Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Directory Server Diagnosis
- Performing initial setup:
- Trying to find home server...
- Home Server = MYCOMPANY-VM-DOMAIN
- * Identified AD Forest.
- Done gathering initial info.
- Doing initial required tests
- Testing server: MYCOMPANY\MYCOMPANY-VM-DOMAIN
- Starting test: Connectivity
- ......................... MYCOMPANY-VM-DOMAIN passed test Connectivity
- Doing primary tests
- Testing server: MYCOMPANY\MYCOMPANY-VM-DOMAIN
- Starting test: Advertising
- ......................... MYCOMPANY-VM-DOMAIN passed test Advertising
- Starting test: FrsEvent
- ......................... MYCOMPANY-VM-DOMAIN passed test FrsEvent
- Starting test: DFSREvent
- ......................... MYCOMPANY-VM-DOMAIN passed test DFSREvent
- Starting test: SysVolCheck
- ......................... MYCOMPANY-VM-DOMAIN passed test SysVolCheck
- Starting test: KccEvent
- A warning event occurred. EventID: 0x80000B46
- Time Generated: 05/25/2016 12:07:04
- Event String:
- The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds, configuring the server to reject them will improve the security of this server.
- ......................... MYCOMPANY-VM-DOMAIN passed test KccEvent
- Starting test: KnowsOfRoleHolders
- ......................... MYCOMPANY-VM-DOMAIN passed test KnowsOfRoleHolders
- Starting test: MachineAccount
- ......................... MYCOMPANY-VM-DOMAIN passed test MachineAccount
- Starting test: NCSecDesc
- ......................... MYCOMPANY-VM-DOMAIN passed test NCSecDesc
- Starting test: NetLogons
- ......................... MYCOMPANY-VM-DOMAIN passed test NetLogons
- Starting test: ObjectsReplicated
- ......................... MYCOMPANY-VM-DOMAIN passed test ObjectsReplicated
- Starting test: Replications
- ......................... MYCOMPANY-VM-DOMAIN passed test Replications
- Starting test: RidManager
- ......................... MYCOMPANY-VM-DOMAIN passed test RidManager
- Starting test: Services
- ......................... MYCOMPANY-VM-DOMAIN passed test Services
- Starting test: SystemLog
- A warning event occurred. EventID: 0x8000001D
- Time Generated: 05/25/2016 12:06:55
- Event String:
- The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
- An error event occurred. EventID: 0xC00038D6
- Time Generated: 05/25/2016 12:07:23
- Event String:
- The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
- A warning event occurred. EventID: 0x000003F6
- Time Generated: 05/25/2016 12:07:23
- Event String:
- Name resolution for the name _ldap._tcp.MYCOMPANY._sites.dc._msdcs.ad.MYCOMPANY.com timed out after none of the configured DNS servers responded.
- A warning event occurred. EventID: 0x0000000C
- Time Generated: 05/25/2016 12:07:23
- Event String:
- Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
- A warning event occurred. EventID: 0x000727AA
- Time Generated: 05/25/2016 12:09:40
- Event String:
- The WinRM service failed to create the following SPNs: WSMAN/MYCOMPANY-VM-DOMAIN.ad.MYCOMPANY.com; WSMAN/MYCOMPANY-VM-DOMAIN.
- ......................... MYCOMPANY-VM-DOMAIN failed test SystemLog
- Starting test: VerifyReferences
- ......................... MYCOMPANY-VM-DOMAIN passed test VerifyReferences
- Running partition tests on : ForestDnsZones
- Starting test: CheckSDRefDom
- ......................... ForestDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... ForestDnsZones passed test
- CrossRefValidation
- Running partition tests on : DomainDnsZones
- Starting test: CheckSDRefDom
- ......................... DomainDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... DomainDnsZones passed test
- CrossRefValidation
- Running partition tests on : Schema
- Starting test: CheckSDRefDom
- ......................... Schema passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Schema passed test CrossRefValidation
- Running partition tests on : Configuration
- Starting test: CheckSDRefDom
- ......................... Configuration passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Configuration passed test CrossRefValidation
- Running partition tests on : ad
- Starting test: CheckSDRefDom
- ......................... ad passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... ad passed test CrossRefValidation
- Running enterprise tests on : ad.MYCOMPANY.com
- Starting test: LocatorCheck
- ......................... ad.MYCOMPANY.com passed test LocatorCheck
- Starting test: Intersite
- ......................... ad.MYCOMPANY.com passed test Intersite
- Directory Server Diagnosis
- Performing initial setup:
- Trying to find home server...
