Sous les conseils de BigStyle, j'inaugure mon 1er post ici, avec un problème agassant.. (oui, je commence bien
)Je plante le décor :
3 serveurs dans une société (un de mes nouveau client) , 30 postes clients.
- 1 controleur principal de domaine (srvoptima, 2000 server sp3) - 192.9.193.40
- 1 serveur base données : base oracle sql
- 1 serveur compta srvcompta (sous nt4 avec d'ancienne appli mais tjs en utilisation)
- client sous 2000 pro
Objectif :
Ajout d'un nouveau serveur sous 2003 R2 pour dans un premier temps le passer en secondaire. (192.9.193.30)
Une fois la réplication des infos totalement effectuée, il passera en principal afin de faire sauter d'ancien (PIII, 256Mo de ram.. il a bien vécu).
Il y a pas mal de liens entre les appli professionnelles, c'est pourquoi un remplacement de serveur sans modifié le domaine a été privilégié.
Opérations :
Le 2003 a été ajouté au domaine, puis, dcpromo pour le placer en secondaire.
l'AD a bien été répliqué, mais pas le syslog ni le netlogon (qui ne sont même pas en partage)
message dans l'observateur d'évènement :
- Code: Tout sélectionner
Le service de réplication de fichiers initialise le volume système avec des données venant d'un autre contrôleur de domaine. L'ordinateur SRVOPTIMA2 ne peut pas devenir un contrôleur de domaine avant que le traitement ne soit effectué. Le volume système sera alors partagé en tant que SYSVOL.
Pour vérifier le partage SYSVOL, entrez à l'invite de commande :
net share
Lorsque le service de réplication de fichiers aura effectué le processus d'initialisation, le partage SYSVOL apparaîtra.
Afin d'avoir plus d'éléments :
DCDiag /v sur le 2003
- Code: Tout sélectionner
C:\Documents and Settings\Administrateur.DOM_PELLIET>dcdiag /v
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine srvoptima2, is a DC.
* Connecting to directory service on server srvoptima2.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: pelliet\SRVOPTIMA2
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SRVOPTIMA2 passed test Connectivity
Doing primary tests
Testing server: pelliet\SRVOPTIMA2
Starting test: Replications
* Replications Check
* Replication Latency Check
CN=Schema,CN=Configuration,DC=pelliet,DC=fr
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=pelliet,DC=fr
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=pelliet,DC=fr
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
* Replication Site Latency Check
......................... SRVOPTIMA2 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SRVOPTIMA2.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=pelliet,DC=fr
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=pelliet,DC=fr
(Configuration,Version 2)
* Security Permissions Check for
DC=pelliet,DC=fr
(Domain,Version 2)
Error AUTORITE NT\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes
Replication Synchronization
Manage Replication Topology
access rights for the naming context:
DC=pelliet,DC=fr
......................... SRVOPTIMA2 failed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Unable to connect to the NETLOGON share! (\\SRVOPTIMA2\netlogon)
[SRVOPTIMA2] An net use or LsaPolicy operation failed with error 1203,
Aucun logiciel réseau n'a accepté le chemin réseau fourni..
......................... SRVOPTIMA2 failed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for \\srvoptima.pelliet.fr, w
hen we were trying to reach SRVOPTIMA2.
Server is not responding or is not considered suitable.
The DC SRVOPTIMA2 is advertising itself as a DC and having a DS.
The DC SRVOPTIMA2 is advertising as an LDAP server
The DC SRVOPTIMA2 is advertising as having a writeable directory
The DC SRVOPTIMA2 is advertising as a Key Distribution Center
The DC SRVOPTIMA2 is advertising as a time server
The DS SRVOPTIMA2 is advertising as a GC.
......................... SRVOPTIMA2 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet
,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Domain Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet
,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
Role PDC Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet,CN
=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Rid Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet,CN
=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Ser
vers,CN=pelliet,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
......................... SRVOPTIMA2 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4209 to 1073741823
* srvoptima.pelliet.fr is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3709 to 4208
* rIDPreviousAllocationPool is 3709 to 4208
* rIDNextRID: 3709
......................... SRVOPTIMA2 passed test RidManager
Starting test: MachineAccount
Checking machine account for DC SRVOPTIMA2 on DC SRVOPTIMA2.
* SPN found :LDAP/srvoptima2.pelliet.fr/pelliet.fr
* SPN found :LDAP/srvoptima2.pelliet.fr
* SPN found :LDAP/SRVOPTIMA2
* SPN found :LDAP/srvoptima2.pelliet.fr/DOM_PELLIET
* SPN found :LDAP/ba89959f-7230-4b24-b6a3-a5132b052d42._msdcs.pelliet.f
r
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/ba89959f-7230-4b24-b6
a3-a5132b052d42/pelliet.fr
* SPN found :HOST/srvoptima2.pelliet.fr/pelliet.fr
* SPN found :HOST/srvoptima2.pelliet.fr
* SPN found :HOST/SRVOPTIMA2
* SPN found :HOST/srvoptima2.pelliet.fr/DOM_PELLIET
* SPN found :GC/srvoptima2.pelliet.fr/pelliet.fr
......................... SRVOPTIMA2 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SRVOPTIMA2 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
SRVOPTIMA2 is in domain DC=pelliet,DC=fr
Checking for CN=SRVOPTIMA2,OU=Domain Controllers,DC=pelliet,DC=fr in do
main DC=pelliet,DC=fr on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SRVOPTIMA2,CN=Servers,CN=pelliet,CN=Si
tes,CN=Configuration,DC=pelliet,DC=fr in domain CN=Configuration,DC=pelliet,DC=f
r on 1 servers
Object is up-to-date on all servers.
......................... SRVOPTIMA2 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
The registry lookup failed to determine the state of the SYSVOL. The
error returned was 0 (Opération réussie.). Check the FRS event log
to see if the SYSVOL has successfully been shared.
......................... SRVOPTIMA2 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034FD
Time Generated: 05/27/2008 10:02:34
(Event String could not be retrieved)
......................... SRVOPTIMA2 failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minut
es.
......................... SRVOPTIMA2 passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... SRVOPTIMA2 passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=SRVOPTIMA2,OU=Domain Controllers,DC=pelliet,DC=fr and backlink on
CN=SRVOPTIMA2,CN=Servers,CN=pelliet,CN=Sites,CN=Configuration,DC=pellie
t,DC=fr
are correct.
Some objects relating to the DC SRVOPTIMA2 have problems:
[1] Problem: Missing Expected Value
Base Object: CN=SRVOPTIMA2,OU=Domain Controllers,DC=pelliet,DC=fr
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN=SRVOPTIMA2,CN=Servers,CN=pelliet,CN=Sites,CN=Con
figuration,DC=pelliet,DC=fr
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
......................... SRVOPTIMA2 failed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : pelliet
Starting test: CrossRefValidation
......................... pelliet passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... pelliet passed test CheckSDRefDom
Running enterprise tests on : pelliet.fr
Starting test: Intersite
Skipping site pelliet, this site is outside the scope provided by the
command line arguments provided.
......................... pelliet.fr passed test Intersite
Starting test: FsmoCheck
GC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
PDC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
Time Server Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
KDC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
......................... pelliet.fr passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
C:\Documents and Settings\Administrateur.DOM_PELLIET>
Dcdiag /v sur srvoptima ( CPD, win2000)
- Code: Tout sélectionner
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:\WINNT\Profiles\Administrateur>dcdiag /v
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine srvoptima, is a DC.
* Connecting to directory service on server srvoptima.
* Collecting site info.
* Identifying all servers.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: pelliet\SRVOPTIMA
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SRVOPTIMA passed test Connectivity
Doing primary tests
Testing server: pelliet\SRVOPTIMA
Starting test: Replications
* Replications Check
......................... SRVOPTIMA passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=pelliet,DC=fr
* Security Permissions Check for
CN=Configuration,DC=pelliet,DC=fr
* Security Permissions Check for
DC=pelliet,DC=fr
Error AUTORITE NT\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes
Replication Syncronization
Manage Replication Topology
access rights for the naming context:
DC=pelliet,DC=fr
......................... SRVOPTIMA failed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... SRVOPTIMA passed test NetLogons
Starting test: Advertising
The DC SRVOPTIMA is advertising itself as a DC and having a DS.
