Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Directory Server Diagnosis
- Performing initial setup:
- Trying to find home server...
- * Verifying that the local machine DC01, is a Directory Server.
- Home Server = DC01
- * Connecting to directory service on server DC01.
- * Identified AD Forest.
- Collecting AD specific global data
- * Collecting site info.
- Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=excelcg,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
- The previous call succeeded
- Iterating through the sites
- Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Getting ISTG and options for the site
- * Identifying all servers.
- Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=excelcg,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
- The previous call succeeded....
- The previous call succeeded
- Iterating through the list of servers
- Getting information for the server CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- objectGuid obtained
- InvocationID obtained
- dnsHostname obtained
- site info obtained
- All the info for the server collected
- Getting information for the server CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- objectGuid obtained
- InvocationID obtained
- dnsHostname obtained
- site info obtained
- All the info for the server collected
- * Identifying all NC cross-refs.
- * Found 2 DC(s). Testing 2 of them.
- Done gathering initial info.
- Doing initial required tests
- Testing server: Default-First-Site-Name\DC01
- Starting test: Connectivity
- * Active Directory LDAP Services Check
- Determining IP4 connectivity
- * Active Directory RPC Services Check
- ......................... DC01 passed test Connectivity
- Testing server: Default-First-Site-Name\DC02
- Starting test: Connectivity
- * Active Directory LDAP Services Check
- Determining IP4 connectivity
- * Active Directory RPC Services Check
- ......................... DC02 passed test Connectivity
- Doing primary tests
- Testing server: Default-First-Site-Name\DC01
- Starting test: Advertising
- The DC DC01 is advertising itself as a DC and having a DS.
- The DC DC01 is advertising as an LDAP server
- The DC DC01 is advertising as having a writeable directory
- The DC DC01 is advertising as a Key Distribution Center
- The DC DC01 is advertising as a time server
- The DS DC01 is advertising as a GC.
- ......................... DC01 passed test Advertising
- Starting test: CheckSecurityError
- * Dr Auth: Beginning security errors check!
- Found KDC DC01 for domain mydomain.local in site Default-First-Site-Name
- Checking machine account for DC DC01 on DC DC01.
- * SPN found :LDAP/DC01.mydomain.local/mydomain.local
- * SPN found :LDAP/DC01.mydomain.local
- * SPN found :LDAP/DC01
- * SPN found :LDAP/DC01.mydomain.local/EXCELCG
- * SPN found :LDAP/39eae90e-bc2f-4e15-b5f7-9905ff0907d5._msdcs.mydomain.local
- * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/39eae90e-bc2f-4e15-b5f7-9905ff0907d5/mydomain.local
- * SPN found :HOST/DC01.mydomain.local/mydomain.local
- * SPN found :HOST/DC01.mydomain.local
- * SPN found :HOST/DC01
- * SPN found :HOST/DC01.mydomain.local/EXCELCG
- * SPN found :GC/DC01.mydomain.local/mydomain.local
- [DC01] No security related replication errors were found on this DC!
- To target the connection to a specific source DC use /ReplSource:<DC>.
- ......................... DC01 passed test CheckSecurityError
- Starting test: CutoffServers
- * Configuration Topology Aliveness Check
- * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- ......................... DC01 passed test CutoffServers
- Starting test: FrsEvent
- * The File Replication Service Event log test
- Skip the test because the server is running DFSR.
- ......................... DC01 passed test FrsEvent
- Starting test: DFSREvent
- The DFS Replication Event Log.
- ......................... DC01 passed test DFSREvent
- Starting test: SysVolCheck
- * The File Replication Service SYSVOL ready test
- File Replication Service's SYSVOL is ready
- ......................... DC01 passed test SysVolCheck
- Starting test: FrsSysVol
- * The File Replication Service SYSVOL ready test
- File Replication Service's SYSVOL is ready
- ......................... DC01 passed test FrsSysVol
- Starting test: KccEvent
- * The KCC Event log test
- Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
- ......................... DC01 passed test KccEvent
- Starting test: KnowsOfRoleHolders
- Role Schema Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Domain Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role PDC Owner = CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Rid Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- ......................... DC01 passed test KnowsOfRoleHolders
- Starting test: MachineAccount
- Checking machine account for DC DC01 on DC DC01.