- Home Server = MYCOMPANY-VM-DOMAIN
- * Identified AD Forest.
- Done gathering initial info.
- Doing initial required tests
- Testing server: MYCOMPANY\MYCOMPANY-VM-DOMAIN
- Starting test: Connectivity
- ......................... MYCOMPANY-VM-DOMAIN passed test Connectivity
- Doing primary tests
- Testing server: MYCOMPANY\MYCOMPANY-VM-DOMAIN
- Starting test: Advertising
- ......................... MYCOMPANY-VM-DOMAIN passed test Advertising
- Starting test: FrsEvent
- ......................... MYCOMPANY-VM-DOMAIN passed test FrsEvent
- Starting test: DFSREvent
- ......................... MYCOMPANY-VM-DOMAIN passed test DFSREvent
- Starting test: SysVolCheck
- ......................... MYCOMPANY-VM-DOMAIN passed test SysVolCheck
- Starting test: KccEvent
- A warning event occurred. EventID: 0x80000B46
- Time Generated: 05/25/2016 12:07:04
- Event String:
- The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds, configuring the server to reject them will improve the security of this server.
- ......................... MYCOMPANY-VM-DOMAIN passed test KccEvent
- Starting test: KnowsOfRoleHolders
- ......................... MYCOMPANY-VM-DOMAIN passed test KnowsOfRoleHolders
- Starting test: MachineAccount
- ......................... MYCOMPANY-VM-DOMAIN passed test MachineAccount
- Starting test: NCSecDesc
- ......................... MYCOMPANY-VM-DOMAIN passed test NCSecDesc
- Starting test: NetLogons
- ......................... MYCOMPANY-VM-DOMAIN passed test NetLogons
- Starting test: ObjectsReplicated
- ......................... MYCOMPANY-VM-DOMAIN passed test ObjectsReplicated
- Starting test: Replications
- ......................... MYCOMPANY-VM-DOMAIN passed test Replications
- Starting test: RidManager
- ......................... MYCOMPANY-VM-DOMAIN passed test RidManager
- Starting test: Services
- ......................... MYCOMPANY-VM-DOMAIN passed test Services
- Starting test: SystemLog
- A warning event occurred. EventID: 0x8000001D
- Time Generated: 05/25/2016 12:06:55
- Event String:
- The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
- An error event occurred. EventID: 0xC00038D6
- Time Generated: 05/25/2016 12:07:23
- Event String:
- The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
- A warning event occurred. EventID: 0x000003F6
- Time Generated: 05/25/2016 12:07:23
- Event String:
- Name resolution for the name _ldap._tcp.MYCOMPANY._sites.dc._msdcs.ad.MYCOMPANY.com timed out after none of the configured DNS servers responded.
- A warning event occurred. EventID: 0x0000000C
- Time Generated: 05/25/2016 12:07:23
- Event String:
- Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
- A warning event occurred. EventID: 0x000727AA
- Time Generated: 05/25/2016 12:09:40
- Event String:
- The WinRM service failed to create the following SPNs: WSMAN/MYCOMPANY-VM-DOMAIN.ad.MYCOMPANY.com; WSMAN/MYCOMPANY-VM-DOMAIN.
- ......................... MYCOMPANY-VM-DOMAIN failed test SystemLog
- Starting test: VerifyReferences
- ......................... MYCOMPANY-VM-DOMAIN passed test VerifyReferences
- Running partition tests on : ForestDnsZones
- Starting test: CheckSDRefDom
- ......................... ForestDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... ForestDnsZones passed test
- CrossRefValidation
- Running partition tests on : DomainDnsZones
- Starting test: CheckSDRefDom
- ......................... DomainDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... DomainDnsZones passed test
- CrossRefValidation
- Running partition tests on : Schema
- Starting test: CheckSDRefDom
- ......................... Schema passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Schema passed test CrossRefValidation
- Running partition tests on : Configuration
- Starting test: CheckSDRefDom
- ......................... Configuration passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Configuration passed test CrossRefValidation
- Running partition tests on : ad
- Starting test: CheckSDRefDom
- ......................... ad passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... ad passed test CrossRefValidation
- Running enterprise tests on : ad.MYCOMPANY.com
- Starting test: LocatorCheck
- ......................... ad.MYCOMPANY.com passed test LocatorCheck
- Starting test: Intersite
- ......................... ad.MYCOMPANY.com passed test Intersite
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement