我有一个2008服务器(只有在域中的DC)在重命名期间坠毁。 因此,它将系统的一半重命名。 计算机名称已更改为DC1,但仍有许多对DC2(旧计算机名称)的引用,例如在DNS和Active Directory中。
因此,Netlogon服务将无法启动,并且无法访问Active Directory。 经过大约8个小时的辛苦工作后,我通过手动编辑DNSlogging并使用ADSIEdit更新Active Directorylogging来进行一些改进。
当我运行netdiag我得到以下输出…
Computer Name: DC1 DNS Host Name: dc1.school.local System info : Windows Server (R) 2008 Standard (Build 6002) Processor : x86 Family 6 Model 15 Stepping 11, GenuineIntel Hotfixes : none detected Netcard queries test . . . . . . . : Passed [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets. GetStats failed for 'isatap.{A9F5A39A-FD61-44C4-BE9F-1E4BD5A3B546}'. [ERROR_GEN_FAILURE] Per interface results: Adapter : Local Area Connection Netcard queries test . . . : Passed Host Name. . . . . . . . . : dc1 IP Address . . . . . . . . : 192.168.1.3 Subnet Mask. . . . . . . . : 255.255.255.0 Default Gateway. . . . . . : 192.168.1.1 Dns Servers. . . . . . . . : 192.168.1.3 127.0.0.1 AutoConfiguration results. . . . . . : Passed Default gateway test . . . : Passed NetBT name test. . . . . . : Passed [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing. WINS service test. . . . . : Skipped There are no WINS servers configured for this interface. Global results: Domain membership test . . . . . . : Passed NetBT transports test. . . . . . . : Passed List of NetBt transports currently configured: NetBT_Tcpip_{A9F5A39A-FD61-44C4-BE9F-1E4BD5A3B546} 1 NetBt transport currently configured. Autonet address test . . . . . . . : Passed IP loopback ping test. . . . . . . : Passed Default gateway test . . . . . . . : Passed NetBT name test. . . . . . . . . . : Passed [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined. Winsock test . . . . . . . . . . . : Passed DNS test . . . . . . . . . . . . . : Failed [FATAL] File \config\netlogon.dns contains invalid DNS entries. [FATAL] File \config\netlogon.dns contains invalid DNS entries. [FATAL] No DNS servers have the DNS records for this DC registered. Redir and Browser test . . . . . . : Passed List of NetBt transports currently bound to the Redir NetBT_Tcpip_{A9F5A39A-FD61-44C4-BE9F-1E4BD5A3B546} The redir is bound to 1 NetBt transport. List of NetBt transports currently bound to the browser NetBT_Tcpip_{A9F5A39A-FD61-44C4-BE9F-1E4BD5A3B546} The browser is bound to 1 NetBt transport. DC discovery test. . . . . . . . . : Failed [FATAL] Cannot find DC in domain 'SCHOOL'. [ERROR_NO_SUCH_DOMAIN] DC list test . . . . . . . . . . . : Failed 'SCHOOL': Cannot find DC to get DC list from [test skipped]. Trust relationship test. . . . . . : Skipped Kerberos test. . . . . . . . . . . : Skipped 'SCHOOL': Cannot find DC to get DC list from [test skipped]. LDAP test. . . . . . . . . . . . . : Failed Cannot find DC to run LDAP tests on. The error occurred was: The specified domain either does not exist or could not be contacted. [WARNING] Cannot find DC in domain 'SCHOOL'. [ERROR_NO_SUCH_DOMAIN] Bindings test. . . . . . . . . . . : Passed WAN configuration test . . . . . . : Skipped No active remote access connections. Modem diagnostics test . . . . . . : Passed IP Security test . . . . . . . . . : Skipped Note: run "netsh ipsec dynamic show /?" for more detailed information The command completed successfully 和dcdiag返回….
Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\DC1 Starting test: Connectivity *** Warning: could not confirm the identity of this server in the directory versus the names returned by DNS servers. If there are problems accessing this directory server then you may need to check that this server is correctly registered with DNS ......................... DC1 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\DC1 Starting test: Replications ......................... DC1 passed test Replications Starting test: NCSecDesc ......................... DC1 passed test NCSecDesc Starting test: NetLogons Unable to connect to the NETLOGON share! (\\DC1\netlogon) [DC1] An net use or LsaPolicy operation failed with error 67, Win32 Error 67. ......................... DC1 failed test NetLogons Starting test: Advertising Fatal Error:DsGetDcName (DC1) call failed, error 1355 The Locator could not find the server. ......................... DC1 failed test Advertising Starting test: KnowsOfRoleHolders ......................... DC1 passed test KnowsOfRoleHolders Starting test: RidManager Failed with 8481: Win32 Error 8481 Could not get Rid set Reference :failed with 8481: Win32 Error 8481 ......................... DC1 failed test RidManager Starting test: MachineAccount ***Error: The server DC1 is missing its machine account. Try running with the /repairmachineaccount option. * The current DC is not in the domain controller's OU ......................... DC1 failed test MachineAccount Starting test: Services w32time Service is stopped on [DC1] NETLOGON Service is stopped on [DC1] ......................... DC1 failed test Services Starting test: ObjectsReplicated ......................... DC1 passed test ObjectsReplicated Starting test: frssysvol ......................... DC1 passed test frssysvol Starting test: frsevent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... DC1 failed test frsevent Starting test: kccevent An Warning Event occured. EventID: 0x800004C8 Time Generated: 07/01/2009 09:42:01 Event String: An attempt by the local domain controller to An Warning Event occured. EventID: 0x800004C8 Time Generated: 07/01/2009 09:47:01 Event String: An attempt by the local domain controller to ......................... DC1 failed test kccevent Starting test: systemlog An Error Event occured. EventID: 0x000015E2 Time Generated: 07/01/2009 09:42:21 Event String: An internal error occurred while accessing the An Error Event occured. EventID: 0xC25A002E Time Generated: 07/01/2009 09:42:23 Event String: The time service encountered an error and was An Error Event occured. EventID: 0xC0001B6F Time Generated: 07/01/2009 09:43:23 (Event String could not be retrieved) An Error Event occured. EventID: 0xC0001B6F Time Generated: 07/01/2009 09:43:23 (Event String could not be retrieved) An Error Event occured. EventID: 0xC0001B72 Time Generated: 07/01/2009 09:43:23 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000469 Time Generated: 07/01/2009 09:45:00 Event String: The processing of Group Policy failed because of An Error Event occured. EventID: 0x00000456 Time Generated: 07/01/2009 09:45:43 Event String: The processing of Group Policy failed. Windows An Error Event occured. EventID: 0xC000042B Time Generated: 07/01/2009 09:49:19 Event String: The terminal server cannot register 'TERMSRV' ......................... DC1 failed test systemlog Starting test: VerifyReferences ......................... DC1 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : School Starting test: CrossRefValidation ......................... School passed test CrossRefValidation Starting test: CheckSDRefDom ......................... School passed test CheckSDRefDom Running enterprise tests on : School.local Starting test: Intersite ......................... School.local passed test Intersite Starting test: FsmoCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355 A Primary Domain Controller could not be located. The server holding the PDC role is down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1355 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355 A KDC could not be located - All the KDCs are down. ......................... School.local failed test FsmoCheck
从这些我确定问题仍然在于DNS,但不知道在哪里。 任何人可以提供一些build议?
你能恢复到重命名之前,并重新启动过程再次清洁?
哇,这是一团糟。
好吧,首先,我会通过执行“netdom query FSMO”来检查FSMOangular色,看看旧的服务器名是否是任何FSMOangular色的持有者,如果是这种情况,请按照下一个链接中的说明来抓住FSMOangular色并获得他们根据正确的服务器名称。 机会并不是所有的东西都转移到了新的名字上,你需要清理元数据,这是通过NTDSUTIL完成的。
清理元数据 – > http://technet.microsoft.com/en-us/library/cc736378%28WS.10%29.aspx
现在,我运行dcdiag / repairmachineaccount,看看是否有结果,如果是的话,应该修复机器帐户,并将其放在域控制器OU。
然后再次运行DCDIAG和NETDIAG,开始处理单个错误。 谷歌错误,看看你是否可以解决他们的个人原因。
我想从一个失败的DCangular度来看待这个问题,这个angular色担任了大多数FSMO的angular色,但是你看起来更像旧的服务器名字,但是RID,基础设施和SCHEMA的主人看起来错误,即使它没有显示出来在dcdiag的knowofroleholderstesting中。