settingsLogin | Registersettings
Es tu primera visita? Te invitamos a visitar nuestra sección de preguntas frecuentes FAQ!
x
Show Menu

Error al intentar unir una pc al dominio o promover un DC (Después de darle de baja a un DC .)

0 votos

Saludos, Colegas

Tenia dos DC un servidor  dejo de funcionar, he realizado los siguientes;

  • Elimine los registro con el Metadata cleanup
  • Quite todos los registros del dns del server caído.
  •  ping al servidor y al dominio y responden perfectamente.

En línea de comandos ejecute:

ipconfig /flushdns
ipconfig /registerdns
net stop netlogon
net start netlogon

 

Nota: Cuando quiero cambiar el nombre a una maquina que pertenece al dominio, me sale este error  (el dominio especificado no existe o no se pudo poner en contacto con el.

ahora intento agregar una maquina al dominio o promoverlo y me dice los siguiente.;

Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

    DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "mine.local":

    The query was for the SRV record for _ldap._tcp.dc._msdcs.mine.local

    The following domain controllers were identified by the query:
    dbminecon.mine.local


    However no domain controllers could be contacted.

    Common causes of this error include:

    - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.

    - Domain controllers registered in DNS are not connected to the network or are not running.

Esto es lo que me sale al ejecutar el DCDiag

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine dbminecon, is a DC.
   * Connecting to directory service on server dbminecon.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 1 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

  
   Testing server: Default-First-Site-Name\DBMINECON
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... DBMINECON passed test Connectivity

Doing primary tests
  
   Testing server: Default-First-Site-Name\DBMINECON
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
            DC=ForestDnsZones,DC=mine,DC=local
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
            DC=DomainDnsZones,DC=mine,DC=local
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
            CN=Schema,CN=Configuration,DC=mine,DC=local
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
            CN=Configuration,DC=mine,DC=local
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
            DC=mine,DC=local
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
         * Replication Site Latency Check
         ......................... DBMINECON passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC DBMINECON.
         * Security Permissions Check for
           DC=ForestDnsZones,DC=mine,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=mine,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=mine,DC=local
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=mine,DC=local
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=mine,DC=local
            (Domain,Version 2)
         ......................... DBMINECON passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\DBMINECON\netlogon
         Verified share \\DBMINECON\sysvol
         ......................... DBMINECON passed test NetLogons
      Starting test: Advertising
         The DC DBMINECON is advertising itself as a DC and having a DS.
         The DC DBMINECON is advertising as an LDAP server
         The DC DBMINECON is advertising as having a writeable directory
         The DC DBMINECON is advertising as a Key Distribution Center
         The DC DBMINECON is advertising as a time server
         The DS DBMINECON is advertising as a GC.
         ......................... DBMINECON passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local
         ......................... DBMINECON passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 2600 to 1073741823
         * dbminecon.mine.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1600 to 2099
         * rIDPreviousAllocationPool is 1600 to 2099
         * rIDNextRID: 1753
         ......................... DBMINECON passed test RidManager
      Starting test: MachineAccount
         Checking machine account for DC DBMINECON on DC DBMINECON.
         * SPN found :LDAP/dbminecon.mine.local/mine.local
         * SPN found :LDAP/dbminecon.mine.local
         * SPN found :LDAP/DBMINECON
         * SPN found :LDAP/dbminecon.mine.local/MINE
         * SPN found :LDAP/a910b9ce-a82c-4396-a029-ba3b89abbbcf._msdcs.mine.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/a910b9ce-a82c-4396-a029-ba3b89abbbcf/mine.local
         * SPN found :HOST/dbminecon.mine.local/mine.local
         * SPN found :HOST/dbminecon.mine.local
         * SPN found :HOST/DBMINECON
         * SPN found :HOST/dbminecon.mine.local/MINE
         * SPN found :GC/dbminecon.mine.local/mine.local
         ......................... DBMINECON passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... DBMINECON passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         DBMINECON is in domain DC=mine,DC=local
         Checking for CN=DBMINECON,OU=Domain Controllers,DC=mine,DC=local in domain DC=mine,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local in domain CN=Configuration,DC=mine,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... DBMINECON passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... DBMINECON passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... DBMINECON passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... DBMINECON passed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0xC0001502
            Time Generated: 03/21/2013   10:47:54
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:00
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:01
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:01
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:01
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:02
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:02
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:02
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 03/21/2013   10:48:03
            (Event String could not be retrieved)
         ......................... DBMINECON failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)