- * SPN found :LDAP/DC01.mydomain.local/mydomain.local
- * SPN found :LDAP/DC01.mydomain.local
- * SPN found :LDAP/DC01
- * SPN found :LDAP/DC01.mydomain.local/EXCELCG
- * SPN found :LDAP/39eae90e-bc2f-4e15-b5f7-9905ff0907d5._msdcs.mydomain.local
- * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/39eae90e-bc2f-4e15-b5f7-9905ff0907d5/mydomain.local
- * SPN found :HOST/DC01.mydomain.local/mydomain.local
- * SPN found :HOST/DC01.mydomain.local
- * SPN found :HOST/DC01
- * SPN found :HOST/DC01.mydomain.local/EXCELCG
- * SPN found :GC/DC01.mydomain.local/mydomain.local
- ......................... DC01 passed test MachineAccount
- Starting test: NCSecDesc
- * Security Permissions check for all NC's on DC DC01.
- * Security Permissions Check for
- DC=ForestDnsZones,DC=excelcg,DC=local
- (NDNC,Version 3)
- * Security Permissions Check for
- DC=DomainDnsZones,DC=excelcg,DC=local
- (NDNC,Version 3)
- * Security Permissions Check for
- CN=Schema,CN=Configuration,DC=excelcg,DC=local
- (Schema,Version 3)
- * Security Permissions Check for
- CN=Configuration,DC=excelcg,DC=local
- (Configuration,Version 3)
- * Security Permissions Check for
- DC=excelcg,DC=local
- (Domain,Version 3)
- ......................... DC01 passed test NCSecDesc
- Starting test: NetLogons
- * Network Logons Privileges Check
- Verified share \\DC01\netlogon
- Verified share \\DC01\sysvol
- ......................... DC01 passed test NetLogons
- Starting test: ObjectsReplicated
- DC01 is in domain DC=excelcg,DC=local
- Checking for CN=DC01,OU=Domain Controllers,DC=excelcg,DC=local in domain DC=excelcg,DC=local on 2 servers
- Object is up-to-date on all servers.
- Checking for CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local in domain CN=Configuration,DC=excelcg,DC=local on 2 servers
- Object is up-to-date on all servers.
- ......................... DC01 passed test ObjectsReplicated
- Starting test: OutboundSecureChannels
- * The Outbound Secure Channels test
- ** Did not run Outbound Secure Channels test because /testdomain: was
- not entered
- ......................... DC01 passed test OutboundSecureChannels
- Starting test: Replications
- * Replications Check
- * Replication Latency Check
- DC=ForestDnsZones,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- DC=DomainDnsZones,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- CN=Schema,CN=Configuration,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- CN=Configuration,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- ......................... DC01 passed test Replications
- Starting test: RidManager
- * Available RID Pool for the Domain is 3100 to 1073741823
- * DC01.mydomain.local is the RID Master
- * DsBind with RID Master was successful
- * rIDAllocationPool is 2100 to 2599
- * rIDPreviousAllocationPool is 2100 to 2599
- * rIDNextRID: 2113
- ......................... DC01 passed test RidManager
- Starting test: Services
- * Checking Service: EventSystem
- * Checking Service: RpcSs
- * Checking Service: NTDS
- * Checking Service: DnsCache
- * Checking Service: DFSR
- * Checking Service: IsmServ
- * Checking Service: kdc
- * Checking Service: SamSs
- * Checking Service: LanmanServer
- * Checking Service: LanmanWorkstation
- * Checking Service: w32time
- * Checking Service: NETLOGON
- ......................... DC01 passed test Services
- Starting test: SystemLog
- * The System Event log test
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:40:25
- Event String:
- DCOM was unable to communicate with the computer 4.2.2.2 using any of the configured protocols; requested by PID 1d7c (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:40:42
- Event String:
- DCOM was unable to communicate with the computer 10.19.10.2 using any of the configured protocols; requested by PID 1d7c (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:40:46
- Event String:
- DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID 1d7c (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:46:08
- Event String:
- DCOM was unable to communicate with the computer 4.2.2.2 using any of the configured protocols; requested by PID a10 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:46:29
- Event String:
- DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID a10 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- An error event occurred. EventID: 0x0000272C
- Time Generated: 04/29/2020 09:46:29
- Event String:
- DCOM was unable to communicate with the computer 10.19.10.2 using any of the configured protocols; requested by PID a10 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
- A warning event occurred. EventID: 0x00000C18
- Time Generated: 04/29/2020 09:50:49
- Event String:
- The primary Domain Controller for this domain could not be located.
