服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 如何检查所有Active Directory服务和复制(Win2012)是否正在运行? (不包括以前的错误)
Intereting Posts
地理位置冗余服务器上的网站的DNS设置 IIS不发送中间SSL证书 使用logdam旋转TomcatloginSolaris会创build越来越多的空值 根据设备types,是否可以在我的networking上find特定的设备? 如何将邮箱从一个Exchange 2010移动到另一个(不同的域)? AH00027:从Apache 2.2升级到2.4后没有validation完成错误 从脚本调用PHP时,会使用错误版本的PHP 硬盘在写数据的同时是否进行读取validation? 问题与RackTables浏览器安装 廉价的远程协助软件? 设置PNP4nagios – 无法findNagios环境 php.ini存在,但没有加载 IIS6是否有一个秘密,未logging,透明,区分大小写的代理? Windows Server 2008 R2authentication权限转换为2003域 木偶和数组循环

如何检查所有Active Directory服务和复制(Win2012)是否正在运行? (不包括以前的错误)

我正在运行一个具有2个Active Directory Windows2012控制器的testing环境,这个控制器可以开启或closures。 但是,我很难破译repadmin / showreplrepadmin / replsummary输出。 输出显示10分钟前的问题,但根据事件日志,问题似乎已被清除。

下面是一个例子。 目前复制似乎只是通过手动添加对象,而他们在其他DC显示。 事件日志错误和警告似乎已经清除。 然而,我主要关心的是能够实时检查Active Directory服务的健康状况,而不会引用过去的错误或错误,只要一切都恢复正常,错误就不会被清除。 

C:\Users\administrator>repadmin /showrepl Repadmin: running command /showrepl against full DC localhost Default-First-Site-Name\WIN2012-1 DSA Options: IS_GC Site Options: (none) DSA object GUID: 4d0f615f-2568-4acb-a4d7-fda9e8c303ff DSA invocationID: 4d0f615f-2568-4acb-a4d7-fda9e8c303ff ==== INBOUND NEIGHBORS ====================================== DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 13:16:30 was successful. CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:52:26 was successful. CN=Schema,CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:47:28 failed, result 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup failu re. 1 consecutive failure(s). Last success @ 2016-11-30 22:45:07. DC=DomainDnsZones,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 13:08:01 was successful. DC=ForestDnsZones,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:47:28 failed, result 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup failure. 1 consecutive failure(s). Last success @ 2016-11-30 22:45:07. Source: Default-First-Site-Name\WIN-2012-2 ******* 1 CONSECUTIVE FAILURES since 2016-11-30 22:45:07 Last error: 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup failure. repadmin /replsummary Replication Summary Start Time: 2016-12-01 13:19:35 Beginning data collection for replication summary, this may take awhile: ..... Source DSA largest delta fails/total %% error WIN-2012-2 14h:34m:28s 2 / 5 40 (8524) The DSA operation is unable to proceed because of a DNS lookup failure. WIN2012-1 14h:20m:18s 2 / 5 40 (1908) Could not find the do main controller for this domain. Destination DSA largest delta fails/total %% error WIN-2012-2 14h:20m:18s 2 / 5 40 (1908) Could not find the do main controller for this domain. WIN2012-1 14h:34m:28s 2 / 5 40 (8524) The DSA operation is unable to proceed because of a DNS lookup failure.

另外,以下3个testingshowrepl显示有什么区别? 

 DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 13:16:30 was successful. CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:52:26 was successful. CN=Schema,CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:47:28 failed, result 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup 1 consecutive failure(s). Last success @ 2016-11-30 22:45:07.

repadmin /replsummary必须显示历史数据,从成功和失败的滚动caching,因此/replsummary将继续显示旧的错误一段时间,即使你确实已经修复它。 我不喜欢/replsummary ,从来没有使用它。

/showrepl另一方面,是实时的,因为它得到。 也许你仍然在/showrepl看到旧的错误,因为从那以后,区议会还没有试图复制任何东西?

你可以从两个DCs repadmin /syncall /APed没有任何错误? 如果你不能,那么你还没有修复它。

另外,以下3个testingshowrepl显示有什么区别? 

 DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 13:16:30 was successful. CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:52:26 was successful. CN=Schema,CN=Configuration,DC=tom,DC=local Default-First-Site-Name\WIN-2012-2 via RPC DSA object GUID: 666eacaf-7bfd-428f-bc21-4bc067207f44 Last attempt @ 2016-12-01 12:47:28 failed, result 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup 1 consecutive failure(s). Last success @ 2016-11-30 22:45:07.

域控制器承载几个不同的命名上下文或分区。 它们类似于数据库中的逻辑表或视图。 这些分区中的每一个分别被复制。 第一个, DC=tom,DC=local是你的域分区。 这是您的用户和组属于该域的地方。 来自其他域的用户和组(如果有的话)将不在该分区中。

CN=Configuration,DC=tom,DC=local是森林范围内的命名上下文复制到森林中的所有DC。 它包含有关整个森林的configuration信息,如AD网站,PKI信息等。

CN=Schema,CN=Configuration,DC=tom,DC=local也是全林范围的命名上下文。 整个森林只有这个分区的一个版本。