 /
cartorio.local
* SPN found: HOST / SRVDC02.cartorio.local / cartorio.local
* SPN found: HOST / SRVDC02.cartorio.local
* SPN found: HOST / SRVDC02
* SPN found: HOST / SRVDC02.cartorio.local / notary
* SPN found: GC / SRVDC02.cartorio.local / cartorio.local
Checking for CN = SRVDC02, OU = Domain Controllers, DC = office, DC = local DC = domain in
office, DC = local on 2 servers
Object is up-to-date on all servers.
[SRVDC02] No Replication relative error ... safety was located nestae domain controller! For
direct connection to a specific source domain controller use / replsource: <domain controller>.
......................... SRVDC02 passed the test CheckSecurityError Starting test: Topology
Configuration CutoffServers * Check Aliveness
* Analyzing the system alive replication topology for DC = DomainDnsZones, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for DC = ForestaDnsZones, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for CN = Schema, CN = Configuration, DC =
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for CN = Configuration, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the system alive replication topology for DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
......................... SRVDC02 passed the test CutoffServers Starting test: frsevent * Test
Event Log File Replication Service
Ignore the test, because the server is running DFRS. ......................... SRVDC02 passed
the test frsevent Starting test: DFSREvent The DFS Replication Event Log.
H events warning or error in last 24 hours after the SYSVOL share. SYSVOL replication problems
may cause Group Policy problems.
Error event. EventID: 0xC0001390 generated Time: 08/31/2015 21:12:59 Event String: The DFS
Replication service failed to communicate with the SRVDC01 partner for replication group Domain System
Volume. This error can occur if the host is unreachable or if the DFS Replication service is not running
on the server. Partner DNS address: SRVDC01.cartorio.local Optional data if available: Partner WINS
Address: SRVDC01 partner's IP address: 192.168.0.1 The Service will make another attempt to estaabelecer
the connection periodically. Additional Information: Error: 1722 (The RPC server is not this available.)
Connection ID: 25ABAB08-90AF-4A8A-8E15-1D0890ED48F6 Identification Replication Group: 15CBF179-7EC3-
42DC-B3CF-47AE0C5070FA occurred a warning event. EventID: 0x80001396 generated Time: 08/31/2015 23:30:26
Event String: The DFS Replication service this interrupting communication with the SRVDC01 partner for
replication group Domain System Volume due to an error. The service will make another attempt to
estaabelecer the connection periodically. Additional Information: Error: 9036 (Bus interruption for
backup or restore) Connection Identification: 25ABAB08-90AF-4A8A-8E15-1D0890ED48F6 Identification
Replication Group: 15CBF179-7EC3-42DC-B3CF-47AE0C5070FA ......... ................ SRVDC02 not passed
the test DFSREvent Starting test: SysVolCheck * The SYSVOL test ready File Replication Service
The SYSVOL File Replication Service is ready
......................... SRVDC02 passed the test SysVolCheck Starting test: frssysvol * The
SYSVOL test ready File Replication Service
The SYSVOL File Replication Service is ready
......................... SRVDC02 passed the test frssysvol Starting test: kccevent * The KCC
Event log tests
Found in KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... SRVDC02 passed the test kccevent Starting test: KnowsOfRoleHolders
Role Schema Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers , CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
Role Domain Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites,
CN = Configuration, DC = office, DC = local
Role PDC Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN
= Configuration, DC = office, DC = local
Role Rid Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN
= Configuration, DC = office, DC = local
Role Infrastructure Update Owner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN =
Sorocaba, CN = Sites, CN = Configuration, DC = office, DC = local
......................... SRVDC02 passed the test KnowsOfRoleHolders Starting test:
MachineAccount Checking machine account for DC SRVDC02 on DC SRVDC02.
* SPN found: LDAP / SRVDC02.cartorio.local / cartorio.local
* SPN found: LDAP / SRVDC02.cartorio.local
* SPN found: LDAP / SRVDC02
* SPN found: LDAP / SRVDC02.cartorio.local / notary
* SPN found: LDAP / f0637c9d-2196-470c-a691-290fde6508b6._msdcs.cartorio.local
* SPN found: E3514235-4B06-11D1-AB04-00C04FC2DCD2 / f0637c9d-2196-470c-a691-290fde6508b6 /
cartorio.local
* SPN found: HOST / SRVDC02.cartorio.local / cartorio.local
* SPN found: HOST / SRVDC02.cartorio.local
* SPN found: HOST / SRVDC02
* SPN found: HOST / SRVDC02.cartorio.local / notary
* SPN found: GC / SRVDC02.cartorio.local / cartorio.local
......................... SRVDC02 passed the test MachineAccount Starting test: NCSecDesc *
Security Permissions Check for all NC's on DC SRVDC02.
