Discussion:
Windows 2003 NtFrs Event 13508 sysvol\domain
(too old to reply)
Thylo
2007-09-26 06:04:02 UTC
Permalink
Hi,

We have a Windows 2003 domain, with two domain controllers. Both domain
controllers are running Windows 2003 SP2, fully patched. The same warning
appears in the File Replication Service Log on both servers, with the server
names reveresed on the other server (I have changed the names of the servers
and domain here).

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
Description:
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.

****

There are no 13509 events after these. I have been searching the groups
trying to find something that will help. Both servers are able to ping each
other using their FQDN, the FRS service is running on both servers and
replication appears to be working, as changes to Sites and Services are
replicated almost immediately when they are made, inlcuding changing the site
name and deleting and regenerating Active Directory Connections (which I did
as a test). I have also tried changing both servers so that they are using
the same DNS server (all combinations) to no avail.

I ran the FRSDiag utility, from both my workstation and on the servers. All
of them report an RPC error trying to connect to both servers. On the server
I was logged in as the Administrator, so permissions shouldn't have been a
problem. I have the logs from the FRSDiag utility if that will help anyone!

When I run "ntfrsutl version" on both servers, I get:

NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul
ERROR - Cannot RPC to computer, (null); 000006d9 (1753)

****

(null) is replaced by the FQDN of both servers when I enter that information
in the command line as well.

I have followed all of the kb articles and usergroup threads that I can
find, with no luck. Hopefully there's something that I've missed that someone
can point me to.

Other events that may help (or could confuse the matter further), is that
when users change their passwords, the Windows 2000 ISA Server prompts them
for their password, even when they log off (or even restart their computers
completely) and log back on with the new password. Even once that is sorted
out, which can involve re-creating their profile or resetting the password
again on one of the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely corrupted
afer a password change on a couple of occassions.

I look forward to any suggestion. Thanks in advance.
--
Leigh
MCSE (NT4, 2000)
Meinolf Weber
2007-09-26 06:10:09 UTC
Permalink
Hello Thylo,

Please post an ipconfig /all from both DC/DNS server.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are able
to ping each other using their FQDN, the FRS service is running on
both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS server
(all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve re-creating
their profile or resetting the password again on one of the DCs,
failed logon attempts are regularly recorded in the security log on
both DCs. Profiles have also become completely corrupted afer a
password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Thylo
2007-09-26 06:28:30 UTC
Permalink
Hi Meinolf,

Below are the ipconfig /all results from domain controller, they are the
only DNS servers on the network as well:

Windows IP Configuration

Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au

Ethernet adapter Intel Pro 1000 CT Gigabit Ethernet Adapter - Onboard:

Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2

Windows IP Configuration

Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7

***

Cheers,
--
Leigh
MCSE (NT4, 2000)
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are able
to ping each other using their FQDN, the FRS service is running on
both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS server
(all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve re-creating
their profile or resetting the password again on one of the DCs,
failed logon attempts are regularly recorded in the security log on
both DCs. Profiles have also become completely corrupted afer a
password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Meinolf Weber
2007-09-26 06:53:15 UTC
Permalink
Hello Thylo,

Have a look here:
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=ntfrs&phase=1

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is running
on both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS
server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one of
the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Technical
2007-09-26 09:44:02 UTC
Permalink
check this article
http://technet.microsoft.com/en-us/library/Bb727056.aspx#EMAA
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=ntfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is running
on both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS
server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one of
the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Thylo
2007-09-27 01:18:00 UTC
Permalink
Hi Technical,

I have seen and been through that article numerous times, however non of the
solutions or hints there make any difference. Actice Directory replication
appears to be working fine, as when a new person is added or OU, it is
replicated to the other server. New user additions are often done on the
Exchange 2003 member server, but still replication appears to work just fine
wherever additions or alterations are made.

Each server can ping the other using their FQDN and there aren't any
hardware firewalls between the servers, only the Windows 2003 firewall, which
I have triple and quadruple checked is done correctly.

