No dns rpc connectivity error or non microsoft dns server is running - Исправление ошибок и поиск оптимальных решений проблем

Remove From My Forums

Question
I’m installing a 2008R2 DC on my network with 2 other existing 2003 servers. I set up AD on the 2008 server and ran DCDIAG /v /c /d /e on one of the 2003 machines.

The 2008 server only did the AUTH part of the DNS and it returned:

Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)

[Error details: 5 (Type: Win32 — Description: Access is denied.)]

Total query time:0 min. 0 sec.. Total RPC connection time:0 min. 0 sec.

Total WMI connection time:0 min. 0 sec. Total Netuse connection time:0 min. 0 sec.

We are not running BIND , the firewall is disabled on the 2008 server, there is no AV on the 2008 server but there is AV one of the 2003 servers but not the one that I ran the DCDIAG on.

Answers

More:

Friday Mail Sack – Not USMT Edition, by NedPyle [MSFT] 12 Feb 2010 6:49 AM
Question: «I can manage 2008 R2 DNS fine from RSAT on Windows 7, but accessing from DNS Management mmc on Server 2003 R2 returns “access is denied”. If I

install the 2003 R2 Admin Pack on an XP Pro PC it the symptom is the same, Access Denied.»

http://blogs.technet.com/b/askds/archive/2010/02/12/friday-mail-sack-not-usmt-edition.aspx

Quoted from KB2027440:
«Windows Server 2008 R2 DNS Servers require that DNS management tools perform RPC integrity and to avoid sniffing and “man-in-the-middle” attacks while performing DNS administrative tasks. Windows Server 2008 and Windows Server 2008 R2 DNSMGT.MSC and DNSCMD.EXE
support RPC Integrity and request RPC Privacy to interoperate with W2K8 R2 DNS Servers.»

Windows Server 2008 R2 DNS Servers can only be managed by computers running Windows Server 2008 or later

(This does not explain the /RpcProtocol 7 value)
http://support.microsoft.com/kb/2027440

Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP — Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

This post is provided AS-IS with no warranties or guarantees and confers no rights.
- Marked as answer by
  
  Monday, March 11, 2013 9:33 AM

Warning no dns rpc connectivity error or non microsoft dns server is running

Профиль | Отправить PM | Цитировать

Нашел несколько тем в инете, советовали посмотреть разрешения: «%имя домена%SystemMicrosoftDNS» -> щёлкаем на нём правой клавишей -> «Свойства» -> «Безопасность» -> выставляем необходимые разрешения. Сравнил разрешения с другим контроллером, никак не связанным с этим, разрешения идентичные.

——-
Судьба играет человеком, а человек играет на трубе ©

Сообщения: 26163
Благодарности: 4393

Сообщение оказалось полезным? Поблагодарите автора, нажав ссылку Полезное сообщение чуть ниже.

Если же вы забыли свой пароль на форуме, то воспользуйтесь данной ссылкой для восстановления пароля.

Что нам говорит dcdiag /test:dns? »

——-
Судьба играет человеком, а человек играет на трубе ©

Последний раз редактировалось Leaves, 21-10-2020 в 14:05 . Причина: Орфографическая ошибка!

» width=»100%» style=»BORDER-RIGHT: #719bd9 1px solid; BORDER-LEFT: #719bd9 1px solid; BORDER-BOTTOM: #719bd9 1px solid» cellpadding=»6″ cellspacing=»0″ border=»0″>

Сообщения: 410
Благодарности: 8

Интересная особенность при nslookup c ПК в сети, показывает DNS сервер провайдера. Как его убрать?

——-
Судьба играет человеком, а человек играет на трубе ©

Сообщения: 410
Благодарности: 8

» width=»100%» style=»BORDER-RIGHT: #719bd9 1px solid; BORDER-LEFT: #719bd9 1px solid; BORDER-BOTTOM: #719bd9 1px solid» cellpadding=»6″ cellspacing=»0″ border=»0″>

Поменять на сервере адрес DNS с 192.168.11.1 на 127.0.0.1. »

Проверить nslookup с самого сервера »

Службы Active Directory работают? »

Да. Пользователи без проблем заходят на терминал под своими учетными данными.

