hello,
I have one Domain Controller on windows server 2012
and many problems with them.
the main problem: that I can open ADSI Edit console only, all others AD consoles don't work
DCDIAG/FIX
| Directory Server Diagnosis |
| Performing initial setup: |
| Trying to find home server... |
| Home Server = dc01 |
| * Identified AD Forest. |
| Done gathering initial info. |
| Doing initial required tests |
| Testing server: Default-First-Site-Name\DC01 |
| Starting test: Connectivity |
| ......................... DC01 passed test Connectivity |
| Doing primary tests |
| Testing server: Default-First-Site-Name\DC01 |
| Starting test: Advertising |
| Fatal Error:DsGetDcName (DC01) call failed, error 1355 |
| The Locator could not find the server. |
| ......................... DC01 failed test Advertising |
| Starting test: FrsEvent |
| ......................... DC01 passed test FrsEvent |
| Starting test: DFSREvent |
| ......................... DC01 passed test DFSREvent |
| Starting test: SysVolCheck |
| ......................... DC01 passed test SysVolCheck |
| Starting test: KccEvent |
| An error event occurred. EventID: 0xC0000466 |
| Time Generated: 06/11/2013 15:41:08 |
| Event String: |
| Active Directory Domain Services was unable to establish a connectio |
| n with the global catalog. |
| ......................... DC01 failed test KccEvent |
| Starting test: KnowsOfRoleHolders |
| ......................... DC01 passed test KnowsOfRoleHolders |
| Starting test: MachineAccount |
| ......................... DC01 passed test MachineAccount |
| Starting test: NCSecDesc |
| ......................... DC01 passed test NCSecDesc |
| Starting test: NetLogons |
| Unable to connect to the NETLOGON share! (\\DC01\netlogon) |
| [DC01] An net use or LsaPolicy operation failed with error 67, |
| The network name cannot be found.. |
| ......................... DC01 failed test NetLogons |
| Starting test: ObjectsReplicated |
| ......................... DC01 passed test ObjectsReplicated |
| Starting test: Replications |
| ......................... DC01 passed test Replications |
| Starting test: RidManager |
| ......................... DC01 passed test RidManager |
| Starting test: Services |
| ......................... DC01 passed test Services |
| Starting test: SystemLog |
| An error event occurred. EventID: 0x0000271A |
| Time Generated: 06/11/2013 15:24:45 |
| Event String: |
| The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register w |
| ith DCOM within the required timeout. |
| A warning event occurred. EventID: 0x000727A5 |
| Time Generated: 06/11/2013 15:24:46 |
| Event String: |
| The WinRM service is not listening for WS-Management requests. |
| A warning event occurred. EventID: 0x80040022 |
| Time Generated: 06/11/2013 15:25:39 |
| Event String: |
| The driver disabled the write cache on device \Device\Harddisk0\DR0. |
| A warning event occurred. EventID: 0x80040022 |
| Time Generated: 06/11/2013 15:25:39 |
| Event String: |
| The driver disabled the write cache on device \Device\Harddisk0\DR0. |
| A warning event occurred. EventID: 0x80040022 |
| Time Generated: 06/11/2013 15:25:39 |
| Event String: |
| The driver disabled the write cache on device \Device\Harddisk0\DR0. |
| A warning event occurred. EventID: 0x000003F6 |
| Time Generated: 06/11/2013 15:26:05 |
| Event String: |
| Name resolution for the name _ldap._tcp.dc._msdcs.domain.local. t |
| imed out after none of the configured DNS servers responded. |
| A warning event occurred. EventID: 0x800009CF |
| Time Generated: 06/11/2013 15:26:08 |
| Event String: |
| The server service was unable to recreate the share backup because t |
| he directory C:\backup no longer exists. Please run "net share backup /delete" |
| to delete the share, or recreate the directory C:\backup. |
| A warning event occurred. EventID: 0x00000081 |
| Time Generated: 06/11/2013 15:27:15 |
| Event String: |
| NtpClient was unable to set a domain peer to use as a time source be |
| cause of discovery error. NtpClient will try again in 15 minutes and double the |
| reattempt interval thereafter. The error was: An existing connection was forcibl |
| y closed by the remote host. (0x80072746) |
| A warning event occurred. EventID: 0x000727AA |
| Time Generated: 06/11/2013 15:27:21 |
| Event String: |
| The WinRM service failed to create the following SPNs: WSMAN/dc01.ex |
| pertpro.local; WSMAN/dc01. |
| A warning event occurred. EventID: 0x0000000C |
| Time Generated: 06/11/2013 15:27:21 |
| Event String: |
| Time Provider NtpClient: This machine is configured to use the domai |
| n hierarchy to determine its time source, but it is the AD PDC emulator for the |
