0
مشکل در نتیجه دستور dcdiag در دامین کنترلر
با سلام ، من از سرور دامین کنترلر شرکتموم خروجی گرفتم اما انگار مشکلاتی در خروجی داره که error نشون میده ، خروجی رو در اینجا قرار دادم تا دوستان اگر نظری در خصوص چگونگی رفع این ایرادها داشته باشند کمک کنند ، ممنونم
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = missrv
* Identified AD Forest.
Ldap search capabality attribute search failed on server PDCSRV, return
value = 81
Got error while checking if the DC is using FRS or DFSR. Error:
Win32 Error 81The VerifyReferences, FrsEvent and DfsrEvent tests might fail
because of this error.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\MISSRV
Starting test: Connectivity
......................... MISSRV passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\MISSRV
Starting test: Advertising
......................... MISSRV passed test Advertising
Starting test: FrsEvent
The event log File Replication Service on server missrv.imro.int could
not be queried, error 0x5 "Access is denied."
......................... MISSRV failed test FrsEvent
Starting test: DFSREvent
......................... MISSRV passed test DFSREvent
Starting test: SysVolCheck
......................... MISSRV passed test SysVolCheck
Starting test: KccEvent
......................... MISSRV passed test KccEvent
Starting test: KnowsOfRoleHolders
[PDCSRV] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Warning: PDCSRV is the Schema Owner, but is not responding to DS RPC
Bind.
Warning: PDCSRV is the Schema Owner, but is not responding to LDAP
Bind.
Warning: PDCSRV is the Domain Owner, but is not responding to DS RPC
Bind.
Warning: PDCSRV is the Domain Owner, but is not responding to LDAP
Bind.
......................... MISSRV failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... MISSRV passed test MachineAccount
Starting test: NCSecDesc
......................... MISSRV passed test NCSecDesc
Starting test: NetLogons
......................... MISSRV passed test NetLogons
Starting test: ObjectsReplicated
......................... MISSRV passed test ObjectsReplicated
Starting test: Replications
[Replications Check,MISSRV] A recent replication attempt failed:
From PDCSRV to MISSRV
Naming Context: CN=Schema,CN=Configuration,DC=imro,DC=int
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2012-10-14 10:17:52.
The last success occurred at 2012-02-10 15:20:35.
5917 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,MISSRV] A recent replication attempt failed:
From PDCSRV to MISSRV
Naming Context: CN=Configuration,DC=imro,DC=int
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2012-10-14 10:17:26.
The last success occurred at 2012-06-21 13:40:02.
2750 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,MISSRV] A recent replication attempt failed:
From PDCSRV to MISSRV
Naming Context: DC=imro,DC=int
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2012-10-14 10:18:34.
The last success occurred at 2012-10-10 09:54:33.
97 failures have occurred since the last success.
The source remains down. Please check the machine.
......................... MISSRV failed test Replications
Starting test: RidManager
......................... MISSRV passed test RidManager
Starting test: Services
......................... MISSRV passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:14:24
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution and
network connectivity to a domain controller for discovery of
new Group Policy objects and settings.
An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:19:40
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery
of new Group Policy objects and settings. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000457
Time Generated: 10/14/2012 10:23:08
Event String:
Driver hp LaserJet 1320 PCL 5 required for printer hp LaserJet 1320 PCL 5 is unknown.
Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 10/14/2012 10:23:09
Event String:
Driver HP Color LaserJet 5500 PCL 6 required for printer
!!192.168.1.42!HP Color LaserJet 5500 (printer7) is unknown.
Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 10/14/2012 10:23:14
Event String:
Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown
Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:24:51
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution and
network connectivity to a domain controller for discovery
of new Group Policy objects and settings. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:30:08
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
nd network connectivity to a domain controller for discovery of new Group Policy objects and settings.
An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000457
Time Generated: 10/14/2012 10:31:28
Event String:
Driver Send To Microsoft OneNote Driver required for printer Send To OneNote 2007 is unknown.
Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:35:29
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings.
An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x0000165B
Time Generated: 10/14/2012 10:40:40
Event String:
The session setup from computer 'ABDOLAHPOUR' failed because the security
database does not contain a trust account 'ABDOLAHPOUR$' referenced by the specified computer.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:40:44
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x000016AD
Time Generated: 10/14/2012 10:45:30
Event String:
The session setup from the computer ABDOLAHPOUR failed to authenticate
. The following error occurred:
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:45:59
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:51:11
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 10:56:26
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 11:01:51
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 11:07:06
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
An event will be logged when Group Policy is successful.
An error event occurred. EventID: 0x0000165B
Time Generated: 10/14/2012 11:08:36
Event String:
The session setup from computer 'GOLMOHAMADI-PC' failed because the security
database does not contain a trust account 'GOLMOHAMADI-PC$' referenced by the specified computer.
An error event occurred. EventID: 0x00000406
Time Generated: 10/14/2012 11:12:30
Event String:
The processing of Group Policy failed.
Windows attempted to retrieve new Group Policy settings for this user or computer.
Look in the details tab for error code and description.
Windows will automatically retry this operation at the next refresh cycle.
Computers joined to the domain must have proper name resolution
and network connectivity to a domain controller for discovery of new Group Policy objects and settings
. An event will be logged when Group Policy is successful.
