PDA

Показать полную графическую версию : [решено] Главное конечное имя неверно

Страниц : [1] 2
Карбофос
08-08-2011, 12:05
Добрый день! Подобная тема уже была, но, поскольку, возможно, у меня ситуация иная, создаю новую.

Итак, в домене 2 контроллера. Их обоих восстанавливали из бекапа (разница в срезах бекапов -- примерно 12 часов). После подъема не делается репликация с формулировкой "Главное конечное имя неверно". DNS, вроде, настроены. Предпочитаемые dns-серверы этих КД смотрят "друг на друга"

Выполнение netdom resetpwd (как тут (http://forum.oszone.net/post-1670630.html#post1670630) советовали) на DC1:
netdom resetpwd /server:DC2.mydomain.ru /userd:mydomain\administrator /passwordd:god
The machine account password for the local machine has been successfully reset
The command completed successfully

Выполнение repadmin /syncall:
* на DC1:
CALLBACK MESSAGE: Error contacting server 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru (network error): -2146893022 (0x80090322):
Главное конечное имя неверно.
CALLBACK MESSAGE: SyncAll Finished.
SyncAll reported the following errors:
Error contacting server 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru (network error): -2146893022 (0x80090322): Главное конечное имя неверно.
* на DC2:
CALLBACK MESSAGE: The following replication is in progress:
From: ba4c2bbb-07cb-4d1d-a17a-989c84c65db7._msdcs.mydomain.ru
To : 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru
CALLBACK MESSAGE: The following replication completed successfully:
From: ba4c2bbb-07cb-4d1d-a17a-989c84c65db7._msdcs.mydomain.ru
To : 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru
CALLBACK MESSAGE: SyncAll Finished. SyncAll terminated with no errors.

Кроме того, в логах на DC1 пишется ошибка kerberos #4:
Клиент Kerberos получил ошибку KRB_AP_ERR_MODIFIED с сервера host/DC2.mydomain.ru.
Использовавшееся конечное имя: mydomain\DC2$. Это значит, что пароль, который был использован
для шифрования билета службы Kerberos, отличается от пароля на конечном сервере.
Обычно это происходит, если в конечной сфере (mydomain.RU) и в сфере клиента имеются учетные
записи компьютеров с одинаковыми именами. Обратитесь к системному администратору.

Что можно сделать, чтоб восстановить возможность репликаций?
Telepuzik
08-08-2011, 12:23
Выполнение netdom resetpwd »
После выполнения данной команды КД перезагрузили? Службу центра распространения ключей Kerberos запустили?
Карбофос
08-08-2011, 12:41
Не перегружал. Как и было рекомендовано:
1) остановил службу, перевел ее запуск в "ручной"
2) выполнил resetpwd
3) запустил службу и сделал запуск "авто"

Сейчас перегрузил DC1. Реакция на repadmin /syncall изменилась:
CALLBACK MESSAGE: Error contacting server 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru (network error): 5 (0x5):
Отказано в доступе.
CALLBACK MESSAGE: Error contacting server ba4c2bbb-07cb-4d1d-a17a-989c84c65db7._msdcs.mydomain.ru (network error): 5 (0x5):
Отказано в доступе.
SyncAll exited with fatal Win32 error: 8440 (0x20f8):
Для этой операции репликации указан недопустимый контекст именования.
Telepuzik
08-08-2011, 13:31
Не перегружал. Как и было рекомендовано: »
Как раз в том посте на который вы указываете дается рекомендация перезагрузить КД после выполнения команды netdom.
На проблемном КД сохраните копию файлов %systemroot%\system32\config\netlogon.dns и %systemroot%\system32\config\Netlogon.dnb, затем удалите файлы Netlogon.dns и Netlogon.dnb. Выполните команды:
net stop netlogon
net start netlogon
netdiag /fix
netdiag /test:DNS /v
Вывод покажите.
Карбофос
08-08-2011, 13:50
netdiag /fix:

....................................