- ......................... DC01 failed test SystemLog
- Starting test: Topology
- * Configuration Topology Integrity Check
- * Analyzing the connection topology for DC=ForestDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for DC=DomainDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- ......................... DC01 passed test Topology
- Starting test: VerifyEnterpriseReferences
- ......................... DC01 passed test VerifyEnterpriseReferences
- Starting test: VerifyReferences
- The system object reference (serverReference)
- CN=DC01,OU=Domain Controllers,DC=excelcg,DC=local and backlink on
- CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- are correct.
- The system object reference (serverReferenceBL)
- CN=WIN-BER6E9O3PHN,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=excelcg,DC=local
- and backlink on
- CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- are correct.
- The system object reference (msDFSR-ComputerReferenceBL)
- CN=WIN-BER6E9O3PHN,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=excelcg,DC=local
- and backlink on CN=DC01,OU=Domain Controllers,DC=excelcg,DC=local are
- correct.
- ......................... DC01 passed test VerifyReferences
- Starting test: VerifyReplicas
- ......................... DC01 passed test VerifyReplicas
- Testing server: Default-First-Site-Name\DC02
- Starting test: Advertising
- The DC DC02 is advertising itself as a DC and having a DS.
- The DC DC02 is advertising as an LDAP server
- The DC DC02 is advertising as having a writeable directory
- The DC DC02 is advertising as a Key Distribution Center
- The DC DC02 is advertising as a time server
- The DS DC02 is advertising as a GC.
- ......................... DC02 passed test Advertising
- Starting test: CheckSecurityError
- * Dr Auth: Beginning security errors check!
- Found KDC DC01 for domain mydomain.local in site Default-First-Site-Name
- Checking machine account for DC DC02 on DC DC01.
- * SPN found :LDAP/DC02.mydomain.local/mydomain.local
- * SPN found :LDAP/DC02.mydomain.local
- * SPN found :LDAP/DC02
- * SPN found :LDAP/DC02.mydomain.local/EXCELCG
- * SPN found :LDAP/5a72ff93-9387-4d09-ab39-a01aef1d6986._msdcs.mydomain.local
- * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5a72ff93-9387-4d09-ab39-a01aef1d6986/mydomain.local
- * SPN found :HOST/DC02.mydomain.local/mydomain.local
- * SPN found :HOST/DC02.mydomain.local
- * SPN found :HOST/DC02
- * SPN found :HOST/DC02.mydomain.local/EXCELCG
- * SPN found :GC/DC02.mydomain.local/mydomain.local
- Checking for CN=DC02,OU=Domain Controllers,DC=excelcg,DC=local in domain DC=excelcg,DC=local on 2 servers
- Object is up-to-date on all servers.
- [DC02] No security related replication errors were found on this DC!
- To target the connection to a specific source DC use /ReplSource:<DC>.
- ......................... DC02 passed test CheckSecurityError
- Starting test: CutoffServers
- * Configuration Topology Aliveness Check
- * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the alive system replication topology for DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- ......................... DC02 passed test CutoffServers
- Starting test: FrsEvent
- * The File Replication Service Event log test
- Skip the test because the server is running DFSR.
- ......................... DC02 passed test FrsEvent
- Starting test: DFSREvent
- The DFS Replication Event Log.
