Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

DNS Problem in Active Directory

  • 12-09-2008 5:53pm
    #1
    Closed Accounts Posts: 33


    Im getting the following error in my 2003 Active Directory.

    The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000020E3: SvcErr: DSID-031B063D, problem 5002 (UNAVAILABLE), data 0". The event data contains the error.

    whats happening now is that i cant add new machines to the domain.:confused:


Comments

  • Closed Accounts Posts: 2,039 ✭✭✭rmacm


    Probaby more appropriate for here. Moved from Nets & Comms.


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    did you try running DCDIAG or NETDIAG to see if any errors appear there?
    you'll probably need to give some more details too like how many machines you have on the domain, dns..

    check out these examples here

    http://technet.microsoft.com/en-us/library/cc758753.aspx

    try some of the diagnostic tests, then post up any potential errors.


  • Registered Users, Registered Users 2 Posts: 1,562 ✭✭✭cance


    more information on your environment please?

    small business server or standard/enterprise?
    multiple domain controllers or one?
    2003 native or mixed?
    active directory integrated zones?


  • Closed Accounts Posts: 33 aoidan


    Hi all,

    i did run DCDIAG and the only test that failed was :

    Starting test: KnowsOfRoleHolders
    Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Schema Owner, but is deleted.
    Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Domain Owner, but is deleted.
    ......................... TOYSSERVER failed test KnowsOfRoleHolders

    the system is windows 2003 standard server, just the one domain controller, there used to be two, im thinking maybe that is where my problem started from.( i did run dcpromo at the time by the way)
    All other DCDIAG tests passed.


  • Registered Users, Registered Users 2 Posts: 5,517 ✭✭✭axer


    aoidan wrote: »
    Hi all,

    i did run DCDIAG and the only test that failed was :

    Starting test: KnowsOfRoleHolders
    Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Schema Owner, but is deleted.
    Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Domain Owner, but is deleted.
    ......................... TOYSSERVER failed test KnowsOfRoleHolders

    the system is windows 2003 standard server, just the one domain controller, there used to be two, im thinking maybe that is where my problem is.
    All other DCDIAG tests passed.
    http://support.microsoft.com/kb/255504


  • Advertisement
  • Closed Accounts Posts: 33 aoidan


    by the way my DNS is AD integrated
    does it look likely that i will have to reinstall AD again.


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    i did run dcpromo at the time by the way

    you ran this, then the problems started?

    have you tried: netdiag /fix

    other than that, i don't know, sorry.


  • Registered Users, Registered Users 2 Posts: 5,517 ✭✭✭axer




  • Closed Accounts Posts: 33 aoidan


    yes to the 2 previous posts, ill keep looking around.


  • Closed Accounts Posts: 33 aoidan


    In the end i wiped the box and reinstalled, everything is fine now. thanks to you all for your help.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1 rugtert


    This is an old post but I am putting this here for anyone looking for a solution to this problem.

    The forestdnszones and domaindnszones property's called fSMORoleOwner does not get changed properly and keeps pointing to the old role owner after seizing the fsmo roles from an offline DC. To fix this you have to manually change the setting to the current role owner.

    For more information on how to do this see this post:
    http://www.more2know.nl/tag/fsmoroleowner/


Advertisement