Computer Name: DC1
DNS Host Name: DC1.mydomain.ru
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 8, GenuineIntel
List of installed hotfixes :
KB2079403
KB2115168
KB2121546
KB2141007
KB2158563
KB2160329
KB2183461
KB2183461-IE7
KB2183461-IE8
KB2207559
KB2229593
KB2259922
KB2279986
KB2286198
KB2296011
KB2296199
KB2345886
KB2347290
KB2360131-IE8
KB2360937
KB2378111
KB2387149
KB2416400-IE8
KB2416451
KB2419635
KB2423089
KB2436673
KB2440591
KB2443105
KB2467659
KB923561
KB924667-v2
KB925398_WMP64
KB925876
KB925902-v2
KB926140-v5
KB927891
KB929123
KB930178
KB932168
KB933854
KB936357
KB938127
KB941569
KB943055
KB943460
KB943729
KB944338-v2
KB944653
KB945553
KB946026
KB948496
KB950760
KB950762
KB950974
KB951066
KB951748
KB952004
KB952069
KB952954
KB953298
KB954155
KB954550-v5
KB955069
KB955759
KB956572
KB956744
KB956802
KB956803
KB956844
KB958644
KB958869
KB959426
KB960225
KB960803
KB960859
KB961063
KB961118
KB961501
KB967715
KB967723
KB968389
KB968816
KB969059
KB969947
KB970238
KB970430
KB971032
KB971468
KB971513
KB971657
KB971737
KB971961
KB971961-IE8
KB972270
KB973037
KB973354
KB973507
KB973540
KB973687
KB973815
KB973869
KB973904
KB974112
KB974318
KB974392
KB974571
KB975025
KB975364-IE8
KB975467
KB975558_WM8
KB975560
KB975562
KB975713
KB976662-IE8
KB977290
KB977816
KB977914
KB978037
KB978262
KB978338
KB978542
KB978601
KB978695
KB978706
KB979306
KB979309
KB979482
KB979559
KB979683
KB979687
KB979907
KB980182
KB980195
KB980218
KB980232
KB980436
KB981322
KB981332-IE8
KB981350
KB981550
KB981793
KB981957
KB982132
KB982214
KB982381
KB982381-IE7
KB982632-IE8
KB982802
Q147222


Netcard queries test . . . . . . . : Passed
GetStats failed for 'Прямой параллельный порт'. [ERROR_NOT_SUPPORTED]
[WARNING] The net card 'Минипорт WAN (PPTP)' may not be working because it has not received any packets.
[WARNING] The net card 'Минипорт WAN (PPPoE)' may not be working because it has not received any packets.
[WARNING] The net card 'Минипорт WAN (IP)' may not be working because it has not received any packets.
GetStats failed for 'Минипорт WAN (L2TP)'. [ERROR_NOT_SUPPORTED]



Per interface results:

Adapter : Подключение по локальной сети

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : DC1
IP Address . . . . . . . . : 192.168.0.252
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.0.254
Dns Servers. . . . . . . . : 192.168.0.227
192.168.0.252


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{BC11B6F1-6725-4F51-A655-2E75264D03EC}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.0.227' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{BC11B6F1-6725-4F51-A655-2E75264D03EC}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{BC11B6F1-6725-4F51-A655-2E75264D03EC}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
Secure channel for domain 'mydomain' is to '\\DC2.mydomain.ru'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC 'DC2.mydomain.ru'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
Telepuzik
08-08-2011, 13:54
Карбофос,
А все остальное где??
Карбофос
08-08-2011, 13:55
вывод netdiag /test:DNS /v не умещается... сейчас в два захода сделаю...

netdiag /test:DNS /v:

Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
PASS - All the DNS entries for DC are registered on DNS server '192.168.0.227' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server '192.168.0.252' and other DCs also have some of the names registered.

Tests complete.