Cheers,
--
Leigh
MCSE (NT4, 2000)
Post by Technical
check this article
http://technet.microsoft.com/en-us/library/Bb727056.aspx#EMAA
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=ntfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is running
on both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS
server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one of
the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Thylo
2007-09-27 01:10:02 UTC
Permalink
Hey Meinolf,

I'm sure I had gone through that page before, but I double checked all of
them anyway to make sure. The times are synchronised between all servers on
the network, there aren't any firewalls (apart from Windows 2003 own which is
configured as required) between the servers, there is plenty of disk space
(20GB+), non of the other errors come up that "should" for the other
solutions, it is a native Windows 2003 domain with only Windows 2003 server
and it was upgraded from a Windows 2000 domain before I started here.

It is a very frustrating issue!!

Cheers,
--
Leigh
MCSE (NT4, 2000)
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=ntfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched. The
same warning appears in the File Replication Service Log on both
servers, with the server names reveresed on the other server (I have
changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling replication from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is running
on both servers and replication appears to be working, as changes to
Sites and Services are replicated almost immediately when they are
made, inlcuding changing the site name and deleting and regenerating
Active Directory Connections (which I did as a test). I have also
tried changing both servers so that they are using the same DNS
server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from the
FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that I
can find, with no luck. Hopefully there's something that I've missed
that someone can point me to.
Other events that may help (or could confuse the matter further), is
that when users change their passwords, the Windows 2000 ISA Server
prompts them for their password, even when they log off (or even
restart their computers completely) and log back on with the new
password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one of
the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Meinolf Weber
2007-09-27 07:30:11 UTC
Permalink
Hello Thylo,

Did you also check for errors with dcdiag and netdiag?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hey Meinolf,
I'm sure I had gone through that page before, but I double checked all
of them anyway to make sure. The times are synchronised between all
servers on the network, there aren't any firewalls (apart from Windows
2003 own which is configured as required) between the servers, there
is plenty of disk space (20GB+), non of the other errors come up that
"should" for the other solutions, it is a native Windows 2003 domain
with only Windows 2003 server and it was upgraded from a Windows 2000
domain before I started here.
It is a very frustrating issue!!
Cheers,
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=n
tfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched.
The same warning appears in the File Replication Service Log on
both servers, with the server names reveresed on the other server
(I have changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling
replication
from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is
running on both servers and replication appears to be working, as
changes to Sites and Services are replicated almost immediately
when they are made, inlcuding changing the site name and deleting
and regenerating Active Directory Connections (which I did as a
test). I have also tried changing both servers so that they are
using the same DNS server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from
the FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that
I can find, with no luck. Hopefully there's something that I've
missed that someone can point me to.
Other events that may help (or could confuse the matter further),
is that when users change their passwords, the Windows 2000 ISA
Server prompts them for their password, even when they log off (or
even restart their computers completely) and log back on with the
new password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one
of the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Thylo
2007-09-28 00:16:00 UTC
Permalink
Hi Meinolf,

Both the dcdiag and net diag results are clean, I have pasted them below
just incase I have gone too cross eyes looking at everything to not notice
something obvious, a fresh set of eyes can do wonders!! The only "failures"
that I can see are is the frsevent, which is what I'm trying to solve and the
modem diagnositcs, understanable as there is no modem. ICMP is disabled on
our gateway, the servers are on the same segment/subnet anyway.

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Flemington\domainDC1
Starting test: Connectivity
......................... domainDC1 passed test Connectivity

Doing primary tests

Testing server: Flemington\domainDC1
Starting test: Replications
......................... domainDC1 passed test Replications
Starting test: NCSecDesc
......................... domainDC1 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC1 passed test NetLogons
Starting test: Advertising
......................... domainDC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC1 passed test RidManager
Starting test: MachineAccount
......................... domainDC1 passed test MachineAccount
Starting test: Services
......................... domainDC1 passed test Services
Starting test: ObjectsReplicated
......................... domainDC1 passed test ObjectsReplicated
Starting test: frssysvol
......................... domainDC1 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may
cause
Group Policy problems.
......................... domainDC1 failed test frsevent
Starting test: kccevent
......................... domainDC1 passed test kccevent
Starting test: systemlog
......................... domainDC1 passed test systemlog
Starting test: VerifyReferences
......................... domainDC1 passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom

Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck

****

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Flemington\domainDC2
Starting test: Connectivity
......................... domainDC2 passed test Connectivity

Doing primary tests

Testing server: Flemington\domainDC2
Starting test: Replications
......................... domainDC2 passed test Replications
Starting test: NCSecDesc
......................... domainDC2 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC2 passed test NetLogons
Starting test: Advertising
......................... domainDC2 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC2 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC2 passed test RidManager
Starting test: MachineAccount
......................... domainDC2 passed test MachineAccount
Starting test: Services
......................... domainDC2 passed test Services
Starting test: ObjectsReplicated
......................... domainDC2 passed test ObjectsReplicated
Starting test: frssysvol
......................... domainDC2 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may
cause
Group Policy problems.
......................... domainDC2 failed test frsevent
Starting test: kccevent
......................... domainDC2 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002716
Time Generated: 09/28/2007 09:05:21
(Event String could not be retrieved)
......................... domainDC2 failed test systemlog
Starting test: VerifyReferences
......................... domainDC2 passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom

Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck

****
Computer Name: domainDC1
DNS Host Name: domaindc1.domain.org.au
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
List of installed hotfixes :
KB909520
KB911564
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931768
KB931784
KB931836
KB932168
KB933360
KB933566
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143
KB937143-IE7
KB938127
KB938127-IE7
Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Intel Pro 1000 CT Gigabit Ethernet Adapter - Onboard

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : domaindc1.domain.org.au
IP Address . . . . . . . . : 172.30.14.7
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 172.30.14.1
Primary WINS Server. . . . : 172.30.14.7
Secondary WINS Server. . . : 172.30.14.2
Dns Servers. . . . . . . . : 172.30.14.2
172.30.14.7


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Failed
No gateway reachable for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.

WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.2'
and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.7'
and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

******
Computer Name: domainDC2
DNS Host Name: domaindc2.domain.org.au
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
List of installed hotfixes :
KB911564
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931768
KB931784
KB931836
KB932168
KB933360
KB933566
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143
KB937143-IE7
KB938127
KB938127-IE7
Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area Connection

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : domaindc2.domain.org.au
IP Address . . . . . . . . : 172.30.14.2
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 172.30.14.1
Primary WINS Server. . . . : 172.30.14.2
Secondary WINS Server. . . : 172.30.14.7
Dns Servers. . . . . . . . : 172.30.14.2
172.30.14.7


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Failed
No gateway reachable for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.

WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.2' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.7' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
Secure channel for domain 'domain' is to '\\domaindc1.domain.org.au'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

*********

Cheers,
--
Leigh
MCSE (NT4, 2000)
Post by Meinolf Weber
Hello Thylo,
Did you also check for errors with dcdiag and netdiag?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hey Meinolf,
I'm sure I had gone through that page before, but I double checked all
of them anyway to make sure. The times are synchronised between all
servers on the network, there aren't any firewalls (apart from Windows
2003 own which is configured as required) between the servers, there
is plenty of disk space (20GB+), non of the other errors come up that
"should" for the other solutions, it is a native Windows 2003 domain
with only Windows 2003 server and it was upgraded from a Windows 2000
domain before I started here.
It is a very frustrating issue!!
Cheers,
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=n
tfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched.
The same warning appears in the File Replication Service Log on
both servers, with the server names reveresed on the other server
(I have changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling
replication
from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is
running on both servers and replication appears to be working, as
changes to Sites and Services are replicated almost immediately
when they are made, inlcuding changing the site name and deleting
and regenerating Active Directory Connections (which I did as a
test). I have also tried changing both servers so that they are
using the same DNS server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from
the FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that
I can find, with no luck. Hopefully there's something that I've
missed that someone can point me to.
Other events that may help (or could confuse the matter further),
is that when users change their passwords, the Windows 2000 ISA
Server prompts them for their password, even when they log off (or
even restart their computers completely) and log back on with the
new password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one
of the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Meinolf Weber
2007-09-28 06:39:45 UTC
Permalink
Hello Thylo,