         CN=DBMINECON,OU=Domain Controllers,DC=mine,DC=local and backlink on

         CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local

         are correct.
         The system object reference (frsComputerReferenceBL)

         CN=DBMINECON,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mine,DC=local

         and backlink on CN=DBMINECON,OU=Domain Controllers,DC=mine,DC=local

         are correct.
         The system object reference (serverReferenceBL)

         CN=DBMINECON,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mine,DC=local

         and backlink on

         CN=NTDS Settings,CN=DBMINECON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mine,DC=local

         are correct.
         ......................... DBMINECON passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError
  
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
  
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
  
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
  
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
  
   Running partition tests on : mine
      Starting test: CrossRefValidation
         ......................... mine passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... mine passed test CheckSDRefDom
  
   Running enterprise tests on : mine.local
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope

         provided by the command line arguments provided.
         ......................... mine.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\dbminecon.mine.local
         Locator Flags: 0xe00003fd
         PDC Name: \\dbminecon.mine.local
         Locator Flags: 0xe00003fd
         Time Server Name: \\dbminecon.mine.local
         Locator Flags: 0xe00003fd
         Preferred Time Server Name: \\dbminecon.mine.local
         Locator Flags: 0xe00003fd
         KDC Name: \\dbminecon.mine.local
         Locator Flags: 0xe00003fd
         ......................... mine.local passed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

Adjunto link del logdiag y netlog

http://www.sendspace.com/filegroup/wj6kGjQguvbI%2FiQgptUPzA

por (12 puntos)  
editado por

1 Respuesta

0 votos
Hola,

Registra nuevamente el DC actual en el DNS.

En línea de comandos ejecuta:

ipconfig /flushdns
ipconfig /registerdns
net stop netlogon
net start netlogon

Adicional a ello verifica que las estaciones si tengan de DNS primario el servidor actual.

Te pregunto algo, el servidor que diste de baja no tenía ningún Rol FSMO como el Damain Naming Master?
por (1.7k puntos)  
Ejecute los comando y sigue igual, las estaciones tienen el DNS del servidor actual.
El servidor no tenía los roles.

intente promoverlo a DC y me dice el mismo error.

el servidor esta en producción y tengo un caos.. este servidor era de app, fs, print server.
Hola,
Ejecuta en línea de comandos:  dcdiag -v > c:\logdiag.txt
En ese archivo que se genera en esa ruta podrás ver que es lo que está funcionando mal en tu DC.
nota: algunos equipos tardan mucho par iniciar sesión
Hola,
Por fortuna la funcionalidad de Directorio Activo está bien.
Ejecuta el diagnostico de DNS y red en general:
netdiag -v > C:\netlog.txt
Para verificar la tardanza de las estaciones para iniciar sesión:
dcdiag /test:dns > c:\dnslog.txt

PARA DESCARTAR QUE EL DC SI ESTË EN CAPACIDAD DE PRESENTARSE COMO DOMAIN CONTROLER EN EL DNS EJECUTA:
dcdiag /test:registerindns /dnsdomain:TUDominio.com /v
y postea la salida por favor.
Hola  Yojeury, por favor agrega todos datos a tu pregunta original, de esta manera no será necesario leer todos los comentarios para entender bien el escenario y será mucho más fácil ayudarte. Para editarla, haz clic en editar.
Hola Yojeury Vargas,
Podrias consultar en el servidor si estan instalados todos los roles. Ejecutar el siguiente comando y comentanos que te presenta.
C:\netdom query fsmo
Si, están todos los roles.
PARA DESCARTAR QUE EL DC SI ESTË EN CAPACIDAD DE PRESENTARSE COMO DOMAIN CONTROLER EN EL DNS EJECUTA:
 dcdiag /test:registerindns /dnsdomain:TUDominio.com /v
 y postea la salida por favor.
Yojeury Vargas, Podrias detallar mas el escenario sin comprometer la informacion de la empresa, entre mas informacion tengamos mejor podres asistirte.
Resultado

   Starting test: RegisterInDNS
      DNS configuration is sufficient to allow this domain controller to

      dynamically register the domain controller Locator records in DNS.
      
      The DNS configuration is sufficient to allow this computer to dynamically

      register the A record corresponding to its DNS name.
      
      ......................... dbminecon passed test RegisterInDNS
Muchas gracias,
esta solución me ha ayudado también.
E. St.
...