- There are warning or error events within the last 24 hours after the
- SYSVOL has been shared. Failing SYSVOL replication problems may cause
- Group Policy problems.
- A warning event occurred. EventID: 0x80001396
- Time Generated: 04/29/2020 07:44:13
- Event String:
- The DFS Replication service is stopping communication with partner DC01 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
- Additional Information:
- Error: 1723 (The RPC server is too busy to complete this operation.)
- Connection ID: 061F1A14-A5A7-48DC-BD92-B2E73A318A7C
- Replication Group ID: 8F0F23B5-C085-4BE0-905B-01C3CA809281
- An error event occurred. EventID: 0xC0001390
- Time Generated: 04/29/2020 07:44:42
- Event String:
- The DFS Replication service failed to communicate with partner DC01 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.
- Partner DNS Address: DC01.mydomain.local
- Optional data if available:
- Partner WINS Address: DC01
- Partner IP Address: 10.19.10.15
- The service will retry the connection periodically.
- Additional Information:
- Error: 1722 (The RPC server is unavailable.)
- Connection ID: 061F1A14-A5A7-48DC-BD92-B2E73A318A7C
- Replication Group ID: 8F0F23B5-C085-4BE0-905B-01C3CA809281
- ......................... DC02 failed test DFSREvent
- Starting test: SysVolCheck
- * The File Replication Service SYSVOL ready test
- File Replication Service's SYSVOL is ready
- ......................... DC02 passed test SysVolCheck
- Starting test: FrsSysVol
- * The File Replication Service SYSVOL ready test
- File Replication Service's SYSVOL is ready
- ......................... DC02 passed test FrsSysVol
- Starting test: KccEvent
- * The KCC Event log test
- Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
- ......................... DC02 passed test KccEvent
- Starting test: KnowsOfRoleHolders
- Role Schema Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Domain Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role PDC Owner = CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Rid Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- ......................... DC02 passed test KnowsOfRoleHolders
- Starting test: MachineAccount
- Checking machine account for DC DC02 on DC DC02.
- * SPN found :LDAP/DC02.mydomain.local/mydomain.local
- * SPN found :LDAP/DC02.mydomain.local
- * SPN found :LDAP/DC02
- * SPN found :LDAP/DC02.mydomain.local/EXCELCG
- * SPN found :LDAP/5a72ff93-9387-4d09-ab39-a01aef1d6986._msdcs.mydomain.local
- * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5a72ff93-9387-4d09-ab39-a01aef1d6986/mydomain.local
- * SPN found :HOST/DC02.mydomain.local/mydomain.local
- * SPN found :HOST/DC02.mydomain.local
- * SPN found :HOST/DC02
- * SPN found :HOST/DC02.mydomain.local/EXCELCG
- * SPN found :GC/DC02.mydomain.local/mydomain.local
- ......................... DC02 passed test MachineAccount
- Starting test: NCSecDesc
- * Security Permissions check for all NC's on DC DC02.
- * Security Permissions Check for
- DC=ForestDnsZones,DC=excelcg,DC=local
- (NDNC,Version 3)
- * Security Permissions Check for
- DC=DomainDnsZones,DC=excelcg,DC=local
- (NDNC,Version 3)
- * Security Permissions Check for
- CN=Schema,CN=Configuration,DC=excelcg,DC=local
- (Schema,Version 3)
- * Security Permissions Check for
- CN=Configuration,DC=excelcg,DC=local
- (Configuration,Version 3)
- * Security Permissions Check for
- DC=excelcg,DC=local
- (Domain,Version 3)
- ......................... DC02 passed test NCSecDesc
- Starting test: NetLogons
- * Network Logons Privileges Check
- Verified share \\DC02\netlogon
- Verified share \\DC02\sysvol
- ......................... DC02 passed test NetLogons
- Starting test: ObjectsReplicated
- DC02 is in domain DC=excelcg,DC=local
- Checking for CN=DC02,OU=Domain Controllers,DC=excelcg,DC=local in domain DC=excelcg,DC=local on 2 servers
- Object is up-to-date on all servers.