что выводит команда: nslookup ServerName.name.local 192.168.11.1? »

Нужен вывод команды: ipconfig /all с рабочей станции на которой запускался nslookup в сообщении выше. »

——-
Судьба играет человеком, а человек играет на трубе ©

Нужен вывод команды: ipconfig /all с рабочей станции на которой запускался nslookup в сообщении выше. »

——-
Судьба играет человеком, а человек играет на трубе ©

Читайте также: Problem in running uboot flash programming initialization failed error flash operation failed

DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : Intel(R) I350 Gigabit Network Connection
#2
Физический адрес. . . . . . . . . : 00-25-90-E4-08-5D
DHCP включен. . . . . . . . . . . : Нет
Автонастройка включена. . . . . . : Да
IPv4-адрес. . . . . . . . . . . . : 192.168.11.1(Основной)
Маска подсети . . . . . . . . . . : 255.255.255.0
Основной шлюз. . . . . . . . . :
DNS-серверы. . . . . . . . . . . : 192.168.11.1
NetBios через TCP/IP. . . . . . . . : Включен »

——-
Он был расстроенным трупом и потратил две минуты впустую.

Заметил, что у сервера не прописан шлюз, Винде не нравится такое дело и из-за она себя чувствует нехорошо. »

——-
Судьба играет человеком, а человек играет на трубе ©

Источник

Warning no dns rpc connectivity error or non microsoft dns server is running

when I do the nslookup on the 2003 DC I type:

and it returns all 3 of the DCs and their information

But, when I run this command from the 2008 server I get a message that the 2003 controller can’t find _ldap._tcp.dc._msdcs.alpha-imaging.local

1: Non-existent domain

when I do the nslookup on the 2003 DC I type:

and it returns all 3 of the DCs and their information

But, when I run this command from the 2008 server I get a message that the 2003 controller can’t find _ldap._tcp.dc._msdcs.alpha-imaging.local

1: Non-existent domain

It appears all DNS servers are using NT2003 as their first DNS entry, so that’s what nslookup is using when you run it from all of them, but I am surprised that you are getting this error. It almost appears as if UDP 53 is blocked. Is there any AV on them, or the Windows firewall enabled, or some other thing that can cause a block? If you disable the aforementioned, does it work?

Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP — Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

This post is provided AS-IS with no warranties or guarantees and confers no rights.

Post the whole nslookup results, please.

Just for posterity sakes, run PortQry from the 2008 to both 2003 servers selecting DOmains and Trust option. Post only errors with 0x00000002.
PortQryUI — GUI — Version 2.0 8/2/2004
http://www.microsoft.com/download/en/details.aspx?id=24009

DNS, Intersite Messaging, Global Catalog, NTFRS, and «Invalid Credentials» Error Messages on Domain Controller (describes 4013’s)
http://support.microsoft.com/kb/305837

Active Directory-integrated domain name is not displayed in DNS snap-in with Event ID 4000 and 4013 messages (For Win 2000, but thought I would post it so you can see what other conditions can cause it)
http://support.microsoft.com/kb/316685

This post is provided AS-IS with no warranties or guarantees and confers no rights.

I ran nslookup again on that 2008 server and it worked this time. I did change the DNS on the 2008 server to point to itself as the primary and then 10.0.0.200 as the secondary.

Also, I can run dcdiag from the 2008 server and it works just fine it is only when I run it from the 2003 servers that I get the error for the 2008 server.

I’m really surprised to hear you had a bad experience. THis is the first time I’ve ever heard of any issues with PSS. Maybe it was an isolated incident?

Every time I’ve ever called for anything, the team did their best to understand and resolve the issue. I’m sure you can contest the charge, if not happy. I would have asked for someone else to assist, if you were not happy with the first engineer that took the case.

As for rebuilding it, that’s usually the quicker way. But I’m worried it may happen again.

There was an EventID 4013 stating the DNS server was waiting for AD Domain Services to signal that the initial sysn of the directory has been completed but it was immediately followed by events stating that the DNS server has started and that the DNS server has finished the background loading of zones.

As far as the above, let’s take a look to see if there are any duplicate zones:

Using ADSI Edit to Resolve Conflicting or Duplicate AD Integrated DNS zones
Published by acefekay on Sep 2, 2009 at 2:34 PM 7748 2
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx

This post is provided AS-IS with no warranties or guarantees and confers no rights.

I wish I could say my experience with PSS is the same as yours. I’ve had better luck reading these forums than from the PSS team. I spent a long time on the phone with them the other night and finally I was tired and hungry and we weren’t any closer to solving this so I told the guy «let’s just pick up on this tomorrow» He wanted to close the call though and actually got angry at me when I told him the issue wasn’t resolved. He accused me of not telling him what the scope of the work was. and I was like «are you kidding me?» The scope of work was detailed when I opened the call with PSS. DCDIAG was returning a DNS RPC error. that was the scope of work. He called me back yesterday and told me that they have an «internal KB» that says this error can be safely ignore but he can’t share this KB with me.

Right. Well, that would have been great to know the night I spent all those hours on the phone with him. I still think this issue needs to be resolved my Microsoft. I’m not crazy about DCDIAG not running the tests after it gets that RPC error.

By the way that error 4013 went away and hasn’t shown back up since. Everything seems to be working now. DNS is fine and AD is replicating but that RPC error are still there when I run DCDIAG from a 2003 DC. I guess I have to live with it.

I don’t know what KBs he’s talking about, but I’m starting to think this is an RPC issue between the newer and older operating systems. You may have to reduce the RPC Auth level in 2008 or newer, for them to communicate to the older OS. Also, the version of DCDIAG is a factor due to this, too.

Here are my notes and a link to a previous discussion. I think this may be a factor, depending on if anything was ever altered on your 2003 domain.

======
In order to use DNSMGMT.MSC to manage DNS on a Windows 2008 R2 server from WinXP/2003, you have to run the following commands on the Windows 2008 R2 DNS server and restart the DNS Server service.

dnscmd.exe /Config /RpcProtocol 7
dnscmd.exe /Config /RpcAuthLevel 0

RpcProtocol needs to be set to 7 in order to run DNSMGMT from Windows XP/2003/2008 remotely AND to run on Windows 2008 R2 locally.

To view your current settings, run the following commands.
dnscmd.exe /Info /RpcAuthLevel
dnscmd.exe /Info /RpcProtocol

For example, reducing DNS RPC auth levels in Windows 2008/R2:
dnscmd.exe /Config /RpcAuthLevel 0

Disclaimer: Setting RpcAuthLevel to 0 is not recommended due to security concerns with DNS man in the middle attacks. However, this security concern natively exists in Windows 2000 and 2003 servers with no remedy. Use at your own risk!

However, the drawbacks are unsubstantial with this solution.

1.Setting RpcAuthLevel to 0 makes RPC authentication (only for DNS) compatible with prior operating systems. however not recommended due to security risks.

2. Comparing both the 2003 and 2008 DNS consoles, the only apparent feature differences are Trust Anchors Tab, and how you access/modify conditional

forwarders. Prior to R2, one could use Windows 2003 DNS to manage a 2008 DNS server to a point. The RpcAuthLevel simply change the authentication due to increased security.

More on the RPCProtocol switches:

dnscmd /rpcprotocol [0x0|0x1|0x2|0x4|0xFFFFFFFF]
Specifies the protocol that remote procedure call (RPC) uses when it makes a connection from the DNS server.

0x0 Disables RPC for DNS.
0x1 Uses TCP/IP.
0x2 Uses named pipes.
0x4 Uses local procedure call (LPC).
0x7 Enables RPC over Named Pipes (This is disabled in Windows Server 2008 R2)
0xFFFFFFFF All protocols. This is the default setting.

This post is provided AS-IS with no warranties or guarantees and confers no rights.

Источник

I am having problems with my network dropping all connections to the internet whenever my DC1 restarts, or is shut down for maintenance. I was running tests to figure out why my DC2 is unable to keep the connection going, and I am getting a No DNS RPC Connectivity error.

I ran a dcdiag /c /v and this is what comes up. I found more errors it looks like and I am unsure of where to start. Any help is appreciated.

