Forum

Domain Controller -...
 
Bildirimler
Hepsini Temizle

Domain Controller - Sunucu İşlemsel Değil Hatası

4 Yazılar
2 Üyeler
0 Reactions
2,632 Görüntüleme
(@savasboluk)
Gönderiler: 28
Eminent Member
Konu başlatıcı
 

Merhaba,

1 gündür uğraştığımız, hala çözemediğimiz ad ile ilgili bir sorunumuz var;

server 2012 core: dc, dns, dhcp
server 2016 gui: adc, dns

şeklinde bir yapı var. Domain Admin bilgisayarında Active Directory Kullanıcıları ve bilgisayarları Konsoluna girince "Sunucu işlemsel değil.." hatası veriyor:

image

Ana Domain Donctrollerı kontrol ediyorum ancak sunucu core, uzaktan hiçbirşeyini yönetemiyorum anca uzak servislere erişebiliyorum burada tüm servisleri çalışıyor görünüyor

Additional Domain Controller üzerinden kontrol ettiğimde Operation Masters 'da Primary Controller ERROR görünüyor:

image

ve bu durumda iken kullanıcıların hiçbiri domain yetkileri ile eriştikleri, yaptıkları işlemlerin hiçbirini yapamıyorlar.

Ayrıca DNS Yöneticisine girince primary sunucuya hiç bağlanamıyor

image
image

Ne yapabilirim, Allah aşkına lütfen bir yol yordam gösterin..

Bu konu 3 yıl önce 2 defa Savas BOLUK tarafından düzenlendi
 
Gönderildi : 22/01/2022 11:03

(@savasboluk)
Gönderiler: 28
Eminent Member
Konu başlatıcı
 

dc üzerinde dcdiag dns testinde bazı hatalar olduğunu görüyorum

 

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = DC
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DC

Starting test: DNS

DNS Tests are running and not hung. Please wait a few minutes...
......................... DC failed test DNS

Running partition tests on : ForestDnsZones

Running partition tests on : DomainDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : savastest

Running enterprise tests on : savastest.local
Starting test: DNS
Test results for domain controllers:

DC: DC.savastest.local
Domain: savastest.local


TEST: Basic (Basc)
Warning: adapter
[00000010] Intel(R) 82574L Gigabit Network Connection has
invalid DNS server: 10.0.0.11 (DC)
Warning: The A record for this DC was not found
No host records (A or AAAA) were found for this DC
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)

Summary of test results for DNS servers used by the above domain
controllers:

DNS server: 10.0.0.11 (DC)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.savastest.local. failed on the DNS server 10.0.0.11

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: savastest.local
DC PASS FAIL n/a n/a n/a n/a n/a

......................... savastest.local failed test DNS
 
Gönderildi : 22/01/2022 11:26

(@savasboluk)
Gönderiler: 28
Eminent Member
Konu başlatıcı
 

ayrıca dcdiag içeriği de şu şekilde:

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = DC
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DC
Starting test: Advertising
......................... DC passed test Advertising
Starting test: FrsEvent
......................... DC passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC failed test DFSREvent
Starting test: SysVolCheck
......................... DC passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x80000677
Time Generated: 01/22/2022 11:20:51
Event String:
Active Directory Domain Services attempted to communicate with the following global catalog and the attempts were unsuccessful.
An error event occurred. EventID: 0xC0000466
Time Generated: 01/22/2022 11:20:51
Event String:
Active Directory Domain Services was unable to establish a connection with the global catalog.
A warning event occurred. EventID: 0x8000082C
Time Generated: 01/22/2022 11:21:51
Event String:
......................... DC failed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC passed test MachineAccount
Starting test: NCSecDesc
......................... DC passed test NCSecDesc
Starting test: NetLogons
......................... DC passed test NetLogons
Starting test: ObjectsReplicated
......................... DC passed test ObjectsReplicated
Starting test: Replications
[Replications Check,DC] A recent replication attempt failed:
From ADC to DC
Naming Context: DC=ForestDnsZones,DC=savastest,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.

The failure occurred at 2022-01-22 10:51:33.
The last success occurred at 2021-03-22 10:32:29.
7359 failures have occurred since the last success.
[ADC] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
[Replications Check,DC] A recent replication attempt failed:
From BDC to DC
Naming Context: DC=ForestDnsZones,DC=savastest,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.