- Checking for CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local in domain CN=Configuration,DC=excelcg,DC=local on 2 servers
- Object is up-to-date on all servers.
- ......................... DC02 passed test ObjectsReplicated
- Starting test: OutboundSecureChannels
- * The Outbound Secure Channels test
- ** Did not run Outbound Secure Channels test because /testdomain: was
- not entered
- ......................... DC02 passed test OutboundSecureChannels
- Starting test: Replications
- * Replications Check
- * Replication Latency Check
- DC=ForestDnsZones,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- DC=DomainDnsZones,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- CN=Schema,CN=Configuration,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- CN=Configuration,DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- DC=excelcg,DC=local
- Latency information for 2 entries in the vector were ignored.
- 2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
- ......................... DC02 passed test Replications
- Starting test: RidManager
- * Available RID Pool for the Domain is 3100 to 1073741823
- * DC01.mydomain.local is the RID Master
- * DsBind with RID Master was successful
- * rIDAllocationPool is 2600 to 3099
- * rIDPreviousAllocationPool is 2600 to 3099
- * rIDNextRID: 2609
- ......................... DC02 passed test RidManager
- Starting test: Services
- * Checking Service: EventSystem
- * Checking Service: RpcSs
- * Checking Service: NTDS
- * Checking Service: DnsCache
- * Checking Service: DFSR
- * Checking Service: IsmServ
- * Checking Service: kdc
- * Checking Service: SamSs
- * Checking Service: LanmanServer
- * Checking Service: LanmanWorkstation
- * Checking Service: w32time
- * Checking Service: NETLOGON
- ......................... DC02 passed test Services
- Starting test: SystemLog
- * The System Event log test
- A warning event occurred. EventID: 0x00000024
- Time Generated: 04/29/2020 09:23:59
- Event String:
- The time service has not synchronized the system time for the last 7800 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients after 0 seconds. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization. You can control the frequency of the time source rediscovery using ClockHoldoverPeriod W32time config setting. Modify the EventLogFlags W32time config setting if you wish to disable this message.
- Found no errors in "System" Event log in the last 60 minutes.
- ......................... DC02 passed test SystemLog
- Starting test: Topology
- * Configuration Topology Integrity Check
- * Analyzing the connection topology for DC=ForestDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for DC=DomainDnsZones,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for CN=Configuration,DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- * Analyzing the connection topology for DC=excelcg,DC=local.
- * Performing upstream (of target) analysis.
- * Performing downstream (of target) analysis.
- ......................... DC02 passed test Topology
- Starting test: VerifyEnterpriseReferences
- ......................... DC02 passed test VerifyEnterpriseReferences
- Starting test: VerifyReferences
- The system object reference (serverReference)
- CN=DC02,OU=Domain Controllers,DC=excelcg,DC=local and backlink on
- CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- are correct.
- The system object reference (serverReferenceBL)
- CN=DC02,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=excelcg,DC=local
- and backlink on
- CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=excelcg,DC=local
- are correct.
- The system object reference (msDFSR-ComputerReferenceBL)
- CN=DC02,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=excelcg,DC=local
- and backlink on CN=DC02,OU=Domain Controllers,DC=excelcg,DC=local are
- correct.
- ......................... DC02 passed test VerifyReferences
- Starting test: VerifyReplicas
- ......................... DC02 passed test VerifyReplicas
- Starting test: DNS
- DNS Tests are running and not hung. Please wait a few minutes...