The DC SRVOPTIMA is advertising as an LDAP server
The DC SRVOPTIMA is advertising as having a writeable directory
The DC SRVOPTIMA is advertising as a Key Distribution Center
The DC SRVOPTIMA is advertising as a time server
The DS SRVOPTIMA is advertising as a GC.
......................... SRVOPTIMA passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet
,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Domain Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet
,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
Role PDC Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet,CN
=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Rid Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet,CN
=Sites,CN=Configuration,DC=pelliet,DC=fr
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRVOPTIMA,CN=Ser
vers,CN=pelliet,CN=Sites,CN=Configuration,DC=pelliet,DC=fr
......................... SRVOPTIMA passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4209 to 1073741823
* srvoptima.pelliet.fr is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1209 to 1708
* rIDNextRID: 1364
* rIDPreviousAllocationPool is 1209 to 1708
......................... SRVOPTIMA passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/srvoptima.pelliet.fr/pelliet.fr
* SPN found :LDAP/srvoptima.pelliet.fr
* SPN found :LDAP/SRVOPTIMA
* SPN found :LDAP/srvoptima.pelliet.fr/DOM_PELLIET
* SPN found :LDAP/ded0b197-142c-4354-841f-f5ae0f81e672._msdcs.pelliet.f
r
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/ded0b197-142c-4354-84
1f-f5ae0f81e672/pelliet.fr
* SPN found :HOST/srvoptima.pelliet.fr/pelliet.fr
* SPN found :HOST/srvoptima.pelliet.fr
* SPN found :HOST/SRVOPTIMA
* SPN found :HOST/srvoptima.pelliet.fr/DOM_PELLIET
* SPN found :GC/srvoptima.pelliet.fr/pelliet.fr
......................... SRVOPTIMA passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
Dnscache Service is stopped on [SRVOPTIMA]
* Checking Service: NtFrs
* Checking Service: IsmServ
IsmServ Service is stopped on [SRVOPTIMA]
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
TrkWks Service is stopped on [SRVOPTIMA]
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
Could not open SMTPSVC Service on [SRVOPTIMA]:failed with 1060: Le s
ervice spÚcifiÚ n'existe pas en tant que service installÚ.
......................... SRVOPTIMA failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
SRVOPTIMA is in domain DC=pelliet,DC=fr
Checking for CN=SRVOPTIMA,OU=Domain Controllers,DC=pelliet,DC=fr in dom
ain DC=pelliet,DC=fr on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SRVOPTIMA,CN=Servers,CN=pelliet,CN=Sit
es,CN=Configuration,DC=pelliet,DC=fr in domain CN=Configuration,DC=pelliet,DC=fr
on 1 servers
Object is up-to-date on all servers.
......................... SRVOPTIMA passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
An Warning Event occured. EventID: 0x800034FA
Time Generated: 05/27/2008 01:38:16
(Event String could not be retrieved)
......................... SRVOPTIMA passed test frssysvol
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x8000043D
Time Generated: 05/27/2008 10:52:24
(Event String could not be retrieved)
......................... SRVOPTIMA failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... SRVOPTIMA passed test systemlog
Running enterprise tests on : pelliet.fr
Starting test: Intersite
Skipping site pelliet, this site is outside the scope provided by the
command line arguments provided.
......................... pelliet.fr passed test Intersite
Starting test: FsmoCheck
GC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
PDC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
Time Server Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
KDC Name: \\srvoptima.pelliet.fr
Locator Flags: 0xe00001fd
......................... pelliet.fr passed test FsmoCheck
C:\WINNT\Profiles\Administrateur>
Quelqu'un ici aurait-il une solution ? une piste ?
N'hésitez pas à me demander + d'info si besoin
Merci d'avance
Faudrait déjà vérifier, voire donner les droits ci-dessus à AUTORITE NT\ENTERPRISE DOMAIN CONTROLLERS 