* Verification of security permissions for DomainDnsZones DC =, DC = office, DC = local
(NDNC, Version 3)
* Verification of security permissions for ForestaDnsZones DC =, DC = office, DC = local
(NDNC, Version 3)
* Verification of security permissions for CN = Schema, CN = Configuration, DC = office, DC =
local
(Schema, Version 3)
* Verification of security permissions for CN = Configuration, DC = office, DC = local
(Configuration, Version 3)
* Verification of security permissions for DC = office, DC = local
(Domain, Version 3)
......................... SRVDC02 passed the test NCSecDesc Starting test: NetLogons * Network
Logons Privileges Check
Verified share \\ SRVDC02 \ netlogon
Verified share \\ SRVDC02 \ sysvol
......................... SRVDC02 passed the test NetLogons Starting test: ObjectsReplicated
SRVDC02 is in domain DC = office, DC = local
Checking for CN = SRVDC02, OU = Domain Controllers, DC = office, DC = local DC = domain in
office, DC = local on 2 servers
Object is up-to-date on all servers.
Checking for CN = NTDS Settings, CN = SRVDC02, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local in domain CN = Configuration, DC = office, DC = local on 2
servers
Object is up-to-date on all servers.
......................... SRVDC02 passed the test ObjectsReplicated Starting test:
OutboundSecureChannels * The Outbound Secure Channels tests
** The Saida security channel test was not performed because / testadomain: was not inserted
......................... SRVDC02 passed the test OutboundSecureChannels Starting test: Replications *
Replications Check
DC = DomainDnsZones, DC = office, DC = local has 5 cursors.
DC = ForestaDnsZones, DC = office, DC = local has 5 cursors.
CN = Schema, CN = Configuration, DC = office, DC = local has 5 cursors.
CN = Configuration, DC = office, DC = local has 5 cursors.
DC = office, DC = local has 5 cursors.
* Replication Latency Check
DC = DomainDnsZones, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
DC = ForestaDnsZones, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
CN = Schema, CN = Configuration, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
CN = Configuration, DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
DC = office, DC = local
Latency information for 3 entries in the vector Were ignored.
3 Were retired Invocations. Were either 0: read-only replicas and are not verifiably
latent, or dc's no longer replicating this nc. 0 had the latency information (Win2K DC).
......................... SRVDC02 passed the test Replications Starting test: RidManager
ridManagerReference = CN = RID Manager $, CN = System, DC = office, DC = local
* Available RID Pool for the Domain is 4100 to 1073741823
fSMORoleOwner = CN = NTDS Settings, CN = SRVDC01, CN = Servers, CN = Sorocaba, CN = Sites, CN =
Configuration, DC = office, DC = local
* SRVDC01.cartorio.local is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN = RID Set, CN = SRVDC02, OU = Domain Controllers, DC = office, DC = local
* RIDAllocationPool is 3600 to 4099
* RIDPreviousAllocationPool is 3600 to 4099
* RidNextRid: 3607
......................... SRVDC02 passed the test RidManager Starting test: Services * Checking
Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SRVDC02 passed the test Services Starting test: systemlog * The
System Event log tests
Found no errors in "System" Event log in the last 60 minutes.
......................... SRVDC02 passed the test systemlog Starting test: Topology
Configuration * Topology Integrity Check
* Analyzing the connection topology for DC = DomainDnsZones, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for DC = ForestaDnsZones, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for CN = Schema, CN = Configuration, DC = office, DC =
local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for CN = Configuration, DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
* Analyzing the connection topology for DC = office, DC = local.
* Performing upstream (of target) analysis.
* Performing downstream (target of) analysis.
......................... SRVDC02 passed the test Topology Starting test:
VerifyEnterpriseReferences ................ ......... SRVDC02 passed the test VerifyEnterpriseReferences
Starting test: VerifyReferences The reference system object (serverReference) CN = SRVDC02, OU = Domain
Controllers, DC = office, DC = local and regressive bond CN = SRVDC02, CN = Servers, CN = Sorocaba, CN =
Sites, CN = Configuration, DC = office, DC = local station correct.