In the dcdiag the Default gateway test FAILED. No gateway reachable for this
adapter? Can you take out the ISA for testing?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Both the dcdiag and net diag results are clean, I have pasted them
below just incase I have gone too cross eyes looking at everything to
not notice something obvious, a fresh set of eyes can do wonders!! The
only "failures" that I can see are is the frsevent, which is what I'm
trying to solve and the modem diagnositcs, understanable as there is
no modem. ICMP is disabled on our gateway, the servers are on the same
segment/subnet anyway.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Flemington\domainDC1
Starting test: Connectivity
......................... domainDC1 passed test Connectivity
Doing primary tests
Testing server: Flemington\domainDC1
Starting test: Replications
......................... domainDC1 passed test Replications
Starting test: NCSecDesc
......................... domainDC1 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC1 passed test NetLogons
Starting test: Advertising
......................... domainDC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC1 passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC1 passed test RidManager
Starting test: MachineAccount
......................... domainDC1 passed test
MachineAccount
Starting test: Services
......................... domainDC1 passed test Services
Starting test: ObjectsReplicated
......................... domainDC1 passed test
ObjectsReplicated
Starting test: frssysvol
......................... domainDC1 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may
cause
Group Policy problems.
......................... domainDC1 failed test frsevent
Starting test: kccevent
......................... domainDC1 passed test kccevent
Starting test: systemlog
......................... domainDC1 passed test systemlog
Starting test: VerifyReferences
......................... domainDC1 passed test
VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck
****
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Flemington\domainDC2
Starting test: Connectivity
......................... domainDC2 passed test Connectivity
Doing primary tests
Testing server: Flemington\domainDC2
Starting test: Replications
......................... domainDC2 passed test Replications
Starting test: NCSecDesc
......................... domainDC2 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC2 passed test NetLogons
Starting test: Advertising
......................... domainDC2 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC2 passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC2 passed test RidManager
Starting test: MachineAccount
......................... domainDC2 passed test
MachineAccount
Starting test: Services
......................... domainDC2 passed test Services
Starting test: ObjectsReplicated
......................... domainDC2 passed test
ObjectsReplicated
Starting test: frssysvol
......................... domainDC2 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may
cause
Group Policy problems.
......................... domainDC2 failed test frsevent
Starting test: kccevent
......................... domainDC2 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002716
Time Generated: 09/28/2007 09:05:21
(Event String could not be retrieved)
......................... domainDC2 failed test systemlog
Starting test: VerifyReferences
......................... domainDC2 passed test
VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck
****
Computer Name: domainDC1
DNS Host Name: domaindc1.domain.org.au
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
KB909520
KB911564
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931768
KB931784
KB931836
KB932168
KB933360
KB933566
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143
KB937143-IE7
KB938127
KB938127-IE7
Q147222
Netcard queries test . . . . . . . : Passed
Adapter : Intel Pro 1000 CT Gigabit Ethernet Adapter - Onboard
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : domaindc1.domain.org.au
IP Address . . . . . . . . : 172.30.14.7
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 172.30.14.1
Primary WINS Server. . . . : 172.30.14.7
Secondary WINS Server. . . : 172.30.14.2