- Starting test: DNS
- See DNS test in enterprise tests section for results
- ......................... DC01 passed test DNS
- See DNS test in enterprise tests section for results
- ......................... DC02 passed test DNS
- Running partition tests on : ForestDnsZones
- Starting test: CheckSDRefDom
- ......................... ForestDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... ForestDnsZones passed test
- CrossRefValidation
- Running partition tests on : DomainDnsZones
- Starting test: CheckSDRefDom
- ......................... DomainDnsZones passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... DomainDnsZones passed test
- CrossRefValidation
- Running partition tests on : Schema
- Starting test: CheckSDRefDom
- ......................... Schema passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Schema passed test CrossRefValidation
- Running partition tests on : Configuration
- Starting test: CheckSDRefDom
- ......................... Configuration passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... Configuration passed test CrossRefValidation
- Running partition tests on : excelcg
- Starting test: CheckSDRefDom
- ......................... excelcg passed test CheckSDRefDom
- Starting test: CrossRefValidation
- ......................... excelcg passed test CrossRefValidation
- Running enterprise tests on : mydomain.local
- Starting test: DNS
- Test results for domain controllers:
- DC: DC01.mydomain.local
- Domain: mydomain.local
- TEST: Authentication (Auth)
- Authentication test: Successfully completed
- TEST: Basic (Basc)
- The OS
- Microsoft Windows Server 2019 Standard (Service Pack level: 0.0)
- is supported.
- NETLOGON service is running
- kdc service is running
- DNSCACHE service is running
- DNS service is running
- DC is a DNS server
- Network adapters information:
- Adapter [00000004] Microsoft Hyper-V Network Adapter:
- MAC address is 00:15:5D:0A:05:05
- IP Address is static
- IP address: 10.19.10.15, fe80::91e3:d4fd:b588:69db
- DNS servers:
- 10.19.10.16 (DC02) [Valid]
- 127.0.0.1 (dc01.mydomain.local.) [Valid]
- The A host record(s) for this DC was found
- The SOA record for the Active Directory zone was found
- The Active Directory zone on this DC/DNS server was found primary
- Root zone on this DC/DNS server was not found
- TEST: Forwarders/Root hints (Forw)
- Recursion is enabled
- Forwarders Information:
- 4.2.2.2 (<name unavailable>) [Valid]
- 8.8.8.8 (<name unavailable>) [Valid]
- TEST: Delegations (Del)
- Delegation information for the zone: mydomain.local.
- Delegated domain name: _msdcs.mydomain.local.
- DNS server: dc01.mydomain.local. IP:10.19.10.15 [Valid]
- TEST: Dynamic update (Dyn)
- Test record dcdiag-test-record added successfully in zone mydomain.local
- Test record dcdiag-test-record deleted successfully in zone mydomain.local
- TEST: Records registration (RReg)
- Network Adapter [00000004] Microsoft Hyper-V Network Adapter:
- Matching CNAME record found at DNS server 10.19.10.16:
- 39eae90e-bc2f-4e15-b5f7-9905ff0907d5._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- DC01.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.72f31db9-c777-46ce-89b6-1c3eab51ea49.domains._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._udp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kpasswd._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.gc._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _gc._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.local
- Matching CNAME record found at DNS server 10.19.10.15:
- 39eae90e-bc2f-4e15-b5f7-9905ff0907d5._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.15:
- DC01.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.72f31db9-c777-46ce-89b6-1c3eab51ea49.domains._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kerberos._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kerberos._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kerberos._udp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kpasswd._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _kerberos._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.gc._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.15:
- gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _gc._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.15:
- _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.local
- DC: DC02.mydomain.local
- Domain: mydomain.local
- TEST: Authentication (Auth)
- Authentication test: Successfully completed
- TEST: Basic (Basc)
- The OS
- Microsoft Windows Server 2019 Standard Evaluation (Service Pack level: 0.0)
- is supported.
- NETLOGON service is running
- kdc service is running
- DNSCACHE service is running
- DNS service is running
- DC is a DNS server
- Network adapters information:
- Adapter [00000001] Microsoft Hyper-V Network Adapter:
- MAC address is 00:15:5D:0A:06:02
- IP Address is static
- IP address: 10.19.10.16, fe80::9116:b7a7:7cf:d1b6
- DNS servers:
- 10.19.10.16 (DC02) [Valid]
- 127.0.0.1 (DC02) [Valid]
- 127.0.0.1 (DC02) [Valid]
- The A host record(s) for this DC was found
- The SOA record for the Active Directory zone was found
- The Active Directory zone on this DC/DNS server was found primary
- Root zone on this DC/DNS server was not found
- TEST: Forwarders/Root hints (Forw)
- Recursion is enabled
- Forwarders Information:
- 4.2.2.2 (<name unavailable>) [Valid]
- 8.8.8.8 (<name unavailable>) [Valid]
- TEST: Delegations (Del)
- Delegation information for the zone: mydomain.local.
