Восстановил schema owner из образа котор.более 60дней.Получил неприятности.Направьте

Восстановил schema owner из образа котор.более 60дней.Получил неприятности.Направьте

obe

Новый участник

Сообщения: 2
Благодарности: 0

Изменения

Автор: obe
Дата: 30-09-2017

Имеются доставшиеся по наследству 2 сервера (win2003ent 5.2.3790 без sp). Оба контроллеры домена (MX1 (192.168.1.105 [и 192.168.37.105 наружний адрес]) и MX2 (192.168.1.106 [и 37.106])). Никогда не лез в AD, сделано не мной. Работает и ладно. Делал бэкапы(акронис). Обстоятельства сложились так что пришлось восстанавливать контроллер schema owner MX1 из образа более чем 60 дневной давности. Получил понятные проблемы . Заметил не сразу. Многого не знал. Взялся за ремонт сам.

История болезни:
изначально: Ошибки: 2042 It has been too long since this machine last replicated with the named source machine. The time between replications with this source has exceeded the tombstone lifetime. Replication has been stopped with this source и все прочие.
Внёс на обоих КД запись Allow Replication With Divergent and Corrupt Partner 1
Далее удалил (либо не удалил но вроде ошибки AD на нём пропали в итоге) мусор из восстановленного MX1: repadmin /removelingeringobjects ...
Далее решил подправить ошибку DNS на восстановленном MX1 командой DNS-RESTART и командами dcdiag /fix netdiag /fix. Видимо, зря. На MX1 DNS очистился полностью и полезли ошибки Active Directory was unable to establish a connection with the global catalog 1126/8430(internal failure). Перенести основную зону mydomain.ru с MX2 не смог - ошибка. Zone transfer request for secondary zone name refused by master 6525 Починил. Поменяв настройку на разрешительную на MX2 в настройках каждой зоны. Вкладка.ZONE TRANSFERS

Теперь понимаю что нужно сбросить безопасные каналы между КД
Это правильный путь? Или лучше восстановить снова, сделать system state backup. затем восстановиться в режиме AD restore mode

CNAME:

Скрытый текст

mx1 D080F00E-7D04-4A33-A74A-D8B803D8B48F._msdcs.mydomain.ru
mx2 6AC7E8A4-0317-4F8D-ADC5-4F9C92576C57._msdcs.mydomain.ru

Короткие выдержки dcdiag:
DCDIAG на MX1 и MX2

Скрытый текст

Testing server: Default-First-Site-Name\MX1
Starting test: Connectivity
The host d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru could not
be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru) couldn't be
resolved, the server name (mx1.mydomain.ru) resolved to the IP address
(192.168.1.105) and was pingable. Check that the IP address is
registered correctly with the DNS server.
......................... MX1 failed test Connectivity

Testing server: Default-First-Site-Name\MX2
Starting test: Replications
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: DC=ForestDnsZones,DC=mydomain,DC=ru
The replication generated an error (8524):
Win32 Error 8524
The failure occurred at 2017-09-25 19:44:47.
The last success occurred at 2017-09-15 19:49:18.
2 failures have occurred since the last success.
The guid-based DNS name d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.
mydomain.ru

dcdiag /a /v на MX1

Скрытый текст

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine mx1, is a DC.
* Connecting to directory service on server mx1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\MX1
Starting test: Connectivity
* Active Directory LDAP Services Check
The host d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru could not
be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru) couldn't be
resolved, the server name (mx1.mydomain.ru) resolved to the IP address
(192.168.1.105) and was pingable. Check that the IP address is
registered correctly with the DNS server.
......................... MX1 failed test Connectivity

Testing server: Default-First-Site-Name\MX2
Starting test: Connectivity
* Active Directory LDAP Services Check
The host 6ac7e8a4-0317-4f8d-adc5-4f9c92576c57._msdcs.mydomain.ru could not
be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6ac7e8a4-0317-4f8d-adc5-4f9c92576c57._msdcs.mydomain.ru) couldn't be
resolved, the server name (mx2.mydomain.ru) resolved to the IP address
(ЗДЕСЬ ПОЧЕМУ-ТО ПОЛУЧАЕМЫЙ ИЗ ИНЕТА IP MX2.MYDOMAIN.RU А НЕ ОДИН ИЗ ЕГО ВНУТРЕННИХ) and was pingable. Check that the IP address is
registered correctly with the DNS server.
......................... MX2 failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\MX1
Skipping all tests, because server MX1 is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences

Testing server: Default-First-Site-Name\MX2
Skipping all tests, because server MX2 is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
For the partition (DC=ForestDnsZones,DC=mydomain,DC=ru) we encountered
the following error retrieving the cross-ref's
(CN=afc17585-bbca-4966-9009-1ba87b0c2089,CN=Partitions,CN=Configurat
ion,DC=mydomain,DC=ru)
information:
LDAP Error 0x3a (58).
......................... ForestDnsZones failed test CrossRefValidation