C:Usersadministrator.AD>dcdiag /s:host2 /test:dns

Directory Server Diagnosis

Performing initial setup:
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-NameHOST2
Starting test: Connectivity
……………………. HOST2 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-NameHOST2

Starting test: DNS

DNS Tests are running and not hung. Please wait a few minutes…
……………………. HOST2 failed test DNS

Running partition tests on : DomainDnsZones

Running partition tests on : ForestDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : ad

Running enterprise tests on : ad.cmli.net
Starting test: DNS
Test results for domain controllers:

DC: HOST2.ad.cmli.net
Domain: ad.cmli.net

TEST: Basic (Basc)
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)

HOST2 PASS WARN n/a n/a n/a n/a n/a
……………………. ad.cmli.net passed test DNS

C:Usersadministrator.AD>dcdiag /s:fm1 /test:dns

Directory Server Diagnosis

Performing initial setup:
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-NameFM1
Starting test: Connectivity
……………………. FM1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-NameFM1

Starting test: DNS

DNS Tests are running and not hung. Please wait a few minutes…
……………………. FM1 passed test DNS

Running partition tests on : ForestDnsZones

Running partition tests on : DomainDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : ad

Running enterprise tests on : ad.cmli.net
Starting test: DNS
Test results for domain controllers:

DC: FM1.ad.cmli.net
Domain: ad.cmli.net

TEST: Delegations (Del)
Error: DNS server: dc1.ad.cmli.net. IP:192.168.1.201 [Broken delegated domain _msdcs.ad.cmli.net.]

TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record dcdiag-test-record in zone ad.cmli.net

Summary of test results for DNS servers used by the above domain controllers:

DNS server: 192.168.1.201 (dc1.ad.cmli.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.168.1.201
Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: ad.cmli.net
FM1 PASS PASS PASS FAIL WARN PASS n/a

……………………. ad.cmli.net failed test DNS

C:Usersadministrator.AD>dcdaig /c /v
‘dcdaig’ is not recognized as an internal or external command,
operable program or batch file.

C:Usersadministrator.AD>dcdiag /c /v

Directory Server Diagnosis

Performing initial setup:
Trying to find home server…
* Verifying that the local machine HOST2, is a Directory Server.
Home Server = HOST2
* Connecting to directory service on server HOST2.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),…….
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),…….
The previous call succeeded….
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=FM2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=HOST2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 3 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-NameHOST2
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
……………………. HOST2 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-NameHOST2
Starting test: Advertising
The DC HOST2 is advertising itself as a DC and having a DS.
The DC HOST2 is advertising as an LDAP server
The DC HOST2 is advertising as having a writeable directory
The DC HOST2 is advertising as a Key Distribution Center
The DC HOST2 is advertising as a time server
The DS HOST2 is advertising as a GC.
……………………. HOST2 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC HOST2 for domain ad.cmli.net in site Default-First-Site-Name
Checking machine account for DC HOST2 on DC HOST2.
* SPN found :LDAP/HOST2.ad.cmli.net/ad.cmli.net
* SPN found :LDAP/HOST2.ad.cmli.net
* SPN found :LDAP/HOST2
* SPN found :LDAP/HOST2.ad.cmli.net/AD
* SPN found :LDAP/adce5dd6-2716-4fcf-a68e-4bf4c38240da._msdcs.ad.cmli.net
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/adce5dd6-2716-4fcf-a68e-4bf4c38240da/ad.cmli.net
* SPN found :HOST/HOST2.ad.cmli.net/ad.cmli.net
* SPN found :HOST/HOST2.ad.cmli.net
* SPN found :HOST/HOST2
* SPN found :HOST/HOST2.ad.cmli.net/AD
* SPN found :GC/HOST2.ad.cmli.net/ad.cmli.net
[HOST2] DsReplicaGetInfo(KCC_DS_CONNECT_FAILURES) failed with error 8453,
Replication access was denied..
[HOST2] Unable to query the list of KCC connection failures. Continuing…
[HOST2] No security related replication errors were found on this DC! To target the connection to a specific
source DC use /ReplSource:<DC>.
……………………. HOST2 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
……………………. HOST2 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
……………………. HOST2 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
……………………. HOST2 passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service’s SYSVOL is ready
……………………. HOST2 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service’s SYSVOL is ready
……………………. HOST2 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in «Directory Service» Event log in the last 15 minutes.
……………………. HOST2 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
Role Domain Owner = CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
Role PDC Owner = CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
Role Rid Owner = CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
Role Infrastructure Update Owner = CN=NTDS Settings,CN=FM1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
……………………. HOST2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC HOST2 on DC HOST2.
* SPN found :LDAP/HOST2.ad.cmli.net/ad.cmli.net
* SPN found :LDAP/HOST2.ad.cmli.net
* SPN found :LDAP/HOST2
* SPN found :LDAP/HOST2.ad.cmli.net/AD
* SPN found :LDAP/adce5dd6-2716-4fcf-a68e-4bf4c38240da._msdcs.ad.cmli.net
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/adce5dd6-2716-4fcf-a68e-4bf4c38240da/ad.cmli.net
* SPN found :HOST/HOST2.ad.cmli.net/ad.cmli.net
* SPN found :HOST/HOST2.ad.cmli.net
* SPN found :HOST/HOST2
* SPN found :HOST/HOST2.ad.cmli.net/AD
* SPN found :GC/HOST2.ad.cmli.net/ad.cmli.net
……………………. HOST2 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC’s on DC HOST2.
* Security Permissions Check for
DC=DomainDnsZones,DC=ad,DC=cmli,DC=net
(NDNC,Version 3)
* Security Permissions Check for
DC=ForestDnsZones,DC=ad,DC=cmli,DC=net
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ad,DC=cmli,DC=net
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=ad,DC=cmli,DC=net
(Configuration,Version 3)
* Security Permissions Check for
DC=ad,DC=cmli,DC=net
(Domain,Version 3)
……………………. HOST2 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \HOST2netlogon
Verified share \HOST2sysvol
[HOST2] User credentials does not have permission to perform this operation.
The account used for this test must have network logon privileges
for this machine’s domain.
……………………. HOST2 failed test NetLogons
Starting test: ObjectsReplicated
HOST2 is in domain DC=ad,DC=cmli,DC=net
Checking for CN=HOST2,OU=Domain Controllers,DC=ad,DC=cmli,DC=net in domain DC=ad,DC=cmli,DC=net on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=HOST2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net in domain CN=Configuration,DC=ad,DC=cmli,DC=net on 1 servers
Object is up-to-date on all servers.
……………………. HOST2 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
……………………. HOST2 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
[Replications Check,HOST2] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105
«Replication access was denied.»
……………………. HOST2 failed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 4101 to 1073741823
* FM1.ad.cmli.net is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3601 to 4100
* rIDPreviousAllocationPool is 3601 to 4100
* rIDNextRID: 3610
……………………. HOST2 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
Could not open NTDS Service on HOST2, error 0x5 «Access is denied.»
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
……………………. HOST2 failed test Services
Starting test: SystemLog
* The System Event log test
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:22:07
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:22:07
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:22:07
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:22:07
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:27:07
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:27:07
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:27:07
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:27:07
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:32:07
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:32:07
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:32:07
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:32:07
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:37:07
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:37:07
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:37:07
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:37:07
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:42:07
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:42:07
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:42:08
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:42:08
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:47:08
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:47:08
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:47:08
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:47:08
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:52:08
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:52:08
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:52:08
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:52:08
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
An error event occurred. EventID: 0x0000272C
Time Generated: 02/12/2019 12:54:41
Event String:
DCOM was unable to communicate with the computer 8.8.4.4 using any of the configured protocols; requested by PID 1714 (C:Windowssystem32dcdiag.exe).
An error event occurred. EventID: 0x0000272C
Time Generated: 02/12/2019 12:55:02
Event String:
DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID 1714 (C:Windowssystem32dcdiag.exe).
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 12:57:08
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 12:57:08
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 12:57:08
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 12:57:08
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 13:02:08
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 13:02:08
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 13:02:08
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 13:02:08
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 13:07:09
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 13:07:09
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 13:07:09
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 13:07:09
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 13:12:09
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 13:12:09
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 13:12:09
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 13:12:09
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
A warning event occurred. EventID: 0x00000065
Time Generated: 02/12/2019 13:17:09
Event String:
The assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%1274
An error event occurred. EventID: 0x00000067
Time Generated: 02/12/2019 13:17:09
Event String:
The removal of the assignment of application Spiceworks Agent from policy Software Deploy failed. The error was : %%2
A warning event occurred. EventID: 0x0000006C
Time Generated: 02/12/2019 13:17:09
Event String:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
A warning event occurred. EventID: 0x00000458
Time Generated: 02/12/2019 13:17:09
Event String:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
……………………. HOST2 failed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=DomainDnsZones,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=ForestDnsZones,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=ad,DC=cmli,DC=net.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
……………………. HOST2 passed test Topology
Starting test: VerifyEnterpriseReferences
……………………. HOST2 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=HOST2,OU=Domain Controllers,DC=ad,DC=cmli,DC=net and backlink
on CN=HOST2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net are correct.
The system object reference (serverReferenceBL)
CN=HOST2,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=ad,DC=cmli,DC=net and
backlink on
CN=NTDS Settings,CN=HOST2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=cmli,DC=net
are correct.
The system object reference (msDFSR-ComputerReferenceBL)
CN=HOST2,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=ad,DC=cmli,DC=net and
backlink on CN=HOST2,OU=Domain Controllers,DC=ad,DC=cmli,DC=net are correct.
……………………. HOST2 passed test VerifyReferences
Starting test: VerifyReplicas
……………………. HOST2 passed test VerifyReplicas