......................... MISSRV failed test SystemLog
Starting test: VerifyReferences
......................... MISSRV passed test VerifyReferences
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : imro
Starting test: CheckSDRefDom
......................... imro passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... imro passed test CrossRefValidation
Running enterprise tests on : imro.int
Starting test: LocatorCheck
......................... imro.int passed test LocatorCheck
Starting test: Intersite
......................... imro.int passed test Intersite
6 پاسخ
0
با تشکر من موارد رو انجام دادم لطفا در صورت امکان ببینید
0
فایل ها رو چک کردم اما چند نکته رو دقت کنید و بعد از اینکه انجام دادید مجددا dcdiag بیگرید ببینید مشکل حل شده یا خیر :
- یه سرور به آدرس 192.168.2.25 که در forwarder سرور DNS شما قرار گرفته و ظاهرا قابل دسترسی نیست . اگر کار نمیکنه از لیست Forwarder ها حذفش کنید.
- توی Zone اصلی دامین در تمامی زیر مجموعه ها جستجو کنید و کلیه رکورد هایی که مربوط به دامین کنترلر ها هستند و به LDAP و Kerberos اشاره می کنند و از طرفی غیر از PDC و SDC هستند رو حذف کنید .
- در این خروجی ها چندان مشکل حادی وجود نداره ، شما دقیقا یشه شرحی از مشکل اصلیتون بدین ؟ ممنون میشم.
1
خوب من یه تجزیه تحلیل کلی ریو این فایل انجام دادم و به نتیجه هایی رسیم ، مشکلات اصلی شما که RPC Is Unavailable هست میتونه از موارد زیادی باشه مثل :
- از کار افتادن و مشکل در DNS
- از کار افتادن و مشکل در DHCP
- از کار افتادن و مشکل در WINS
- مشکلات Routing و یا حتی مشکلات ناشی از فایروال سیستم که پورت ها رو بلوکه میکنه
- مشکلات ناشی از IPsec و یا احراز هویت در شبکه یا Network Authentication
- وجود محدودیت های سیستمی مثل CPU و یا RAM
- عدم فعالیت پروتکل های لایه های بالاتر
خوب راهکارهای متفاوت و طولانی برای حل این مسئله وجود داره که سعی میکنم یکی به یک بررسیشون کنم.
- اول از همه مطمئن بشید که سرویس های Remote Procedure Call (RPC), Remote Procedure Call (RPC) Locator and Kerberos Key Distribution Center همگی در حالت Started و Automatic قرار گرفتند.
- مطمئن بشید که کلید های رجیستری ClientProtocols در قسمت HKLM\Software\Microsoft\Rpc مقادیر پیشفرض رو به درستی دارند ، مثل پایین :
Protocol Name Type Data Value ncacn_http REG_SZ rpcrt4.dll ncacn_ip_tcp REG_SZ rpcrt4.dll ncacn_np REG_SZ rpcrt4.dll ncacn_ip_udp REG_SZ rpcrt4.dll
DCDIAG /TEST:DNS /V /E /F:<filename.log>
nltest /dsgetdc:contoso /force /gc
dcdiag /e /fix
اما بر حسب تجربه میگم که مشکل اصلی شما در بحث DNS هست ، یه بررسی از دستورات بالا داشته باشید و بعد خروجی و راهکاری که انجام دادید رو در ادامه ذکر کنید که امیدوارم مفیر باشه و مشکل رو حل کنه و موفق باشید.
0
در نظر داشته باشید که اگر مشکلی در هنگام خارج کردن یک دامین کنترلر از این حالت با استفاده از دستور dcpromo پیش بیاد خودش در هنگام اینکار اعلام میکنه ، به نظرم بهتره ببینید با این مراحلی که انجام دادید ، آیا وسط انجام عملیات حذف به مشکلی میخورین یا خیر ، در اینصورت مشکلتون رو پست کنید ، فکر میکنم روش درست این باشه .. موفق باشید
0
متشکرم
مشکل اصلی من این بود که به دلیل مشکلات فراوان در ویندوز دومین کنترلر primary چون قصد داشتم با dcpromo حذفش کنم ، می خواستم مطمئن باشم که وقتی replication domain controllable کنونی که در آنصورت تبدیل میشه به primary کاملا سالم باشه و اینکه چون دومین کنترلرلر های قبلی هیچکدام به درستی remove نشده بودند و همچنین مشکلات کارشناسان موقع join to domain ، باعث شد تا برای اطمینان از سلامت وضع موجود از شما کمک بگیرم.
و البته شما گفتید pdc اما در واقع الان missrv اسم دومین کنترلر Primary هست . و من هر چی رکورد از pdc هست رو باید پاک کنم.
از توجه و کمک شما بسار ممنونم.
1
بخوانید:
چگونه دومین کنترولر را از محیط اکتیو دایرکتوری حذف کنیم (fa-IR) http://social.technet.microsoft.com/wiki/contents/articles/4423.fa-ir.aspx چه چیزهایی را باید در تنظیم دی ان اس برای اکتیو دایرکتوری توجه کرد (fa-IR) http://social.technet.microsoft.com/wiki/contents/articles/4799.aspx