Computer Name: DC1
DNS Host Name: DC1.mydomain.ru
DNS Domain Name: mydomain.ru
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 8, GenuineIntel
Hotfixes :
Installed? Name
Yes KB2079403
Yes KB2115168
Yes KB2121546
Yes KB2141007
Yes KB2158563
Yes KB2160329
Yes KB2183461
Yes KB2183461-IE7
Yes KB2183461-IE8
Yes KB2207559
Yes KB2229593
Yes KB2259922
Yes KB2279986
Yes KB2286198
Yes KB2296011
Yes KB2296199
Yes KB2345886
Yes KB2347290
Yes KB2360131-IE8
Yes KB2360937
Yes KB2378111
Yes KB2387149
Yes KB2416400-IE8
Yes KB2416451
Yes KB2419635
Yes KB2423089
Yes KB2436673
Yes KB2440591
Yes KB2443105
Yes KB2467659
Yes KB923561
Yes KB924667-v2
Yes KB925398_WMP64
Yes KB925876
Yes KB925902-v2
Yes KB926140-v5
Yes KB927891
Yes KB929123
Yes KB930178
Yes KB932168
Yes KB933854
Yes KB936357
Yes KB938127
Yes KB941569
Yes KB943055
Yes KB943460
Yes KB943729
Yes KB944338-v2
Yes KB944653
Yes KB945553
Yes KB946026
Yes KB948496
Yes KB950760
Yes KB950762
Yes KB950974
Yes KB951066
Yes KB951748
Yes KB952004
Yes KB952069
Yes KB952954
Yes KB953298
Yes KB954155
Yes KB954550-v5
Yes KB955069
Yes KB955759
Yes KB956572
Yes KB956744
Yes KB956802
Yes KB956803
Yes KB956844
Yes KB958644
Yes KB958869
Yes KB959426
Yes KB960225
Yes KB960803
Yes KB960859
Yes KB961063
Yes KB961118
Yes KB961501
Yes KB967715
Yes KB967723
Yes KB968389
Yes KB968816
Yes KB969059
Yes KB969947
Yes KB970238
Yes KB970430
Yes KB971032
Yes KB971468
Yes KB971513
Yes KB971657
Yes KB971737
Yes KB971961
Yes KB971961-IE8
Yes KB972270
Yes KB973037
Yes KB973354
Yes KB973507
Yes KB973540
Yes KB973687
Yes KB973815
Yes KB973869
Yes KB973904
Yes KB974112
Yes KB974318
Yes KB974392
Yes KB974571
Yes KB975025
Yes KB975364-IE8
Yes KB975467
Yes KB975558_WM8
Yes KB975560
Yes KB975562
Yes KB975713
Yes KB976662-IE8
Yes KB977290
Yes KB977816
Yes KB977914
Yes KB978037
Yes KB978262
Yes KB978338
Yes KB978542
Yes KB978601
Yes KB978695
Yes KB978706
Yes KB979306
Yes KB979309
Yes KB979482
Yes KB979559
Yes KB979683
Yes KB979687
Yes KB979907
Yes KB980182
Yes KB980195
Yes KB980218
Yes KB980232
Yes KB980436
Yes KB981322
Yes KB981332-IE8
Yes KB981350
Yes KB981550
Yes KB981793
Yes KB981957
Yes KB982132
Yes KB982214
Yes KB982381
Yes KB982381-IE7
Yes KB982632-IE8
Yes KB982802
Yes Q147222


Netcard queries test . . . . . . . : Passed

Information of Netcard drivers:

---------------------------------------------------------------------------
Description: Прямой параллельный порт
Device: \DEVICE\{D56EB0ED-1FDE-4A35-8814-489733E5887B}
GetStats failed for 'Прямой параллельный порт'. [ERROR_NOT_SUPPORTED]
---------------------------------------------------------------------------
Description: Минипорт WAN (PPTP)
Device: \DEVICE\{D3D7F806-D3A2-4766-89F2-9F5854CCF92D}

Media State: Connected

Device State: Connected
Connect Time: 00:00:00
Media Speed: 0 bps

Packets Sent: 0
Bytes Sent (Optional): 0

Packets Received: 0
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0

[WARNING] The net card 'Минипорт WAN (PPTP)' may not be working because it has not received any packets.
---------------------------------------------------------------------------
Description: Минипорт WAN (PPPoE)
Device: \DEVICE\{52401B3C-04C3-4FD6-ACAB-830EF3F493DB}