Starting test: CheckSDRefDom
For the partition (DC=ForestDnsZones,DC=mydomain,DC=ru) we encountered
the following error retrieving the cross-ref's
(CN=afc17585-bbca-4966-9009-1ba87b0c2089,CN=Partitions,CN=Configurat
ion,DC=mydomain,DC=ru)
information:
LDAP Error 0x3a (58).
......................... ForestDnsZones failed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
For the partition (DC=DomainDnsZones,DC=mydomain,DC=ru) we encountered
the following error retrieving the cross-ref's
(CN=14dc285b-2517-4a1b-b0e1-50c0352d443c,CN=Partitions,CN=Configurat
ion,DC=mydomain,DC=ru)
information:
LDAP Error 0x3a (58).
......................... DomainDnsZones failed test CrossRefValidation

Starting test: CheckSDRefDom
For the partition (DC=DomainDnsZones,DC=mydomain,DC=ru) we encountered
the following error retrieving the cross-ref's
(CN=14dc285b-2517-4a1b-b0e1-50c0352d443c,CN=Partitions,CN=Configurat
ion,DC=mydomain,DC=ru)
information:
LDAP Error 0x3a (58).
......................... DomainDnsZones failed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
For the partition (CN=Schema,CN=Configuration,DC=mydomain,DC=ru) we
encountered the following error retrieving the cross-ref's
(CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)
information:
LDAP Error 0x3a (58).
......................... Schema failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
For the partition (CN=Configuration,DC=mydomain,DC=ru) we encountered
the following error retrieving the cross-ref's
(CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=mydomain,
DC=ru)
information:
LDAP Error 0x3a (58).
......................... Configuration failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : mydomain
Starting test: CrossRefValidation
For the partition (DC=mydomain,DC=ru) we encountered the following
error retrieving the cross-ref's
(CN=MYDOMAIN,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru) information:
LDAP Error 0x3a (58).
......................... mydomain failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom

Running enterprise tests on : mydomain.ru
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... mydomain.ru passed test Intersite
Starting test: FsmoCheck
GC Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
PDC Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
Time Server Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
KDC Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
......................... mydomain.ru passed test FsmoCheck

dcdiag /a /v на MX2:

Скрытый текст

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine mx2, is a DC.
* Connecting to directory service on server mx2.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\MX1
Starting test: Connectivity
* Active Directory LDAP Services Check
[MX1] LDAP bind failed with error 8341,
Win32 Error 8341.
.................... MX1 failed test Connectivity

Testing server: Default-First-Site-Name\MX2
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
.................... MX2 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\MX1
Skipping all tests, because server MX1 is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences

Testing server: Default-First-Site-Name\MX2
Starting test: Replications
* Replications Check
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: DC=ForestDnsZones,DC=mydomain,DC=ru
The replication generated an error (8524):
Win32 Error 8524
The failure occurred at 2017-09-25 19:44:47.
The last success occurred at 2017-09-15 19:49:18.
2 failures have occurred since the last success.
The guid-based DNS name d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru
is not registered on one or more DNS servers.
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: DC=DomainDnsZones,DC=mydomain,DC=ru
The replication generated an error (8524):
Win32 Error 8524
The failure occurred at 2017-09-25 19:44:47.
The last success occurred at 2017-09-15 20:00:54.
2 failures have occurred since the last success.
The guid-based DNS name d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru
is not registered on one or more DNS servers.
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: CN=Schema,CN=Configuration,DC=mydomain,DC=ru
The replication generated an error (-2146893022):
Win32 Error -2146893022
The failure occurred at 2017-09-26 00:59:12.
The last success occurred at 2017-09-15 19:49:18.
247 failures have occurred since the last success.
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: CN=Configuration,DC=mydomain,DC=ru
The replication generated an error (-2146893022):
Win32 Error -2146893022
The failure occurred at 2017-09-26 00:59:12.
The last success occurred at 2017-09-15 19:54:02.
250 failures have occurred since the last success.
[Replications Check,MX2] A recent replication attempt failed:
From MX1 to MX2
Naming Context: DC=mydomain,DC=ru
The replication generated an error (-2146893022):
Win32 Error -2146893022
The failure occurred at 2017-09-26 00:59:12.
The last success occurred at 2017-09-15 20:16:42.
336 failures have occurred since the last success.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
MX2: Current time is 2017-09-26 01:19:52.
DC=ForestDnsZones,DC=mydomain,DC=ru
Last replication recieved from MX1 at 2017-09-15 19:49:18.
DC=DomainDnsZones,DC=mydomain,DC=ru
Last replication recieved from MX1 at 2017-09-15 20:00:54.
CN=Schema,CN=Configuration,DC=mydomain,DC=ru
Last replication recieved from MX1 at 2017-09-15 19:49:18.
CN=Configuration,DC=mydomain,DC=ru
Last replication recieved from MX1 at 2017-09-15 19:54:02.
DC=mydomain,DC=ru
Last replication recieved from MX1 at 2017-09-15 20:16:42.
* Replication Site Latency Check
.................... MX2 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=mydomain,DC=ru
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=mydomain,DC=ru
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=mydomain,DC=ru
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=mydomain,DC=ru
(Configuration,Version 2)
* Security Permissions Check for
DC=mydomain,DC=ru
(Domain,Version 2)
.................... MX2 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
.................... MX2 passed test NetLogons
Starting test: Advertising
The DC MX2 is advertising itself as a DC and having a DS.
The DC MX2 is advertising as an LDAP server
The DC MX2 is advertising as having a writeable directory
The DC MX2 is advertising as a Key Distribution Center
The DC MX2 is advertising as a time server
The DS MX2 is advertising as a GC.
.................... MX2 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=MX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru
[MX1] DsBindWithSpnEx() failed with error -2146893022,
Win32 Error -2146893022.
Warning: MX1 is the Schema Owner, but is not responding to DS RPC Bind.
Warning: MX1 is the Schema Owner, but is not responding to LDAP Bind.
Role Domain Owner = CN=NTDS Settings,CN=MX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru
Warning: MX1 is the Domain Owner, but is not responding to DS RPC Bind.
Warning: MX1 is the Domain Owner, but is not responding to LDAP Bind.
Role PDC Owner = CN=NTDS Settings,CN=MX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru
Warning: MX1 is the PDC Owner, but is not responding to DS RPC Bind.
Warning: MX1 is the PDC Owner, but is not responding to LDAP Bind.
Role Rid Owner = CN=NTDS Settings,CN=MX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru
Warning: MX1 is the Rid Owner, but is not responding to DS RPC Bind.
Warning: MX1 is the Rid Owner, but is not responding to LDAP Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=MX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru
Warning: MX1 is the Infrastructure Update Owner, but is not responding to DS RPC Bind.
Warning: MX1 is the Infrastructure Update Owner, but is not responding to LDAP Bind.
.................... MX2 failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2111 to 1073741823
* mx1.mydomain.ru is the RID Master
.................... MX2 failed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/mx2.mydomain.ru/mydomain.ru
* SPN found :LDAP/mx2.mydomain.ru
* SPN found :LDAP/MX2
* SPN found :LDAP/mx2.mydomain.ru/MYDOMAIN
* SPN found :LDAP/6ac7e8a4-0317-4f8d-adc5-4f9c92576c57._msdcs.mydomain.ru
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/6ac7e8a4-0317-4f8d-adc5-4f9c92576c57/mydomain.ru
* SPN found :HOST/mx2.mydomain.ru/mydomain.ru
* SPN found :HOST/mx2.mydomain.ru
* SPN found :HOST/MX2
* SPN found :HOST/mx2.mydomain.ru/MYDOMAIN
* SPN found :GC/mx2.mydomain.ru/mydomain.ru
.................... MX2 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
.................... MX2 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
MX2 is in domain DC=mydomain,DC=ru
Checking for CN=MX2,OU=Domain Controllers,DC=mydomain,DC=ru in domain DC=mydomain,DC=ru on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=MX2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru in domain CN=Configuration,DC=mydomain,DC=ru on 1 servers
Object is up-to-date on all servers.
.................... MX2 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
.................... MX2 passed test frssysvol

<...>

.................... MX2 failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
.................... MX2 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x40000004
Time Generated: 09/26/2017 00:45:20
Event String: The kerberos client received a

KRB_AP_ERR_MODIFIED error from the server

host/mx1.mydomain.ru. The target name used was

cifs/MX1.mydomain.ru. This indicates that the

password used to encrypt the kerberos service

ticket is different than that on the target

server. Commonly, this is due to identically

named machine accounts in the target realm

(MYDOMAIN.RU), and the client realm. Please contact

your system administrator.
An Error Event occured. EventID: 0x40000004
Time Generated: 09/26/2017 00:47:38
Event String: The kerberos client received a

KRB_AP_ERR_MODIFIED error from the server

host/mx1.mydomain.ru. The target name used was

ldap/mx1.mydomain.ru. This indicates that the

password used to encrypt the kerberos service

ticket is different than that on the target

server. Commonly, this is due to identically

named machine accounts in the target realm

(MYDOMAIN.RU), and the client realm. Please contact

your system administrator.
An Error Event occured. EventID: 0x40000004
Time Generated: 09/26/2017 01:10:42
Event String: The kerberos client received a

KRB_AP_ERR_MODIFIED error from the server

host/mx1.mydomain.ru. The target name used was

ldap/d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru.