The reference system object (serverReferenceBL) CN = SRVDC02, CN = Topology, CN = Domain System
Volume, CN = DFSR-GlobalSettings, CN = System, DC = office, DC = local and regressive bond CN = NTDS
Settings, CN = SRVDC02, CN = Servers, CN = Sorocaba, CN = Sites, CN = Configuration, DC = office, DC =
local station correct.
The reference system object (msDFSR-ComputerReferenceBL) CN = SRVDC02, CN = Topology, CN =
Domain System Volume, CN = DFSR-GlobalSettings, CN = System, DC = office, DC = local and regressive bond
CN = SRVDC02 , OU = Domain Controllers, DC = office, DC = local station correct.
......................... SRVDC02 passed the test VerifyReferences Starting test:
VerifyReplicas ................ ......... SRVDC02 passed the test VerifyReplicas
Starting test: DNS DNS testing station running and not in suspenso. Wait a few minutes ...
Starting test: See DNS DNS tests in enterprise foreheads section for results
......................... SRVDC02 passed the test See DNS DNS tests in enterprise
foreheads section for results
......................... SRVDC01 passed the DNS test
Running partition tests on: DomainDnsZones Starting test: CheckSDRefDom .........................
DomainDnsZones passed the test CheckSDRefDom Starting test: CrossRefValidation .....
.................... DomainDnsZones passed the test CrossRefValidation
Running partition tests on: ForestaDnsZones Starting test: CheckSDRefDom .........................
ForestaDnsZones passed the test CheckSDRefDom Starting test: CrossRefValidation .....
.................... ForestaDnsZones passed the test CrossRefValidation
Running partition tests on: Schema Starting test: CheckSDRefDom ......................... Schema
passed the test CheckSDRefDom Starting test: CrossRefValidation ..... .................... Schema passed
the test CrossRefValidation
Running partition tests on: Configuration Starting test: CheckSDRefDom .........................
Configuration passed the test CheckSDRefDom Starting test: CrossRefValidation ..... Configuration
.................... passed the test CrossRefValidation
Running partition tests on: Cartorio Starting test: CheckSDRefDom ......................... Cartorio
passed the test CheckSDRefDom Starting test: CrossRefValidation ..... .................... Cartorio
passed the test CrossRefValidation
Now running tests on: cartorio.local Starting test: DNS domain controllers Test results:
Domain controller: SRVDC01.cartorio.local domain: cartorio.local
Testa: Authentication (Auth)
Authentication test: completed with success
Testa: Basic (Basc)
The OS Microsoft Windows Server 2012 R2 Datacenter (Service Pack level: 0.0)
compatible. The NETLOGON service this running Service kdc this running Service Dnscache this running DNS
service this running the domain controller, a DNS information server on network adapters: Adapter
[00000012] Microsoft Network Adapter Multiplexor Driver: MAC address A4 is: BA: DB: 08: 3C: E5
The IP address, static
IP address: 192.168.0.1
DNS server: 192.168.0.2 (SRVDC02) [Valid]
192.168.0.1 (srvdc01.cartorio.local.) [Valid]
The A record host (s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC / DNS server was found primary
Root zone on this DC / DNS server was not found
Testa: Forwarders / Root hints (FORW)
Recursion is enabled
Forwarders Information:
200 175 182 139 (<name unavailable>) [Valid]
200.175.5.139 (<name unavailable>) [Invalid (unreachable)]
200.204.0.10 (<name unavailable>) [Invalid (unreachable)]
200.204.0.138 (<name unavailable>) [Invalid (unreachable)]
Testa: Delegations (Del)
Delegation information for the zone: cartorio.local.
Delegated Domain Name: _msdcs.cartorio.local.
DNS server: srvdc01.cartorio.local. IP: 192.168.0.1 [Valid]
Testa: Dynamic update (Dyn)
Dcdiag tests-tests-record successfully added record in zone cartorio.local
Testa record dcdiag-forehead-record deleted successfully in zone cartorio.local
Testa: Records registration (RReg)
Network Adapter [00000012] Microsoft Network Adapter Multiplexor Driver: Matching
CNAME record at DNS server 192.168.0.2 found:
f8fee521-f567-4845-ac67-e6a680be7d66._msdcs.cartorio.local
The matching record found at 192.168.0.2 DNS server:
SRVDC01.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.9d6d795a-d0e1-40f2-B199-f43a9ee7c678.domains._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._udp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kpasswd._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.gc._msdcs.cartorio.local
The matching record found at 192.168.0.2 DNS server:
gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_gc._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.pdc._msdcs.cartorio.local
Matching CNAME record at DNS server 192.168.0.1 found:
f8fee521-f567-4845-ac67-e6a680be7d66._msdcs.cartorio.local
The matching record found at 192.168.0.1 DNS server:
SRVDC01.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.9d6d795a-d0e1-40f2-B199-f43a9ee7c678.domains._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._udp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kpasswd._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.gc._msdcs.cartorio.local
The matching record found at 192.168.0.1 DNS server:
gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_gc._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.pdc._msdcs.cartorio.local
Total time of the query: 0 min. 24 sec .. Total time connection RPC: 0 min. 0 sec. Total
time of WMI connection: 0 min. 42 sec. Total time of Netuse connection: 0 min. 0 sec.