Media State: Connected

Device State: Connected
Connect Time: 00:00:00
Media Speed: 0 bps

Packets Sent: 0
Bytes Sent (Optional): 0

Packets Received: 0
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0

[WARNING] The net card 'Минипорт WAN (PPPoE)' may not be working because it has not received any packets.
---------------------------------------------------------------------------
Description: Минипорт WAN (IP)
Device: \DEVICE\NDISWANIP

Media State: Connected

Device State: Connected
Connect Time: 01:06:12
Media Speed: 28 Kbps

Packets Sent: 0
Bytes Sent (Optional): 0

Packets Received: 0
Directed Pkts Recd (Optional): 0
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0

[WARNING] The net card 'Минипорт WAN (IP)' may not be working because it has not received any packets.
---------------------------------------------------------------------------
Description: Минипорт WAN (L2TP)
Device: \DEVICE\{D7108D0B-6095-46E2-B7DC-20AAA833A60F}
GetStats failed for 'Минипорт WAN (L2TP)'. [ERROR_NOT_SUPPORTED]
---------------------------------------------------------------------------
Description: VMware Accelerated AMD PCNet Adapter
Device: \DEVICE\{BC11B6F1-6725-4F51-A655-2E75264D03EC}

Media State: Connected

Device State: Connected
Connect Time: 01:06:12
Media Speed: 1 Gbps

Packets Sent: 277192
Bytes Sent (Optional): 57637025

Packets Received: 365276
Directed Pkts Recd (Optional): 352293
Bytes Received (Optional): 70270799
Directed Bytes Recd (Optional): 70270799

---------------------------------------------------------------------------
[PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

Adapter : Подключение по локальной сети
Adapter ID . . . . . . . . : {BC11B6F1-6725-4F51-A655-2E75264D03EC}

Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed
Machine is a . . . . . . . . . : Domain Controller
Netbios Domain name. . . . . . : mydomain
Dns domain name. . . . . . . . : mydomain.ru
Dns forest name. . . . . . . . : mydomain.ru
Domain Guid. . . . . . . . . . : {EBB7DD75-88DC-47F7-B057-D9F1B73D949A}
Domain Sid . . . . . . . . . . : S-1-5-21-2066648584-3145624946-3895715101
Logon User . . . . . . . . . . : Admin
Logon Domain . . . . . . . . . : mydomain


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{BC11B6F1-6725-4F51-A655-2E75264D03EC}
1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Passed
Interface {BC11B6F1-6725-4F51-A655-2E75264D03EC}
DNS Domain:
DNS Servers: 192.168.0.227 192.168.0.252
IP Address: Expected registration with PDN (primary DNS domain name):
Hostname: DC1.mydomain.ru.
Authoritative zone: mydomain.ru.
Primary DNS server: DC2.mydomain.ru 192.168.0.227
Authoritative NS:192.168.0.252 192.168.0.227
Check the DNS registration for DCs entries on DNS server '192.168.0.227'
The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.227 is:
DNS NAME = mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.gc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC2.mydomain.ru
SRV 0 100 3268 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ebb7dd75-88dc-47f7-b057-d9f1b73d949a.domains._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.ebb7dd75-88dc-47f7-b057-d9f1b73d949a.domains._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = gc._msdcs.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.227 is:
DNS NAME = gc._msdcs.mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is correct on DNS server '192.168.0.227'.

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kerberos._tcp.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru
SRV 0 100 88 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 88 DC2.mydomain.ru
SRV 0 100 88 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kerberos._tcp.mydomain.ru
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru
SRV 0 100 88 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.
Карбофос
08-08-2011, 13:57
netdiag /test:DNS /v (продолжение):