Dns Servers. . . . . . . . : 172.30.14.2
172.30.14.7
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Failed
No gateway reachable for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Passed
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.2'
and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.7'
and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed
information
The command completed successfully
******
Computer Name: domainDC2
DNS Host Name: domaindc2.domain.org.au
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
KB911564
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931768
KB931784
KB931836
KB932168
KB933360
KB933566
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143
KB937143-IE7
KB938127
KB938127-IE7
Q147222
Netcard queries test . . . . . . . : Passed
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : domaindc2.domain.org.au
IP Address . . . . . . . . : 172.30.14.2
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 172.30.14.1
Primary WINS Server. . . . : 172.30.14.2
Secondary WINS Server. . . : 172.30.14.7
Dns Servers. . . . . . . . : 172.30.14.2
172.30.14.7
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Failed
No gateway reachable for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.2' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.7' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{D8CF205A-978A-4B53-83B4-E5C818075579}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'domain' is to
'\\domaindc1.domain.org.au'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed
information
The command completed successfully
*********
Cheers,
Post by Meinolf Weber
Hello Thylo,
Did you also check for errors with dcdiag and netdiag?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hey Meinolf,
I'm sure I had gone through that page before, but I double checked
all of them anyway to make sure. The times are synchronised between
all servers on the network, there aren't any firewalls (apart from
Windows 2003 own which is configured as required) between the
servers, there is plenty of disk space (20GB+), non of the other
errors come up that "should" for the other solutions, it is a native
Windows 2003 domain with only Windows 2003 server and it was
upgraded from a Windows 2000 domain before I started here.
It is a very frustrating issue!!
Cheers,
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source
=n
tfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched.
The same warning appears in the File Replication Service Log on
both servers, with the server names reveresed on the other
server (I have changed the names of the servers and domain
here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling
replication
from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the
DNS
name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message
indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is
running on both servers and replication appears to be working, as
changes to Sites and Services are replicated almost immediately
when they are made, inlcuding changing the site name and
deleting
and regenerating Active Directory Connections (which I did as a
test). I have also tried changing both servers so that they are
using the same DNS server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to
both servers. On the server I was logged in as the
Administrator, so permissions shouldn't have been a problem. I
have the logs from the FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads
that I can find, with no luck. Hopefully there's something that
I've missed that someone can point me to.
Other events that may help (or could confuse the matter
further), is that when users change their passwords, the Windows
2000 ISA Server prompts them for their password, even when they
log off (or even restart their computers completely) and log
back on with the new password. Even once that is sorted out,
which can involve re-creating their profile or resetting the
password again on one of the DCs, failed logon attempts are
regularly recorded in the security log on both DCs. Profiles
have also become completely corrupted afer a password change on
a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Thylo
2007-10-01 07:46:02 UTC
Permalink
Hi Meinolf,