The failure occurred at 2022-01-22 10:52:18.
The last success occurred at 2022-01-21 13:57:52.
28 failures have occurred since the last success.
[Replications Check,DC] A recent replication attempt failed:
From ADC to DC
Naming Context: DC=DomainDnsZones,DC=savastest,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.

The failure occurred at 2022-01-22 10:51:33.
The last success occurred at 2021-03-22 10:35:37.
7359 failures have occurred since the last success.
[Replications Check,DC] A recent replication attempt failed:
From BDC to DC
Naming Context: DC=DomainDnsZones,DC=savastest,DC=local
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.

The failure occurred at 2022-01-22 10:52:18.
The last success occurred at 2022-01-21 13:57:52.
32 failures have occurred since the last success.
[Replications Check,DC] A recent replication attempt failed:
From ADC to DC
Naming Context: CN=Schema,CN=Configuration,DC=savastest,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2022-01-22 10:53:01.
The last success occurred at 2021-03-22 09:48:08.
7359 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC] A recent replication attempt failed:
From BDC to DC
Naming Context: CN=Schema,CN=Configuration,DC=savastest,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2022-01-22 10:53:04.
The last success occurred at 2022-01-21 13:57:52.
28 failures have occurred since the last success.
[Replications Check,DC] A recent replication attempt failed:
From ADC to DC
Naming Context: CN=Configuration,DC=savastest,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2022-01-22 10:52:15.
The last success occurred at 2021-03-22 09:48:08.
7359 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC] A recent replication attempt failed:
From BDC to DC
Naming Context: CN=Configuration,DC=savastest,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2022-01-22 10:52:18.
The last success occurred at 2022-01-21 13:57:10.
28 failures have occurred since the last success.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source BDC
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
[Replications Check,DC] A recent replication attempt failed:
From ADC to DC
Naming Context: DC=savastest,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2022-01-22 10:51:33.
The last success occurred at 2021-03-22 10:35:34.
7359 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC] A recent replication attempt failed:
From BDC to DC
Naming Context: DC=savastest,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2022-01-22 10:53:07.
The last success occurred at 2022-01-21 14:09:56.
333 failures have occurred since the last success.
......................... DC failed test Replications
Starting test: RidManager
......................... DC passed test RidManager
Starting test: Services
......................... DC passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:16
Event String:
The dynamic deletion of the DNS record '_kerberos._tcp.dc._msdcs.savastest.local. 600 IN SRV 0 100 88 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:19
Event String:
The dynamic deletion of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.savastest.local. 600 IN SRV 0 100 88 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:23
Event String:
The dynamic deletion of the DNS record '_kerberos._tcp.savastest.local. 600 IN SRV 0 100 88 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:26
Event String:
The dynamic deletion of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.savastest.local. 600 IN SRV 0 100 88 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:29
Event String:
The dynamic deletion of the DNS record '_kerberos._udp.savastest.local. 600 IN SRV 0 100 88 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:33
Event String:
The dynamic deletion of the DNS record '_kpasswd._tcp.savastest.local. 600 IN SRV 0 100 464 DC.savastest.local.' failed on the following DNS server:
An error event occurred. EventID: 0x0000168F
Time Generated: 01/22/2022 10:50:36
Event String:
The dynamic deletion of the DNS record '_kpasswd._udp.savastest.local. 600 IN SRV 0 100 464 DC.savastest.local.' failed on the following DNS server:
A warning event occurred. EventID: 0x00000087
Time Generated: 01/22/2022 10:55:15
Event String:
NtpClient was unable to set a manual peer to use as a time source because of duplicate error on '0.tr.pool.ntp.org'. The same time source '1.tr.pool.ntp.org' has been either specified as manual peer in NtpServer or selected as domain peer. NtpClient will try again in 60 minutes and double the reattempt interval thereafter. The error was: The entry already exists. (0x800706E0)
A warning event occurred. EventID: 0x000003FC
Time Generated: 01/22/2022 11:06:18
Event String:
Scope, 10.0.0.0, is 100 percent full with only 0 IP addresses remaining.
A warning event occurred. EventID: 0x00000560
Time Generated: 01/22/2022 11:06:18
Event String:
IP address range of scope 10.0.0.0 is 100 percent full with only 0 IP addresses available.
A warning event occurred. EventID: 0x000003FC
Time Generated: 01/22/2022 11:06:18
Event String:
Scope, 10.0.0.0, is 100 percent full with only 0 IP addresses remaining.
A warning event occurred. EventID: 0x00000560
Time Generated: 01/22/2022 11:06:18
Event String:
IP address range of scope 10.0.0.0 is 100 percent full with only 0 IP addresses available.
A warning event occurred. EventID: 0x000003FC
Time Generated: 01/22/2022 11:07:19
Event String:
Scope, 10.0.0.0, is 100 percent full with only 0 IP addresses remaining.
A warning event occurred. EventID: 0x00000560
Time Generated: 01/22/2022 11:07:19
Event String:
IP address range of scope 10.0.0.0 is 100 percent full with only 0 IP addresses available.
A warning event occurred. EventID: 0x0000A000
Time Generated: 01/22/2022 11:17:15
Event String:
The Security System detected an authentication error for the server LDAP/DC. The failure code from authentication protocol Kerberos was "An attempt was made to logon, but the netlogon service was not started.
A warning event occurred. EventID: 0x0000A000
Time Generated: 01/22/2022 11:17:15
Event String:
The Security System detected an authentication error for the server ldap/DC.savastest.local. The failure code from authentication protocol Kerberos was "An internal error occurred.
A warning event occurred. EventID: 0x0000A000
Time Generated: 01/22/2022 11:17:15
Event String:
The Security System detected an authentication error for the server ldap/DC.savastest.local. The failure code from authentication protocol Kerberos was "An attempt was made to logon, but the netlogon service was not started.
A warning event occurred. EventID: 0x0000A000
Time Generated: 01/22/2022 11:17:15
Event String:
The Security System detected an authentication error for the server DNS/bdc.savastest.local. The failure code from authentication protocol Kerberos was "An attempt was made to logon, but the netlogon service was not started.
......................... DC failed test SystemLog
Starting test: VerifyReferences
......................... DC passed test VerifyReferences


Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : savastest
Starting test: CheckSDRefDom
......................... savastest passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... savastest passed test CrossRefValidation

Running enterprise tests on : savastest.local
Starting test: LocatorCheck
......................... savastest.local passed test LocatorCheck
Starting test: Intersite
......................... savastest.local passed test Intersite
 
Gönderildi : 22/01/2022 11:29

Hakan Uzuner
(@hakanuzuner)
Gönderiler: 33367
Illustrious Member Yönetici
 

Sanırım bu bir test ortamı, ama değil ise mutlak danışmanlık almanızı öneririm çünkü durum pek iç açıcı değil.

Yani sizin için buradan tek tek logları kontrol edip yönlendirme yapamayız, bu danışmanlık yapmaya döner. 

Ama hızlıca gördüğüm 10.0.0.11 makinesi cevap vermiyor. Servisler çalışıyor diyorsunuz ancak başka bir sorun olabilir. Özellikle DNS cevap vermiyor ise zaten diğer servislerin çalışmasının bir anlamı kalmaz.

Özetle DNS olmadan domain olmaz önce buna odaklanın. DNS servisi çalışıyor ise sonrasında olay günlüklerini kontrol edin, core olmayan makineden diğer makineye bağlanmayı deneyin veya aşağıdaki komutlar ile core makine üzerinden dns olay günlüklerini inceleyin

get-eventlog -list
get-eventlog DNS
get-eventlog Application -after (get-date).addhours(-1)
get-eventlog System -after (get-date).addhours(-1) | where Entrytype -eq Error
get-eventlog System | where index -eq 93 | format-list *

 

Danışman - ITSTACK Bilgi Sistemleri
****************************************************************
Probleminiz Çözüldüğünde Sonucu Burada Paylaşırsanız.
Sizde Aynı Problemi Yaşayanlar İçin Yardım Etmiş Olursunuz.
Eğer sorununuz çözüldü ise lütfen "çözüldü" olarak işaretlerseniz diğer üyeler için çok büyük kolaylık sağlayacaktır.
*****************************************************************

 
Gönderildi : 22/01/2022 12:51

Paylaş: