[adde] error 10054 bei DCDIAG-RReg-Tests
- From: <Matthias_Mehrtens@xxxxxxxx>
- To: <adde@xxxxxxxxxxxxx>
- Date: Tue, 10 Jan 2012 11:15:56 +0000
Hallo zusammen und noch ein Frohes Neues Jahr!
Ich habe bei einem Kunden-AD (alles 2008R2, nichts migriert sondern komplett
frisch installiert) ein Problem mit den Ergebnissen der DCDIAG-DNS-Tests (alle
genannten Server sind auf 2008 R2 SP1 mit aktuellem Patch-Stand):
- Wenn DCDIAG ich auf DC1 lokale laufen lasse (dcdiag /test:DNS /v), so
läuft alles sauber durch.
- Lasse ich DCDIAG auf DC1 laufen, gebe auf der Kommandozeile aber DC2
als "Ziel" an (dcdiag /test:DNS /v /s:DC2.my.domain), so läuft ebenfalls alles
prima ohne Fehler durch.
Alles prima bis hierhin, jetzt kommts:
Nehme ich einen Memberserver (mit installierten Administrationstools), lasse
dort DCDIAG laufen und gebe als Ziel einen der beiden DCs an so gibt's
folgendes Ergebnis (habe hier nur den Teil ausgeführt, der die Fehler
beinhaltet. Alle anderen DNS-Tests gehen ohne Fehler durch):
-----<schnipp>-----
>dcdiag /s:DC2.my.domain /test:DNS /DnsRecordRegistration /v
Directory Server Diagnosis
Performing initial setup:
* Connecting to directory service on server DC1.my.domain.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling
ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=my,DC=domain,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site
Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my,DC=domain
Getting ISTG and options for the site
* Identifying all servers.
Calling
ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=my,DC=domain,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS
Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my,DC=domain
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS
Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my,DC=domain
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC2
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC2
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC2 passed test DNS
Running partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : holderness
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running enterprise tests on : my.domain
Starting test: DNS
Test results for domain controllers:
DC: DC1.my.domain
Domain: my.domain
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS
Microsoft Windows Server 2008 R2 Enterprise (Service Pack
level: 1.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:50:56:A0:00:00
IP Address is static
IP address: 192.168.1.129, fe80::f092:b918:def7:32f
DNS servers:
192.168.1.128 (DC1) [Valid]
192.168.1.129 (DC2) [Valid]
127.0.0.1 (DC2) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found
primary
Root zone on this DC/DNS server was not found
TEST: Records registration (RReg)
Network Adapter
[00000007] Intel(R) PRO/1000 MT Network Connection:
Matching CNAME record found at DNS server 192.168.1.128:
63116796-7089-41c4-a211-060b67a6cc5d._msdcs.my.domain
Matching A record found at DNS server 192.168.1.128:
DC1.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.97d8ddbd-2def-4acd-94a0-0ba28d1b0e6c.domains._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kerberos._tcp.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kerberos._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kerberos._udp.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kpasswd._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.Default-First-Site-Name._sites.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_kerberos._tcp.Default-First-Site-Name._sites.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.gc._msdcs.my.domain
Matching A record found at DNS server 192.168.1.128:
gc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_gc._tcp.Default-First-Site-Name._sites.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.128:
_ldap._tcp.pdc._msdcs.my.domain
Matching CNAME record found at DNS server 192.168.1.129:
63116796-7089-41c4-a211-060b67a6cc5d._msdcs.my.domain
Matching A record found at DNS server 192.168.1.129:
DC1.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.97d8ddbd-2def-4acd-94a0-0ba28d1b0e6c.domains._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kerberos._tcp.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kerberos._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kerberos._udp.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kpasswd._tcp.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_kerberos._tcp.Default-First-Site-Name._sites.holderness.or
g
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.gc._msdcs.my.domain
Matching A record found at DNS server 192.168.1.129:
gc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_gc._tcp.Default-First-Site-Name._sites.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain
Matching SRV record found at DNS server 192.168.1.129:
_ldap._tcp.pdc._msdcs.my.domain
Warning:
Missing CNAME record at DNS server 192.168.1.129:
63116796-7089-41c4-a211-060b67a6cc5d._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Warning:
Missing A record at DNS server 192.168.1.129:
DC1.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.97d8ddbd-2def-4acd-94a0-0ba28d1b0e6c.domains._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kerberos._tcp.dc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.dc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kerberos._tcp.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kerberos._udp.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kpasswd._tcp.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_kerberos._tcp.Default-First-Site-Name._sites.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.gc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Warning:
Missing A record at DNS server 192.168.1.129:
gc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_gc._tcp.Default-First-Site-Name._sites.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error:
Missing SRV record at DNS server 192.168.1.129:
_ldap._tcp.pdc._msdcs.my.domain
[Error details: 10054 (Type: Win32 - Description: An
existing connection was forcibly closed by the remote host.)]
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.128 (DC1)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the
forest root domain is registered
DNS server: 192.168.1.129 (DC2)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the
forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: my.domain
dc2 PASS PASS n/a n/a n/a FAIL n/a
......................... my.domain failed test DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: Intersite
-----<schnapp>-----
Benutze ich DC1 als Ziel, so gibt's die gleichen 10054-Fehler, dann allerdings
nur für DC1 (bzw. IP .128).
Ich vermute, dass es sich hierbei nicht um eine AD-Fehlkonfiguration oder
ähnliches handelt, sondern dass es irgendwas mit den Netzwerkverbindungen zu
tun hat, die DCDIAG zur Laufzeit aufbaut/benötigt... Hat jemand eine Idee, oder
vielleicht hat das ja schon mal jemand gesehen und eine Erklärung dafür? Eine
intensive Google-Suche hat bisher noch nichts Vernünftiges gebracht.
Grüße
Matthias
Matthias Mehrtens
Dipl.-Phys.
Solution Architect
Dell | Global Infrastructure Consulting Services
Dell GmbH, Geschäftsanschrift/business address: Unterschweinstiege 10, 60549
Frankfurt am Main, Germany
Geschäftsführer: Mark Möbius, Barbara Wittmann, Jürgen Wilhelm Renz
Sitz: Frankfurt am Main, eingetragen beim Amtsgericht Frankfurt am Main unter
HRB 75453
USt.-ID: DE113541138, WEEE-Reg.Nr.: DE 49515708
Other related posts:
