升级域控后,计划任务只能用system这个帐号去执行了,换域帐号就会失败,没有日志,有错误代码。。。
请大虾们帮忙啊。。。
============================================
主域控与辅域控的dcdiag资料如下:
Dc01
C:\Users\sepadm>dcdiag
Directory
Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC01
Starting test: Connectivity
......................... DC01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC01
Starting test: Advertising
......................... DC01 passed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC01 passed test FrsEvent
Starting test: DFSREvent
......................... DC01 passed test DFSREvent
Starting test: SysVolCheck
......................... DC01 passed test SysVolCheck
Starting test: KccEvent
......................... DC01 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC01 passed test MachineAccount
Starting test: NCSecDesc
......................... DC01 passed test NCSecDesc
Starting test: NetLogons
......................... DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC01 passed test ObjectsReplicated
Starting test: Replications
......................... DC01 passed test Replications
Starting test: RidManager
......................... DC01 passed test RidManager
Starting test: Services
......................... DC01 passed test Services
Starting test: SystemLog
......................... DC01 passed test SystemLog
Starting test: VerifyReferences
......................... DC01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ARIMA
Starting test: CheckSDRefDom
......................... ARIMA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ARIMA passed test CrossRefValidation
Running enterprise tests on : ARIMA.COM
Starting test: LocatorCheck
......................... ARIMA.COM passed test LocatorCheck
Starting test: Intersite
......................... ARIMA.COM passed test Intersite
C:\Users\sepadm>dcdiag /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC01, is a Directory Server.
Home Server = DC01
* Connecting to directory service on server DC01.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ARIMA,DC=C
N,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ARIMA,DC=C
N,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting
information for the server CN=NTDS Settings,CN=DC01,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC02,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC01
Starting test: Connectivity
* Active Directory
LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC01
Starting test: Advertising
The DC DC01 is advertising itself as a DC and having a DS.
The DC DC01 is advertising as an LDAP server
The DC DC01 is advertising as having a writeable directory
The DC DC01 is advertising as a Key Distribution Center
The DC DC01 is advertising as a time server
The DS DC01 is advertising as a GC.
......................... DC01 passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034C4
Time Generated: 08/24/2013 00:22:29
Event String:
The File Replication Service is having trouble enabling replication
from FILESRV to DC01 for c:\windows\sysvol\domain using the
DNS name filesrv.NOR
AUTRON.CN. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name filesrv.ARIMA.COM
from this computer.
[2] FRS is not running on filesrv.ARIMA.COM.
[3] The topology information in the Active Directory Domain Service
s for this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
roblem is fixed you will see another event log message indicating that the conne
ction has been established.
A warning event occurred. EventID: 0x800034C4
Time Generated: 08/24/2013 10:44:26
Event String:
The File Replication Service is having trouble enabling replication
from FILESRV to DC01 for c:\windows\sysvol\domain using the DNS name filesrv.NOR
AUTRON.CN. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name filesrv.ARIMA.COM
from this computer.
[2] FRS is not running on filesrv.ARIMA.COM.
[3] The topology information in the Active Directory Domain Service
s for this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
roblem is fixed you will see another event log message indicating that the conne
ction has been established.
......................... DC01 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... DC01 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC01 passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 min
utes.
......................... DC01 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Domain Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role PDC Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Rid Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC01,CN=Servers,
CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
......................... DC01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC01 on DC DC01.
* SPN found :LDAP/DC01.ARIMA.COM/ARIMA.COM
* SPN found :LDAP/DC01.ARIMA.COM
* SPN found :LDAP/DC01
* SPN found :LDAP/DC01.ARIMA.COM/ARIMA
* SPN found :LDAP/211b0ddf-7b90-41c2-b236-7fe721a330ce._msdcs.ARIMA
.CN
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/211b0ddf-7b90-41c2-b2
36-7fe721a330ce/ARIMA.COM
* SPN found :HOST/DC01.ARIMA.COM/ARIMA.COM
* SPN found :HOST/DC01.ARIMA.COM
* SPN found :HOST/DC01
* SPN found :HOST/DC01.ARIMA.COM/ARIMA
* SPN found :GC/DC01.ARIMA.COM/ARIMA.COM
......................... DC01 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC01.
* Security Permissions Check for
DC=ForestDnsZones,DC=ARIMA,DC=CN
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=ARIMA,DC=CN
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ARIMA,DC=CN
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=ARIMA,DC=CN
(Configuration,Version 3)
* Security Permissions Check for
DC=ARIMA,DC=CN
(Domain,Version 3)
......................... DC01 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC01\netlogon
Verified share \\DC01\sysvol
......................... DC01 passed test NetLogons
Starting test: ObjectsReplicated
DC01 is in domain DC=ARIMA,DC=CN
Checking for CN=DC01,OU=Domain Controllers,DC=ARIMA,DC=CN in domain
DC=ARIMA,DC=CN on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN in domain CN=Configuration,DC=
ARIMA,DC=CN on 1 servers
Object is up-to-date on all servers.
......................... DC01 passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
......................... DC01 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 4105 to 1073741823
* DC01.ARIMA.COM is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3105 to 3604
* rIDPreviousAllocationPool is 3105 to 3604
* rIDNextRID: 3130
......................... DC01 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC01 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... DC01 passed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC01,OU=Domain Controllers,DC=ARIMA,DC=CN and backlink on
CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration
,DC=ARIMA,DC=CN
are correct.
The system object reference (serverReferenceBL)
CN=DC01,CN=Domain System Volume (SYSVOL share),CN=File Replication Serv
ice,CN=System,DC=ARIMA,DC=CN
and backlink on
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites
,CN=Configuration,DC=ARIMA,DC=CN
are correct.
The system object reference (frsComputerReferenceBL)
CN=DC01,CN=Domain System Volume (SYSVOL share),CN=File Replication Serv
ice,CN=System,DC=ARIMA,DC=CN
and backlink on CN=DC01,OU=Domain Controllers,DC=ARIMA,DC=CN are
correct.
......................... DC01 passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ARIMA
Starting test: CheckSDRefDom
......................... ARIMA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ARIMA passed test CrossRefValidation
Running enterprise tests on : ARIMA.COM
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
PDC Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
Time Server Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
Preferred Time Server Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
KDC Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
......................... ARIMA.COM passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ARIMA.COM passed test Intersite
C:\Users\sepadm>
Dc02
C:\Users\sepadm>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC02
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC02
Starting test: Connectivity
......................... DC02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC02
Starting test: Advertising
......................... DC02 passed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC02 passed test FrsEvent
Starting test: DFSREvent
......................... DC02 passed test DFSREvent
Starting test: SysVolCheck
......................... DC02 passed test SysVolCheck
Starting test: KccEvent
......................... DC02 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC02 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC02 passed test MachineAccount
Starting test: NCSecDesc
......................... DC02 passed test NCSecDesc
Starting test: NetLogons
[DC02] User credentials does not have permission to perform this
operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... DC02 failed test NetLogons
Starting test: ObjectsReplicated
......................... DC02 passed test ObjectsReplicated
Starting test: Replications
......................... DC02 passed test Replications
Starting test: RidManager
......................... DC02 passed test RidManager
Starting test: Services
Could not open NTDS Service on DC02, error 0x5 "Access is denied."
......................... DC02 failed test Services
Starting test: SystemLog
......................... DC02 passed test SystemLog
Starting test: VerifyReferences
......................... DC02 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ARIMA
Starting test: CheckSDRefDom
......................... ARIMA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ARIMA passed test CrossRefValidation
Running enterprise tests on : ARIMA.COM
Starting test: LocatorCheck
......................... ARIMA.COM passed test LocatorCheck
Starting test: Intersite
......................... ARIMA.COM passed test Intersite
C:\Users\sepadm>dcdiag /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC02, is a Directory Server.
Home Server = DC02
* Connecting to directory service on server DC02.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ARIMA,DC=C
N,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ARIMA,DC=C
N,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC01,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC02,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC02
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC02
Starting test: Advertising
The DC DC02 is advertising itself as a DC and having a DS.
The DC DC02 is advertising as an LDAP server
The DC DC02 is advertising as having a writeable directory
The DC DC02 is advertising as a Key Distribution Center
The DC DC02 is advertising as a time server
The DS DC02 is advertising as a GC.