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru
SRV 0 100 88 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _gc._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _gc._tcp.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._udp.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kerberos._udp.mydomain.ru
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru
SRV 0 100 88 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kpasswd._tcp.mydomain.ru
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru
SRV 0 100 464 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._udp.mydomain.ru.
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _kpasswd._udp.mydomain.ru
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru
SRV 0 100 464 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = DomainDnsZones.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.227 is:
DNS NAME = DomainDnsZones.mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.DomainDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.DomainDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC00001.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = ForestDnsZones.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.227 is:
DNS NAME = ForestDnsZones.mydomain.ru
DNS DATA =
A 192.168.0.252
A 192.168.0.227
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ForestDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.ForestDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC00001.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.227'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.227', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.227 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
+------------------------------------------------------+

PASS - All the DNS entries for DC are registered on DNS server '192.168.0.227' and other DCs also have some of the names registered.
Check the DNS registration for DCs entries on DNS server '192.168.0.252'
The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.252 is:
DNS NAME = mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.gc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.gc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ebb7dd75-88dc-47f7-b057-d9f1b73d949a.domains._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.ebb7dd75-88dc-47f7-b057-d9f1b73d949a.domains._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = gc._msdcs.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.252 is:
DNS NAME = gc._msdcs.mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is correct on DNS server '192.168.0.252'.

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kerberos._tcp.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 88 DC2.mydomain.ru
SRV 0 100 88 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru
SRV 0 100 88 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.ru
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kerberos._tcp.mydomain.ru
DNS DATA =
SRV 0 100 88 DC2.mydomain.ru
SRV 0 100 88 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kerberos._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 88 DC2.mydomain.ru
SRV 0 100 88 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _gc._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _gc._tcp.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.mydomain.ru.
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _gc._tcp.Default-First-Site-Name._sites.mydomain.ru
DNS DATA =
SRV 0 100 3268 DC1.mydomain.ru
SRV 0 100 3268 DC2.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._udp.mydomain.ru.
DNS DATA =
SRV 0 100 88 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kerberos._udp.mydomain.ru
DNS DATA =
SRV 0 100 88 DC2.mydomain.ru
SRV 0 100 88 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._tcp.mydomain.ru.
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kpasswd._tcp.mydomain.ru
DNS DATA =
SRV 0 100 464 DC2.mydomain.ru
SRV 0 100 464 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._udp.mydomain.ru.
DNS DATA =
SRV 0 100 464 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _kpasswd._udp.mydomain.ru
DNS DATA =
SRV 0 100 464 DC2.mydomain.ru
SRV 0 100 464 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = DomainDnsZones.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.252 is:
DNS NAME = DomainDnsZones.mydomain.ru
DNS DATA =
A 192.168.0.227
A 192.168.0.252
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.DomainDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.DomainDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = ForestDnsZones.mydomain.ru.
DNS DATA =
A 192.168.0.252

The record on DNS server 192.168.0.252 is:
DNS NAME = ForestDnsZones.mydomain.ru
DNS DATA =
A 192.168.0.252
A 192.168.0.227
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ForestDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.ForestDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
+------------------------------------------------------+

The Record is different on DNS server '192.168.0.252'.
DNS server has more than one entries for this name, usually this means there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '192.168.0.252', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mydomain.ru.
DNS DATA =
SRV 0 100 389 DC1.mydomain.ru.

The record on DNS server 192.168.0.252 is:
DNS NAME = _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mydomain.ru
DNS DATA =
SRV 0 100 389 DC2.mydomain.ru
SRV 0 100 389 DC00001.mydomain.ru
SRV 0 100 389 DC1.mydomain.ru
+------------------------------------------------------+

PASS - All the DNS entries for DC are registered on DNS server '192.168.0.252' and other DCs also have some of the names registered.


The command completed successfully

Любопытно, что DC00001.mydomain.ru в домене быть не должно.. Возможно, это "старое" имя DC1.
Telepuzik
08-08-2011, 14:04
Любопытно, что DC00001.mydomain.ru в домене быть не должно.. »
Да эта запись однозначно лишняя.
Что показывает команда repadmin /syncall на DC1 и на DC2.
Карбофос
08-08-2011, 14:08
DC1:
CALLBACK MESSAGE: Error contacting server 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru (network error): -2146893022 (0x80090322):
Главное конечное имя неверно.
CALLBACK MESSAGE: SyncAll Finished.

SyncAll reported the following errors:
Error contacting server 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru (network error): -2146893022 (0x80090322):
Главное конечное имя неверно.


DC2:
CALLBACK MESSAGE: The following replication is in progress:
From: ba4c2bbb-07cb-4d1d-a17a-989c84c65db7._msdcs.mydomain.ru
To : 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru
CALLBACK MESSAGE: The following replication completed successfully:
From: ba4c2bbb-07cb-4d1d-a17a-989c84c65db7._msdcs.mydomain.ru
To : 8a6d014e-4e37-48ed-a504-676e028cca34._msdcs.mydomain.ru
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
Telepuzik
08-08-2011, 14:16
Покажите вывод команды netdom query fsmo.
Карбофос
08-08-2011, 14:19
DC1:
Schema owner DC2.mydomain.ru
Domain role owner DC2.mydomain.ru
PDC role DC2.mydomain.ru
RID pool manager DC2.mydomain.ru
Infrastructure owner DC2.mydomain.ru
The command completed successfully.


DC2:
Schema owner DC2.mydomain.ru
Domain role owner DC2.mydomain.ru
PDC role DC2.mydomain.ru
RID pool manager DC2.mydomain.ru
Infrastructure owner DC2.mydomain.ru
The command completed successfully.
zero55
08-08-2011, 14:29
Оба восстановлены из бэкапа?
Тогда зачем вы сбрасываете пароль?

Достаточно на одном сказать что он восстановлен из бэкапа тут (http://blog.wadmin.ru/2011/07/usn-rollback/).

Вы же сбросив пароль ничего кроме проблемы с керберосом не добьетесь.
Карбофос
08-08-2011, 14:52
repadmin /showutdvec
на DC1:
Caching GUIDs.
..
Default-First-Site-Name\DC1 @ USN 44708536 @ Time 2011-08-08 14:46:39
Default-First-Site-Name\DC2 @ USN 52826192 @ Time 2011-06-06 18:05:57
Default-First-Site-Name\DC1 (retired) @ USN 43321507 @ Time 2011-08-04 09:57:59
Default-First-Site-Name\DC2 (retired) @ USN 1595066 @ Time 2009-03-05 21:21:42


на DC2:
Caching GUIDs.
..
Default-First-Site-Name\DC2 (retired) @ USN 53794943 @ Time 2011-08-04 10:14:26
Default-First-Site-Name\DC1 (retired) @ USN 28046722 @ Time 2011-06-06 17:56:12
Default-First-Site-Name\DC2 @ USN 53867081 @ Time 2011-08-08 14:48:03
Default-First-Site-Name\DC2 (retired) @ USN 1595066 @ Time 2009-03-05 21:21:42


Что бы это могло значить, уважаемые гуру?
zero55
08-08-2011, 14:54
USN Rollback :)
ссылка выше...
Карбофос
08-08-2011, 15:14
zero55, не сочтите за словоблудство: просто, хочется уточнить, правильно ли я понял Вашу мысль... Вы предлагаете пойти методом №1?
zero55
08-08-2011, 15:19
Она вам уже не поможет.
Придется удалять роль контроллера
dcpromo /forceremoval
потом metadata cleanup
потом ставим контроллер заново.

PS методика №1 могла бы помочь только в случае поднятия первого контроллера и на втором отметить что он восстановлен из бэкапа.
Карбофос
08-08-2011, 15:32
Переустановка КД на работающем предприятии -- звучит, как приговор :)
Неужели нет терапевтических методов лечения этого заболевания?
zero55
08-08-2011, 15:43
Почему как приговор?
Это вполне нормальная ситуация. Главное иметь актуальные бэкапы.
Карбофос
09-08-2011, 10:30
Застрял на полпути. На DC1 снес контроллер домена, погасил его физически. Не пойму, как снести метадату... Вот что на DC2:
server connections: connect to server DC1
Привязка к DC1 ...
DsBindW ошибка 0x6ba(Сервер RPC недоступен.)
Или я что-то недопонял?



© OSzone.net 2001-2012