Starting test: DNS

DNS Tests are running and not hung. Please wait a few minutes…
See DNS test in enterprise tests section for results
……………………. HOST2 failed test DNS

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
……………………. DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
……………………. DomainDnsZones passed test CrossRefValidation

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
……………………. ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
……………………. ForestDnsZones passed test CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
……………………. Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
……………………. Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
……………………. Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
……………………. Configuration passed test CrossRefValidation

Running partition tests on : ad
Starting test: CheckSDRefDom
……………………. ad passed test CheckSDRefDom
Starting test: CrossRefValidation
……………………. ad passed test CrossRefValidation

Running enterprise tests on : ad.cmli.net
Starting test: DNS
Test results for domain controllers:

DC: HOST2.ad.cmli.net
Domain: ad.cmli.net

TEST: Authentication (Auth)
Authentication test: Successfully completed

TEST: Basic (Basc)
The OS Microsoft Windows Server 2016 Datacenter (Service Pack level: 0.0) is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000010] Hyper-V Virtual Ethernet Adapter:
MAC address is 44:A8:42:48:DF:C1
IP Address is static
IP address: 192.168.1.12, fe80::8dbe:162b:73a5:c5ef
DNS servers:
127.0.0.1 (HOST2) [Valid]
192.168.1.13 (FM1) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)
[Error details: 5 (Type: Win32 — Description: Access is denied.)]

Summary of test results for DNS servers used by the above domain controllers:

DNS server: 192.168.1.12 (HOST2)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered

DNS server: 192.168.1.13 (FM1)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: ad.cmli.net
HOST2 PASS WARN n/a n/a n/a n/a n/a

……………………. ad.cmli.net passed test DNS
Starting test: LocatorCheck
GC Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
PDC Name: \FM1.ad.cmli.net
Locator Flags: 0xe001f1fd
Time Server Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
Preferred Time Server Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
KDC Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
……………………. ad.cmli.net passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
PDC Name: \FM1.ad.cmli.net
Locator Flags: 0xe001f1fd
Time Server Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
Preferred Time Server Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
KDC Name: \HOST2.ad.cmli.net
Locator Flags: 0xe001f1fc
……………………. ad.cmli.net passed test FsmoCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
provided.
……………………. ad.cmli.net passed test Intersite

C:Usersadministrator.AD>

Источник

Question

Answers

Warning no dns rpc connectivity error or non microsoft dns server is running

Warning no dns rpc connectivity error or non microsoft dns server is running