| domain at the root of the forest, so there is no machine above it in the domain |
| hierarchy to use as a time source. It is recommended that you either configure a |
| reliable time service in the root domain, or manually configure the AD PDC to s |
| ynchronize with an external time source. Otherwise, this machine will function a |
| s the authoritative time source in the domain hierarchy. If an external time sou |
| rce is not configured or used for this computer, you may choose to disable the N |
| tpClient. |
| A warning event occurred. EventID: 0x00000090 |
| Time Generated: 06/11/2013 15:27:37 |
| Event String: |
| The time service has stopped advertising as a good time source. |
| A warning event occurred. EventID: 0xC000042B |
| Time Generated: 06/11/2013 15:29:36 |
| Event String: |
| The RD Session Host server cannot register 'TERMSRV' Service Princip |
| al Name to be used for server authentication. The following error occured: The s |
| pecified domain either does not exist or could not be contacted. |
| An error event occurred. EventID: 0x00000469 |
| Time Generated: 06/11/2013 15:31:09 |
| Event String: |
| The processing of Group Policy failed because of lack of network con |
| nectivity to a domain controller. This may be a transient condition. A success m |
| essage would be generated once the machine gets connected to the domain controll |
| er and Group Policy has successfully processed. If you do not see a success mess |
| age for several hours, then contact your administrator. |
| An error event occurred. EventID: 0x00000469 |
| Time Generated: 06/11/2013 15:31:46 |
| Event String: |
| The processing of Group Policy failed because of lack of network con |
| nectivity to a domain controller. This may be a transient condition. A success m |
| essage would be generated once the machine gets connected to the domain controll |
| er and Group Policy has successfully processed. If you do not see a success mess |
| age for several hours, then contact your administrator. |
| ......................... DC01 failed test SystemLog |
| Starting test: VerifyReferences |
| ......................... DC01 passed test VerifyReferences |
| Running partition tests on : ForestDnsZones |
| Starting test: CheckSDRefDom |
| ......................... ForestDnsZones passed test CheckSDRefDom |
| Starting test: CrossRefValidation |
| ......................... ForestDnsZones passed test |
| CrossRefValidation |
| Running partition tests on : DomainDnsZones |
| Starting test: CheckSDRefDom |
| ......................... DomainDnsZones passed test CheckSDRefDom |
| Starting test: CrossRefValidation |
| ......................... DomainDnsZones passed test |
| CrossRefValidation |
| Running partition tests on : Schema |
| Starting test: CheckSDRefDom |
| ......................... Schema passed test CheckSDRefDom |
| Starting test: CrossRefValidation |
| ......................... Schema passed test CrossRefValidation |
| Running partition tests on : Configuration |
| Starting test: CheckSDRefDom |
| ......................... Configuration passed test CheckSDRefDom |
| Starting test: CrossRefValidation |
| ......................... Configuration passed test CrossRefValidation |
| Running partition tests on : domain |
| Starting test: CheckSDRefDom |
| ......................... domain passed test CheckSDRefDom |
| Starting test: CrossRefValidation |
| ......................... domain passed test CrossRefValidation |
| Running enterprise tests on : domain.local |
| Starting test: LocatorCheck |
| Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355 |
| A Global Catalog Server could not be located - All GC's are down. |
| Warning: DcGetDcName(TIME_SERVER) call failed, error 1355 |
| A Time Server could not be located. |
| The server holding the PDC role is down. |
| Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error |
| 1355 |
| A Good Time Server could not be located. |
| Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355 |
| A KDC could not be located - All the KDCs are down. |
| ......................... domain.local failed test LocatorCheck |
| Starting test: Intersite |
| ......................... domain.local passed test Intersite |
ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : dc01
Primary Dns Suffix . . . . . . . : domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-15-5D-BF-45-05
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5507:3ae8:676e:4ab9%12(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.191.215(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 251663709
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-27-DB-13-00-15-5D-BF-45-05
DNS Servers . . . . . . . . . . . : 172.16.191.215
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{1581C831-AF29-44A7-B2A4-C6B94AF3C967}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Directory Service Event ID 1126
Active Directory Domain Services was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200e24
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
<EventID Qualifiers="49152">1126</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>18</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-06-11T10:41:08.072581900Z" />
<EventRecordID>313</EventRecordID>
<Correlation />
<Execution ProcessID="548" ThreadID="680" />
<Channel>Directory Service</Channel>
<Computer>dc01.domain.local</Computer>
<Security UserID="S-1-5-7" />
</System>
<EventData>
<Data>3200e24</Data>
<Data>1355</Data>
<Data>The specified domain either does not exist or could not be contacted.</Data>
</EventData>
</Event>
SYSTEM Event ID 1129
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully
processed. If you do not see a success message for several hours, then contact your administrator.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1129</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2013-06-11T10:31:09.972110300Z" />
<EventRecordID>5093</EventRecordID>
<Correlation ActivityID="{785FA1A7-8FE6-4FCF-8180-4BBB9CA729FB}" />
<Execution ProcessID="916" ThreadID="1192" />
<Channel>System</Channel>
<Computer>dc01.domain.local</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">1532</Data>
<Data Name="ProcessingMode">1</Data>
<Data Name="ProcessingTimeInMilliseconds">16</Data>
<Data Name="ErrorCode">1222</Data>
<Data Name="ErrorDescription">The network is not present or not started. </Data>
</EventData>
</Event>
SYSTEM Event ID 10010
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-06-11T10:24:45.658290000Z" />
<EventRecordID>4944</EventRecordID>
<Correlation />
<Execution ProcessID="772" ThreadID="1956" />
<Channel>System</Channel>
<Computer>dc01.domain.local</Computer>
<Security UserID="S-1-5-21-74712226-1288518128-2718553363-500" />
</System>
<EventData>
<Data Name="param1">{9BA05972-F6A8-11CF-A442-00A0C90A8F39}</Data>
</EventData>
</Event>
Port Query :
Port Local IP State Remote IP:Port
TCP 53 127.0.0.1 LISTENING 0.0.0.0:0
TCP 53 172.16.191.215 LISTENING 0.0.0.0:0
UDP 53 127.0.0.1 *:*
UDP 53 172.16.191.215 *:*
TCP 88 0.0.0.0 LISTENING 0.0.0.0:0
UDP 88 172.16.191.215 *:*
UDP 123 0.0.0.0 *:*
TCP 135 0.0.0.0 LISTENING 0.0.0.0:0
TCP 135 127.0.0.1 ESTABLISHED 127.0.0.1:58949
TCP 135 172.16.191.215 ESTABLISHED 172.16.191.215:58952
UDP 137 172.16.191.215 *:*
UDP 138 172.16.191.215 *:*
TCP 139 172.16.191.215 LISTENING 0.0.0.0:0
TCP 389 0.0.0.0 LISTENING 0.0.0.0:0
TCP 389 127.0.0.1 ESTABLISHED 127.0.0.1:49159
TCP 389 127.0.0.1 ESTABLISHED 127.0.0.1:49160
TCP 389 127.0.0.1 ESTABLISHED 127.0.0.1:49161
TCP 389 172.16.191.215 ESTABLISHED 172.16.191.215:49175
TCP 389 172.16.191.215 ESTABLISHED 172.16.191.215:49180
UDP 389 0.0.0.0 *:*
TCP 445 0.0.0.0 LISTENING 0.0.0.0:0
TCP 464 0.0.0.0 LISTENING 0.0.0.0:0
UDP 464 172.16.191.215 *:*
TCP 593 0.0.0.0 LISTENING 0.0.0.0:0
TCP 636 0.0.0.0 LISTENING 0.0.0.0:0
TCP 3268 0.0.0.0 LISTENING 0.0.0.0:0
TCP 3269 0.0.0.0 LISTENING 0.0.0.0:0
TCP 3389 0.0.0.0 LISTENING 0.0.0.0:0
UDP 3389 0.0.0.0 *:*
UDP 5355 0.0.0.0 *:*
TCP 5985 0.0.0.0 LISTENING 0.0.0.0:0
TCP 9389 0.0.0.0 LISTENING 0.0.0.0:0
TCP 47001 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49152 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49153 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49154 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49155 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49156 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49156 127.0.0.1 ESTABLISHED 127.0.0.1:58950
TCP 49156 172.16.191.215 ESTABLISHED 172.16.191.215:49177
TCP 49158 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49159 127.0.0.1 ESTABLISHED 127.0.0.1:389
TCP 49160 127.0.0.1 ESTABLISHED 127.0.0.1:389
TCP 49161 127.0.0.1 ESTABLISHED 127.0.0.1:389
TCP 49170 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49171 0.0.0.0 LISTENING 0.0.0.0:0
TCP 49175 172.16.191.215 ESTABLISHED 172.16.191.215:389
TCP 49177 172.16.191.215 ESTABLISHED 172.16.191.215:49156
TCP 49180 172.16.191.215 ESTABLISHED 172.16.191.215:389
TCP 49182 0.0.0.0 LISTENING 0.0.0.0:0
UDP 49783 127.0.0.1 *:*
TCP 49804 172.16.191.215 ESTABLISHED 172.16.191.69:445
UDP 57560 127.0.0.1 *:*
TCP 58949 127.0.0.1 ESTABLISHED 127.0.0.1:135
TCP 58950 127.0.0.1 ESTABLISHED 127.0.0.1:49156
TCP 58952 172.16.191.215 ESTABLISHED 172.16.191.215:135
also :
NETLOGON share is missing
that's all.
Help please