DNS and AD issues on Child Domain

Giganews Newsgroups
Subject: DNS and AD issues on Child Domain
Posted by:  HbooGz (hboo…@gmail.com)
Date: Wed, 19 Nov 2008

I'm running Windows 2003 R2 across all my DC's.

single root consists of 2 domain controllers.

child domain consists of 1 domain controller.

In the child domain, the DC has DNS pointing to itself as the
preffered DNS and nothing else.

I also setup a stub zone for the root's FLZ on the childs DNS console.

Forwarding is set to the ISP on the child domain's DC/DNS server.

I'm getting the following on my DCDIAG output..

C:\>dcdiag /fix

Domain Controller Diagnosis

Performing initial setup:
  Done gathering initial info.

Doing initial required tests

  Testing server: jacwf\PHJACDC1
      Starting test: Connectivity
        ......................... PHJACDC1 passed test Connectivity

Doing primary tests

  Testing server: jacwf\PHJACDC1
      Starting test: Replications
        REPLICATION-RECEIVED LATENCY WARNING
        PHJACDC1:  Current time is 2008-11-19 13:40:26.
            DC=ForestDnsZones,DC=phippsny,DC=org
              Last replication recieved from PHPRINT1 at 2008-11-18
14:44:18.
              Last replication recieved from PHNJDC at 2008-11-18
13:50:27.
              Last replication recieved from PHDC1 at 2008-11-18
13:56:43.
            CN=Schema,CN=Configuration,DC=phippsny,DC=org
              Last replication recieved from PHPRINT1 at 2008-11-18
14:44:18.
              Last replication recieved from PHNJDC at 2008-11-18
13:50:27.
              Last replication recieved from PHDC1 at 2008-11-18
13:56:43.
            CN=Configuration,DC=phippsny,DC=org
              Last replication recieved from PHPRINT1 at 2008-11-18
14:44:18.
              Last replication recieved from PHNJDC at 2008-11-18
13:50:27.
              Last replication recieved from PHDC1 at 2008-11-18
13:56:43.
            DC=phippsny,DC=org
              Last replication recieved from PHPRINT1 at 2008-11-18
14:44:18.
              Last replication recieved from PHNJDC at 2008-11-18
14:35:27.
              Last replication recieved from PHDC1 at 2008-11-18
14:44:13.
        ......................... PHJACDC1 passed test Replications
      Starting test: NCSecDesc
        [PHJACDC1] LDAP bind failed with error 8341,
        A directory service error has occurred..
        ......................... PHJACDC1 failed test NCSecDesc
      Starting test: NetLogons
        ......................... PHJACDC1 passed test NetLogons
      Starting test: Advertising
        ......................... PHJACDC1 passed test Advertising
      Starting test: KnowsOfRoleHolders
        ......................... PHJACDC1 passed test
KnowsOfRoleHolders
      Starting test: RidManager
        ......................... PHJACDC1 passed test RidManager
      Starting test: MachineAccount
        ......................... PHJACDC1 passed test MachineAccount
      Starting test: Services
        ......................... PHJACDC1 passed test Services
      Starting test: ObjectsReplicated
        ......................... PHJACDC1 passed test
ObjectsReplicated
      Starting test: frssysvol
        ......................... PHJACDC1 passed test frssysvol
      Starting test: frsevent
        ......................... PHJACDC1 passed test frsevent
      Starting test: kccevent
        An Warning Event occured.  EventID: 0x80000785
            Time Generated: 11/19/2008  13:30:09
            Event String: The attempt to establish a replication link
for
        An Warning Event occured.  EventID: 0x80000786
            Time Generated: 11/19/2008  13:30:10
            Event String: The attempt to establish a replication link
to a
        An Warning Event occured.  EventID: 0x80000785
            Time Generated: 11/19/2008  13:30:10
            Event String: The attempt to establish a replication link
for
        An Warning Event occured.  EventID: 0x80000785
            Time Generated: 11/19/2008  13:30:10
            Event String: The attempt to establish a replication link
for
        ......................... PHJACDC1 failed test kccevent
      Starting test: systemlog
        An Error Event occured.  EventID: 0x40000004
            Time Generated: 11/19/2008  12:57:42
            Event String: The kerberos client received a
        An Error Event occured.  EventID: 0xC25A001D
            Time Generated: 11/19/2008  13:11:06
            (Event String could not be retrieved)
        An Error Event occured.  EventID: 0x40000004
            Time Generated: 11/19/2008  13:16:22
            Event String: The kerberos client received a
        An Error Event occured.  EventID: 0x40000004
            Time Generated: 11/19/2008  13:19:59
            Event String: The kerberos client received a
        ......................... PHJACDC1 failed test systemlog
      Starting test: VerifyReferences
        ......................... PHJACDC1 passed test
VerifyReferences

  Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
        ......................... DomainDnsZones passed test
CrossRefValidation

      Starting test: CheckSDRefDom
        ......................... DomainDnsZones passed test
CheckSDRefDom

  Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
        ......................... ForestDnsZones passed test
CrossRefValidation

      Starting test: CheckSDRefDom
        ......................... ForestDnsZones passed test
CheckSDRefDom

  Running partition tests on : jacwf
      Starting test: CrossRefValidation
        ......................... jacwf passed test
CrossRefValidation
      Starting test: CheckSDRefDom
        ......................... jacwf passed test CheckSDRefDom

  Running partition tests on : Schema
      Starting test: CrossRefValidation
        ......................... Schema passed test
CrossRefValidation
      Starting test: CheckSDRefDom
        ......................... Schema passed test CheckSDRefDom

  Running partition tests on : Configuration
      Starting test: CrossRefValidation
        ......................... Configuration passed test
CrossRefValidation
      Starting test: CheckSDRefDom
        ......................... Configuration passed test
CheckSDRefDom

  Running enterprise tests on : phippsny.org
      Starting test: Intersite
        ......................... phippsny.org passed test Intersite
      Starting test: FsmoCheck
        ......................... phippsny.org passed test FsmoCheck

The NCSecDesc test is causing AD problems for this particular domain
and i'm not sure how to fix it. Is it related to the partitions for
this domain ?

Replies