- Delegated domain name: _msdcs.mydomain.local.
- DNS server: dc01.mydomain.local. IP:10.19.10.15 [Valid]
- TEST: Dynamic update (Dyn)
- Test record dcdiag-test-record added successfully in zone mydomain.local
- Test record dcdiag-test-record deleted successfully in zone mydomain.local
- TEST: Records registration (RReg)
- Network Adapter [00000001] Microsoft Hyper-V Network Adapter:
- Matching CNAME record found at DNS server 10.19.10.16:
- 5a72ff93-9387-4d09-ab39-a01aef1d6986._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- DC02.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.72f31db9-c777-46ce-89b6-1c3eab51ea49.domains._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._udp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kpasswd._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.gc._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _gc._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.pdc._msdcs.mydomain.local
- Matching CNAME record found at DNS server 10.19.10.16:
- 5a72ff93-9387-4d09-ab39-a01aef1d6986._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- DC02.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.72f31db9-c777-46ce-89b6-1c3eab51ea49.domains._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._udp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kpasswd._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.gc._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _gc._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.local
- Error:
- Missing SRV record at DNS server 10.19.10.16:
- _ldap._tcp.pdc._msdcs.mydomain.local
- [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
- Matching CNAME record found at DNS server 10.19.10.16:
- 5a72ff93-9387-4d09-ab39-a01aef1d6986._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- DC02.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.72f31db9-c777-46ce-89b6-1c3eab51ea49.domains._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._udp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kpasswd._tcp.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _kerberos._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.gc._msdcs.mydomain.local
- Matching A record found at DNS server 10.19.10.16:
- gc._msdcs.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _gc._tcp.Default-First-Site-Name._sites.mydomain.local
- Matching SRV record found at DNS server 10.19.10.16:
- _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.local
- Error:
- Missing SRV record at DNS server 10.19.10.16:
- _ldap._tcp.pdc._msdcs.mydomain.local
- [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
- Warning: Record Registrations not found in some network adapters
- Summary of test results for DNS servers used by the above domain
- controllers:
- DNS server: 10.19.10.15 (dc01.mydomain.local.)
- All tests passed on this DNS server
- Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
- DNS delegation for the domain _msdcs.mydomain.local. is operational on IP 10.19.10.15
- DNS server: 10.19.10.16 (DC02)
- All tests passed on this DNS server
- Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
- DNS server: 4.2.2.2 (<name unavailable>)
- All tests passed on this DNS server
- DNS server: 8.8.8.8 (<name unavailable>)
- All tests passed on this DNS server
- Summary of DNS test results:
- Auth Basc Forw Del Dyn RReg Ext
- _________________________________________________________________
- Domain: mydomain.local
- DC01 PASS PASS PASS PASS PASS PASS n/a
- DC02 PASS PASS PASS PASS PASS WARN n/a
- ......................... mydomain.local passed test DNS
- Starting test: LocatorCheck
- GC Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
- A Primary Domain Controller could not be located.
- The server holding the PDC role is down.
- Time Server Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- Preferred Time Server Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- KDC Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- ......................... mydomain.local failed test LocatorCheck
- Starting test: FsmoCheck
- GC Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
- A Primary Domain Controller could not be located.
- The server holding the PDC role is down.
- Time Server Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- Preferred Time Server Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- KDC Name: \\DC01.mydomain.local
- Locator Flags: 0xe003f3fc
- ......................... mydomain.local failed test FsmoCheck
- Starting test: Intersite
- Skipping site Default-First-Site-Name, this site is outside the scope
- provided by the command line arguments provided.
- ......................... mydomain.local passed test Intersite
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