Domain controller: SRVDC02.cartorio.local domain: cartorio.local
Testa: Authentication (Auth)
Authentication test: completed with success
Testa: Basic (Basc)
The OS Microsoft Windows Server 2012 R2 Datacenter (Service Pack level: 0.0)
compatible. The NETLOGON service this running Service kdc this running Service Dnscache this running DNS
service this running the domain controller, a DNS server network adapters information: Adapter
[00000010] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client): MAC address is 00: 22: 19: 88: ED: EF
The IP address, static
IP address: 192.168.0.2
DNS server: 192.168.0.1 (. Srvdc01.cartorio.local) [Valid]
192.168.0.2 (SRVDC02) [Valid]
The A record host (s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC / DNS server was found primary
Root zone on this DC / DNS server was not found
Testa: Forwarders / Root hints (FORW)
Recursion is enabled
Forwarders Information:
200 175 182 139 (<name unavailable>) [Valid]
200.175.5.139 (<name unavailable>) [Invalid (unreachable)]
200.204.0.10 (<name unavailable>) [Invalid (unreachable)]
200.204.0.138 (<name unavailable>) [Invalid (unreachable)]
Testa: Delegations (Del)
Delegation information for the zone: cartorio.local.
Delegated Domain Name: _msdcs.cartorio.local.
DNS server: srvdc01.cartorio.local. IP: 192.168.0.1 [Valid]
Testa: Dynamic update (Dyn)
Dcdiag tests-tests-record successfully added record in zone cartorio.local
Testa record dcdiag-forehead-record deleted successfully in zone cartorio.local
Testa: Records registration (RReg)
Network Adapter [00000010] BCM5708C Broadcom NetXtreme II GigE (NDIS VBD Client):
Matching CNAME record at DNS server 192.168.0.1 found:
f0637c9d-2196-470c-a691-290fde6508b6._msdcs.cartorio.local
The matching record found at 192.168.0.1 DNS server:
SRVDC02.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.9d6d795a-d0e1-40f2-B199-f43a9ee7c678.domains._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._udp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kpasswd._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_kerberos._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.gc._msdcs.cartorio.local
The matching record found at 192.168.0.1 DNS server:
gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_gc._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.1 found:
_ldap._tcp.Sorocaba._sites.gc._msdcs.cartorio.local
Matching CNAME record at DNS server 192.168.0.2 found:
f0637c9d-2196-470c-a691-290fde6508b6._msdcs.cartorio.local
The matching record found at 192.168.0.2 DNS server:
SRVDC02.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.9d6d795a-d0e1-40f2-B199-f43a9ee7c678.domains._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._udp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kpasswd._tcp.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.dc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_kerberos._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.gc._msdcs.cartorio.local
The matching record found at 192.168.0.2 DNS server:
gc._msdcs.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_gc._tcp.Sorocaba._sites.cartorio.local
Matching SRV record at DNS server 192.168.0.2 found:
_ldap._tcp.Sorocaba._sites.gc._msdcs.cartorio.local
Total time of the query: 0 min. 12 sec .. Total time connection RPC: 0 min. 0 sec. Total
time of WMI connection: 0 min. 42 sec. Total time of Netuse connection: 0 min. 0 sec.
DNS servers test results summary used by domain controllers above: DNS Server: 200.175.5.139
(<name unavailable>) Test Failure 2 nestae DNS server PTR record query for the 1.0.0.127.in-addr.arpa.
failed on the DNS server 200.175.5.139 [Error details: 1460 (Type: Win32 - Description: estaa operation
returned because the timeout period expired.)]
Total time of the query: 0 min. 12 sec, Total time the WMI connection:. 0 min. 21 sec.
DNS server: 200.204.0.10 (<name unavailable>) Test Failure 2 nestae DNS server PTR record
query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 200.204.0.10 [Error details: in 1460
(Type: Win32 - Description: estaa operation returned because the timeout period expired.)]
Total time of the query: 0 min. 12 sec, Total time the WMI connection:. 0 min. 21 sec.
DNS server: 200.204.0.138 (<name unavailable>) Test Failure 2 nestae DNS server PTR record
query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 200.204.0.138 [Error details: 1460 (Type:
Win32 - Description: estaa operation returned because the timeout period expired.)]
Total time of the query: 0 min. 12 sec, Total time the WMI connection:. 0 min. 21 sec.
DNS server: 192.168.0.1 (. Srvdc01.cartorio.local) All tests passed nestae DNS server Name
resolution is functional._ldap._tcp SRV record for the Foresta root domain is registered
DNS delegation for the domain _msdcs.cartorio.local. is operational on IP 192.168.0.1
Total time of the query: 0 min. 0 sec Total time the WMI connection:. 0 min. 0 sec.
DNS server: 192.168.0.2 (SRVDC02) All tests passed nestae DNS server Name resolution is
functional._ldap._tcp SRV record for the Foresta root domain is registered
Total time of the query: 0 min. 0 sec Total time the WMI connection:. 0 min. 0 sec.
DNS server: 200175182139 (<name unavailable>) All tests passed nestae DNS server total query
time: 0 min. 0 sec Total time the WMI connection:. 0 min. 21 sec.
Summary of the DNS test results:
Auth Basc FORW Del Dyn RReg Ext
_________________________________________________________________
domain: PASS PASS PASS cartorio.local SRVDC01 PASS PASS PASS n / a
SRVDC02 PASS PASS PASS PASS PASS PASS n / a
Total time used to testaar all domain controllers: 2 min. 0 sec. ....
Cartorio.local passed the test DNS Starting test: LocatorCheck GC name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
PDC Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
Time Server Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
Preferred Time Server Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
KDC Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
.............. Cartorio.local passed the test LocatorCheck Starting test: FsmoCheck
GC name: \\ SRVDC01.cartorio.local Locator Flags: 0xe000f1fd
PDC Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
Time Server Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
Preferred Time Server Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
KDC Name: \\ SRVDC01.cartorio.local
Locator Flags: 0xe000f1fd
.... Cartorio.local passed the test FsmoCheck Starting test: Intersite
Ignoring the Sorocaba site; this site is beyond the scope provided by the provided command-line
arguments.
.... Cartorio.local passed the test Intersite
Hello
DCDiag --> http://1drv.ms/1hTDuq5
Ipconfig --> http://1drv.ms/1JBgjtJ
Thank you
Hi,
What about output of following command
IPCONFIG /All from other DC's
repadmin /replsum /errorsonly
repadmin /showrepl
follow other commands http://1drv.ms/1NXEGVk
Thank you
I created another link
https://onedrive.live.com/prev?cid=b99b8cd8a53a5caf&id=B99B8CD8A53A5CAF%21108&ithint=file%2Ctxt&authkey=%21ABa37UDnKRt92gU&v=TextFileEditor
Hi,
Looking at logs it not look like issue with AD replication. I would suggest past the error you get when you access the server using FQDN.
When I try to access it this way:
\\contoso.local
the error message that appears is:
Windows can not access the site
error code 0x80070035
the network path was not found.
However if I do it this way:
\\ srvdc01 or \\srvdc02 (my Dcs) I can access
Server: srvdc01.cartorio.local
Address: 192.168.0.1
Name: cartorio.local
Addresses: 192.168.0.2
192.168.0.1
Have you tried solution provided here.
I discovered the problem, and it is described in this link
https://technet.microsoft.com/library/jj852167(v=ws.10).aspx
I enabled this policy denying all domain accounts NTLM traffic because microsoft own through good practices, says to do so.
However to enable I can not longer access the domain through the \\contoso.local and also can not enable namespace.
Well anyway that's the problem, however now messages in event viewer appear all the time asking to disable NTLM authentication.
What to do in this case?
As you said you get the error "error code 0x80070035" I would recommend can you provide me with network trace to get this issue understand. Run the enabled trace on Machine or server windows 7.0 and above open the command prompt run as administrator. Type the enable command and press enter. Once capturing is started now try and reproduce the issue or try access the server via server name try to reproduce the issue couple of time and then stop capturing using disabled Trace command. you will see under c: drive there is file called "nettrace-boot.etl" zip this file upload to one drive and share the URL here.
Enable Trace
netsh trace start persistent=yes capture=yes tracefile=c:\nettrace-boot.etl
Disabled Trace:
netsh trace stop