Domain Controller Diagnosis Performing initial setup: * Connecting to directory service on server server1. * Collecting site info. * Identifying all servers. * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\SERVER1 Starting test: Connectivity * Active Directory LDAP Services Check * Active Directory RPC Services Check ......................... SERVER1 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\SERVER1 Starting test: Replications * Replications Check * Replication Latency Check * Replication Site Latency Check ......................... SERVER1 passed test Replications Test omitted by user request: Topology Test omitted by user request: CutoffServers Starting test: NCSecDesc * Security Permissions check for all NC's on DC SERVER1. * Security Permissions Check for DC=ForestDnsZones,DC=citycourt,DC=spb,DC=ru (NDNC,Version 2) * Security Permissions Check for DC=DomainDnsZones,DC=citycourt,DC=spb,DC=ru (NDNC,Version 2) * Security Permissions Check for CN=Schema,CN=Configuration,DC=citycourt,DC=spb,DC=ru (Schema,Version 2) * Security Permissions Check for CN=Configuration,DC=citycourt,DC=spb,DC=ru (Configuration,Version 2) * Security Permissions Check for DC=citycourt,DC=spb,DC=ru (Domain,Version 2) ......................... SERVER1 passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Verified share \\SERVER1\netlogon Verified share \\SERVER1\sysvol ......................... SERVER1 passed test NetLogons Starting test: Advertising The DC SERVER1 is advertising itself as a DC and having a DS. The DC SERVER1 is advertising as an LDAP server The DC SERVER1 is advertising as having a writeable directory The DC SERVER1 is advertising as a Key Distribution Center The DC SERVER1 is advertising as a time server The DS SERVER1 is advertising as a GC. ......................... SERVER1 passed test Advertising Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru Role Domain Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru Role PDC Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru Role Rid Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru Role Infrastructure Update Owner = CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru ......................... SERVER1 passed test KnowsOfRoleHolders Starting test: RidManager * Available RID Pool for the Domain is 1603 to 1073741823 * server1.citycourt.spb.ru is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 1103 to 1602 * rIDPreviousAllocationPool is 1103 to 1602 * rIDNextRID: 1343 ......................... SERVER1 passed test RidManager Starting test: MachineAccount Checking machine account for DC SERVER1 on DC SERVER1. * SPN found :LDAP/server1.citycourt.spb.ru/citycourt.spb.ru * SPN found :LDAP/server1.citycourt.spb.ru * SPN found :LDAP/SERVER1 * SPN found :LDAP/server1.citycourt.spb.ru/CITYCOURT * SPN found :LDAP/6c2c6c50-f82f-4989-a293-f82837dec1c7._msdcs.citycourt.spb.ru * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/6c2c6c50-f82f-4989-a293-f82837dec1c7/citycourt.spb.ru * SPN found :HOST/server1.citycourt.spb.ru/citycourt.spb.ru * SPN found :HOST/server1.citycourt.spb.ru * SPN found :HOST/SERVER1 * SPN found :HOST/server1.citycourt.spb.ru/CITYCOURT * SPN found :GC/server1.citycourt.spb.ru/citycourt.spb.ru ......................... SERVER1 passed test MachineAccount Starting test: Services * Checking Service: Dnscache * Checking Service: NtFrs * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: RpcSs * Checking Service: w32time * Checking Service: NETLOGON ......................... SERVER1 passed test Services Test omitted by user request: OutboundSecureChannels Starting test: ObjectsReplicated SERVER1 is in domain DC=citycourt,DC=spb,DC=ru Checking for CN=SERVER1,OU=Domain Controllers,DC=citycourt,DC=spb,DC=ru in domain DC=citycourt,DC=spb,DC=ru on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru in domain CN=Configuration,DC=citycourt,DC=spb,DC=ru on 1 servers Object is up-to-date on all servers. ......................... SERVER1 passed test ObjectsReplicated Starting test: frssysvol * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... SERVER1 passed test frssysvol Starting test: frsevent * The File Replication Service Event log test ......................... SERVER1 passed test frsevent Starting test: kccevent * The KCC Event log test Found no KCC errors in Directory Service Event log in the last 15 minutes. ......................... SERVER1 passed test kccevent Starting test: systemlog * The System Event log test Found no errors in System Event log in the last 60 minutes. ......................... SERVER1 passed test systemlog Test omitted by user request: VerifyReplicas Starting test: VerifyReferences The system object reference (serverReference) CN=SERVER1,OU=Domain Controllers,DC=citycourt,DC=spb,DC=ru and backlink on CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru are correct. The system object reference (frsComputerReferenceBL) CN=SERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=citycourt,DC=spb,DC=ru and backlink on CN=SERVER1,OU=Domain Controllers,DC=citycourt,DC=spb,DC=ru are correct. The system object reference (serverReferenceBL) CN=SERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=citycourt,DC=spb,DC=ru and backlink on CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=citycourt,DC=spb,DC=ru are correct. ......................... SERVER1 passed test VerifyReferences Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: CheckSecurityError Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : citycourt Starting test: CrossRefValidation ......................... citycourt passed test CrossRefValidation Starting test: CheckSDRefDom ......................... citycourt passed test CheckSDRefDom Running enterprise tests on : citycourt.spb.ru Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided. ......................... citycourt.spb.ru passed test Intersite Starting test: FsmoCheck GC Name: \\server1.citycourt.spb.ru Locator Flags: 0xe00003fd PDC Name: \\server1.citycourt.spb.ru Locator Flags: 0xe00003fd Time Server Name: \\server1.citycourt.spb.ru Locator Flags: 0xe00003fd Preferred Time Server Name: \\server1.citycourt.spb.ru Locator Flags: 0xe00003fd KDC Name: \\server1.citycourt.spb.ru Locator Flags: 0xe00003fd ......................... citycourt.spb.ru passed test FsmoCheck Test omitted by user request: DNS Test omitted by user request: DNS