......................... DC02 passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034C4
Time Generated: 08/23/2013 21:26:03
Event String:
The File Replication Service is having trouble enabling replication
from FILESRV to DC02 for c:\windows\sysvol\domain using the DNS name filesrv.NOR
AUTRON.CN. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name filesrv.ARIMA.COM
from this computer.
[2] FRS is not running on filesrv.ARIMA.COM.
[3] The topology information in the Active Directory Domain Service
s for this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
roblem is fixed you will see another event log message indicating that the conne
ction has been established.
......................... DC02 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... DC02 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC02 passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 min
utes.
......................... DC02 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Domain Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role PDC Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Rid Owner = CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC01,CN=Servers,
CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN
......................... DC02 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC02 on DC DC02.
* SPN found :LDAP/DC02.ARIMA.COM/ARIMA.COM
* SPN found :LDAP/DC02.ARIMA.COM
* SPN found :LDAP/DC02
* SPN found :LDAP/DC02.ARIMA.COM/ARIMA
* SPN found :LDAP/dfd756bc-8655-4214-85f1-59344d2045dd._msdcs.ARIMA
.CN
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/dfd756bc-8655-4214-85
f1-59344d2045dd/ARIMA.COM
* SPN found :HOST/DC02.ARIMA.COM/ARIMA.COM
* SPN found :HOST/DC02.ARIMA.COM
* SPN found :HOST/DC02
* SPN found :HOST/DC02.ARIMA.COM/ARIMA
* SPN found :GC/DC02.ARIMA.COM/ARIMA.COM
......................... DC02 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC02.
* Security Permissions Check for
DC=ForestDnsZones,DC=ARIMA,DC=CN
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=ARIMA,DC=CN
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ARIMA,DC=CN
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=ARIMA,DC=CN
(Configuration,Version 3)
* Security Permissions Check for
DC=ARIMA,DC=CN
(Domain,Version 3)
......................... DC02 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC02\netlogon
Verified share \\DC02\sysvol
[DC02] User credentials does not have permission to perform this
operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... DC02 failed test NetLogons
Starting test: ObjectsReplicated
DC02 is in domain DC=ARIMA,DC=CN
Checking for CN=DC02,OU=Domain Controllers,DC=ARIMA,DC=CN in domain
DC=ARIMA,DC=CN on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=ARIMA,DC=CN in domain CN=Configuration,DC=
ARIMA,DC=CN on 1 servers
Object is up-to-date on all servers.
......................... DC02 passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=ARIMA,DC=CN
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
......................... DC02 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 4105 to 1073741823
* DC01.ARIMA.COM is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3605 to 4104
* rIDPreviousAllocationPool is 3605 to 4104
* rIDNextRID: 3616
......................... DC02 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
Could not open NTDS Service on DC02, error 0x5 "Access is denied."
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC02 failed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... DC02 passed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC02,OU=Domain Controllers,DC=ARIMA,DC=CN and backlink on
CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration
,DC=ARIMA,DC=CN
are correct.
The system object reference (serverReferenceBL)
CN=DC02,CN=Domain System Volume (SYSVOL share),CN=File Replication Serv
ice,CN=System,DC=ARIMA,DC=CN
and backlink on
CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites
,CN=Configuration,DC=ARIMA,DC=CN
are correct.
The system object reference (frsComputerReferenceBL)
CN=DC02,CN=Domain System Volume (SYSVOL share),CN=File Replication Serv
ice,CN=System,DC=ARIMA,DC=CN
and backlink on CN=DC02,OU=Domain Controllers,DC=ARIMA,DC=CN are
correct.
......................... DC02 passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ARIMA
Starting test: CheckSDRefDom
......................... ARIMA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ARIMA passed test CrossRefValidation
Running enterprise tests on : ARIMA.COM
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\DC02.ARIMA.COM
Locator Flags: 0xe00031fc
PDC Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
Time Server Name: \\DC02.ARIMA.COM
Locator Flags: 0xe00031fc
Preferred Time Server Name: \\DC01.ARIMA.COM
Locator Flags: 0xe00033fd
KDC Name: \\DC02.ARIMA.COM
Locator Flags: 0xe00031fc
......................... ARIMA.COM passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ARIMA.COM passed test Intersite
C:\Users\sepadm>