The gateway's ICMP is turned off, so ping results always return a failure.
As both servers are on the same subnet and network segment, the gateway isn't
required.

Cheers,
--
Leigh
MCSE (NT4, 2000)
Post by Meinolf Weber
Hello Thylo,
In the dcdiag the Default gateway test FAILED. No gateway reachable for this
adapter? Can you take out the ISA for testing?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Both the dcdiag and net diag results are clean, I have pasted them
below just incase I have gone too cross eyes looking at everything to
not notice something obvious, a fresh set of eyes can do wonders!! The
only "failures" that I can see are is the frsevent, which is what I'm
trying to solve and the modem diagnositcs, understanable as there is
no modem. ICMP is disabled on our gateway, the servers are on the same
segment/subnet anyway.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Flemington\domainDC1
Starting test: Connectivity
......................... domainDC1 passed test Connectivity
Doing primary tests
Testing server: Flemington\domainDC1
Starting test: Replications
......................... domainDC1 passed test Replications
Starting test: NCSecDesc
......................... domainDC1 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC1 passed test NetLogons
Starting test: Advertising
......................... domainDC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC1 passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC1 passed test RidManager
Starting test: MachineAccount
......................... domainDC1 passed test
MachineAccount
Starting test: Services
......................... domainDC1 passed test Services
Starting test: ObjectsReplicated
......................... domainDC1 passed test
ObjectsReplicated
Starting test: frssysvol
......................... domainDC1 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may
cause
Group Policy problems.
......................... domainDC1 failed test frsevent
Starting test: kccevent
......................... domainDC1 passed test kccevent
Starting test: systemlog
......................... domainDC1 passed test systemlog
Starting test: VerifyReferences
......................... domainDC1 passed test
VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck
****
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Flemington\domainDC2
Starting test: Connectivity
......................... domainDC2 passed test Connectivity
Doing primary tests
Testing server: Flemington\domainDC2
Starting test: Replications
......................... domainDC2 passed test Replications
Starting test: NCSecDesc
......................... domainDC2 passed test NCSecDesc
Starting test: NetLogons
......................... domainDC2 passed test NetLogons
Starting test: Advertising
......................... domainDC2 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... domainDC2 passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... domainDC2 passed test RidManager
Starting test: MachineAccount
......................... domainDC2 passed test
MachineAccount
Starting test: Services
......................... domainDC2 passed test Services
Starting test: ObjectsReplicated
......................... domainDC2 passed test
ObjectsReplicated
Starting test: frssysvol
......................... domainDC2 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may
cause
Group Policy problems.
......................... domainDC2 failed test frsevent
Starting test: kccevent
......................... domainDC2 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002716
Time Generated: 09/28/2007 09:05:21
(Event String could not be retrieved)
......................... domainDC2 failed test systemlog
Starting test: VerifyReferences
......................... domainDC2 passed test
VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test
CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test
CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.org.au
Starting test: Intersite
......................... domain.org.au passed test Intersite
Starting test: FsmoCheck
......................... domain.org.au passed test FsmoCheck
****
Computer Name: domainDC1
DNS Host Name: domaindc1.domain.org.au
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
KB909520
KB911564
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931768
KB931784
KB931836
KB932168
KB933360
KB933566
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143
KB937143-IE7
KB938127
KB938127-IE7
Q147222
Netcard queries test . . . . . . . : Passed
Adapter : Intel Pro 1000 CT Gigabit Ethernet Adapter - Onboard
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : domaindc1.domain.org.au
IP Address . . . . . . . . : 172.30.14.7
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 172.30.14.1
Primary WINS Server. . . . : 172.30.14.7
Secondary WINS Server. . . : 172.30.14.2
Dns Servers. . . . . . . . : 172.30.14.2
172.30.14.7
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Failed
No gateway reachable for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Passed
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.2'
and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'172.30.14.7'
and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{4F560CD5-3A18-429E-946D-0BF9FF8297DD}
The redir is bound to 1 NetBt transport.
Thylo
2007-09-28 01:31:01 UTC
Permalink
Hi Meinolf,

I have found something that may shed some light on the situtation, although
I'm not sure how to proceed given that most things seem ok. I re-ran dcdiag
with some extra options and the following differences showed up:

when run on domaindc2:

DC: domaindc2.domain.org.au
Domain: domain.org.au


TEST: Authentication (Auth)
Authentication test: Successfully completed

TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition
(Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] Intel(R) PRO/1000 CT Network Connection:
MAC address is 00:11:43:CE:40:E6
IP address is static
IP address: 172.30.14.2
DNS servers:
172.30.14.2 (<name unavailable>) [Valid]
172.30.14.7 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found
(primary)
Root zone on this DC/DNS server was not found

****

when run on domaindc1:

DC: domaindc2.domain.org.au
Domain: domain.org.au


TEST: Authentication (Auth)
Authentication test: Successfully completed

TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition
(Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] Intel(R) PRO/1000 CT Network Connection:
MAC address is 00:11:43:CE:40:E6
IP address is static
IP address: 172.30.14.2
DNS servers:
172.30.14.2 (<name unavailable>) [Valid]
172.30.14.7 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
Warning: no DNS RPC connectivity (error or non Microsoft
DNS server is running)
[Error details: 1753 (Type: Win32 - Description: There are
no more endpoints available from the endpoint mapper.)]

****

I have seen it before while checking this problem now that I think of it,
however I couldn't find any useful information relating to it, other than
checking that the RPC services were set to start correctly, which they are,
so I forgot about it! Probably not a good move on my behalf!