This indicates that the password used to encrypt

the kerberos service ticket is different than

that on the target server. Commonly, this is due

to identically named machine accounts in the

target realm (MYDOMAIN.RU), and the client realm.

Please contact your system administrator.
An Error Event occured. EventID: 0x40000004
Time Generated: 09/26/2017 01:10:42
Event String: The kerberos client received a

KRB_AP_ERR_MODIFIED error from the server

host/mx1.mydomain.ru. The target name used was

LDAP/d080f00e-7d04-4a33-a74a-d8b803d8b48f._msdcs.mydomain.ru.

This indicates that the password used to encrypt

the kerberos service ticket is different than

that on the target server. Commonly, this is due

to identically named machine accounts in the

target realm (MYDOMAIN.RU), and the client realm.

Please contact your system administrator.
.................... MX2 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)

CN=MX2,OU=Domain Controllers,DC=mydomain,DC=ru and backlink on

CN=MX2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru

are correct.
The system object reference (frsComputerReferenceBL)

CN=MX2,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mydomain,DC=ru

and backlink on CN=MX2,OU=Domain Controllers,DC=mydomain,DC=ru are

correct.
The system object reference (serverReferenceBL)

CN=MX2,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mydomain,DC=ru

and backlink on

CN=NTDS Settings,CN=MX2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=ru

are correct.
.................... MX2 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
For the partition (DC=ForestDnsZones,DC=mydomain,DC=ru) we encountered

the following error retrieving the cross-ref's

(CN=afc17585-bbca-4966-9009-1ba87b0c2089,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... ForestDnsZones failed test CrossRefValidation
Starting test: CheckSDRefDom
For the partition (DC=ForestDnsZones,DC=mydomain,DC=ru) we encountered

the following error retrieving the cross-ref's

(CN=afc17585-bbca-4966-9009-1ba87b0c2089,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... ForestDnsZones failed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
For the partition (DC=DomainDnsZones,DC=mydomain,DC=ru) we encountered

the following error retrieving the cross-ref's

(CN=14dc285b-2517-4a1b-b0e1-50c0352d443c,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... DomainDnsZones failed test CrossRefValidation
Starting test: CheckSDRefDom
For the partition (DC=DomainDnsZones,DC=mydomain,DC=ru) we encountered

the following error retrieving the cross-ref's

(CN=14dc285b-2517-4a1b-b0e1-50c0352d443c,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... DomainDnsZones failed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
For the partition (CN=Schema,CN=Configuration,DC=mydomain,DC=ru) we

encountered the following error retrieving the cross-ref's

(CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... Schema failed test CrossRefValidation
Starting test: CheckSDRefDom
.................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
For the partition (CN=Configuration,DC=mydomain,DC=ru) we encountered

the following error retrieving the cross-ref's

(CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru)

information:
LDAP Error 0x2095 (8341).
.................... Configuration failed test CrossRefValidation
Starting test: CheckSDRefDom
.................... Configuration passed test CheckSDRefDom

Running partition tests on : mydomain
Starting test: CrossRefValidation
For the partition (DC=mydomain,DC=ru) we encountered the following

error retrieving the cross-ref's

(CN=MYDOMAIN,CN=Partitions,CN=Configuration,DC=mydomain,DC=ru) information:

LDAP Error 0x2095 (8341).
.................... mydomain failed test CrossRefValidation
Starting test: CheckSDRefDom
.................... mydomain passed test CheckSDRefDom

Running enterprise tests on : mydomain.ru
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope

provided by the command line arguments provided.
.................... mydomain.ru passed test Intersite
Starting test: FsmoCheck
GC Name: \\mx2.mydomain.ru
Locator Flags: 0xe00001fc
PDC Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
Time Server Name: \\mx2.mydomain.ru
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\mx1.mydomain.ru
Locator Flags: 0xe00003fd
KDC Name: \\mx2.mydomain.ru
Locator Flags: 0xe00001fc
.................... mydomain.ru passed test FsmoCheck

Отправлено: 22:35, 25-09-2017

obe

Новый участник

Сообщения: 2
Благодарности: 0

Профиль | Отправить PM | Цитировать

Всё так плохо? Может быть тогда перехватить(seize) роли вторым контроллером и сделать на первом dcpromo /forceremoval а затем вернуть его в строй как вторичный контроллер?

Отправлено: 21:18, 26-09-2017 | #2

Для отключения данного рекламного блока вам необходимо зарегистрироваться или войти с учетной записью социальной сети.

Если же вы забыли свой пароль на форуме, то воспользуйтесь данной ссылкой для восстановления пароля.