Any thoughts on this one?!!
--
Leigh
MCSE (NT4, 2000)
Post by Meinolf Weber
Hello Thylo,
Did you also check for errors with dcdiag and netdiag?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hey Meinolf,
I'm sure I had gone through that page before, but I double checked all
of them anyway to make sure. The times are synchronised between all
servers on the network, there aren't any firewalls (apart from Windows
2003 own which is configured as required) between the servers, there
is plenty of disk space (20GB+), non of the other errors come up that
"should" for the other solutions, it is a native Windows 2003 domain
with only Windows 2003 server and it was upgraded from a Windows 2000
domain before I started here.
It is a very frustrating issue!!
Cheers,
Post by Meinolf Weber
Hello Thylo,
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=n
tfrs&phase=1
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
Post by Thylo
Hi Meinolf,
Below are the ipconfig /all results from domain controller, they are
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc1
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-4B-9E-5D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.7
Secondary WINS Server . . . . . . : 172.30.14.2
Windows IP Configuration
Host Name . . . . . . . . . . . . : domaindc2
Primary Dns Suffix . . . . . . . : domain.org.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.org.au
org.au
Connection-specific DNS Suffix . : domain.org.au
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-11-43-CE-40-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.30.14.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.30.14.1
DNS Servers . . . . . . . . . . . : 172.30.14.2
172.30.14.7
Primary WINS Server . . . . . . . : 172.30.14.2
Secondary WINS Server . . . . . . : 172.30.14.7
***
Cheers,
Post by Meinolf Weber
Hello Thylo,
Please post an ipconfig /all from both DC/DNS server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
Post by Thylo
Hi,
We have a Windows 2003 domain, with two domain controllers. Both
domain controllers are running Windows 2003 SP2, fully patched.
The same warning appears in the File Replication Service Log on
both servers, with the server names reveresed on the other server
(I have changed the names of the servers and domain here).
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 25/09/2007
Time: 3:00:03 PM
User: N/A
Computer: DomainDC1
The File Replication Service is having trouble enabling
replication
from
DomainDC2 to DomainDC1 for c:\windows\sysvol\domain using the DNS name
domaindc2.domain.org.au. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
domaindc2.domain.org.au from
this computer.
[2] FRS is not running on domaindc2.domain.org.au.
[3] The topology information in the Active Directory for this
replica
has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the
problem is fixed you will see another event log message indicating
that the connection has been established.
****
There are no 13509 events after these. I have been searching the
groups trying to find something that will help. Both servers are
able to ping each other using their FQDN, the FRS service is
running on both servers and replication appears to be working, as
changes to Sites and Services are replicated almost immediately
when they are made, inlcuding changing the site name and deleting
and regenerating Active Directory Connections (which I did as a
test). I have also tried changing both servers so that they are
using the same DNS server (all combinations) to no avail.
I ran the FRSDiag utility, from both my workstation and on the
servers. All of them report an RPC error trying to connect to both
servers. On the server I was logged in as the Administrator, so
permissions shouldn't have been a problem. I have the logs from
the FRSDiag utility if that will help anyone!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Feb 16 2007 20:01:19
ERROR - Cannot bind w/authentication to computer, (null)
ERROR - Cannot bind w/o authentication to computer, (nul ERROR -
Cannot RPC to computer, (null); 000006d9 (1753)
****
(null) is replaced by the FQDN of both servers when I enter that
information in the command line as well.
I have followed all of the kb articles and usergroup threads that
I can find, with no luck. Hopefully there's something that I've
missed that someone can point me to.
Other events that may help (or could confuse the matter further),
is that when users change their passwords, the Windows 2000 ISA
Server prompts them for their password, even when they log off (or
even restart their computers completely) and log back on with the
new password. Even once that is sorted out, which can involve
re-creating their profile or resetting the password again on one
of the DCs, failed logon attempts are regularly recorded in the
security log on both DCs. Profiles have also become completely
corrupted afer a password change on a couple of occassions.
I look forward to any suggestion. Thanks in advance.
Continue reading on narkive:
Loading...