Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine DC3, is a Directory Server. Home Server = DC3 * Connecting to directory service on server DC3. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=domain_name,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=domain_name,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=DC2,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected Getting information for the server CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 3 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: HQ\DC3 Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity * Active Directory RPC Services Check ......................... DC3 passed test Connectivity Doing primary tests Testing server: HQ\DC3 Starting test: Advertising The DC DC3 is advertising itself as a DC and having a DS. The DC DC3 is advertising as an LDAP server The DC DC3 is advertising as having a writeable directory The DC DC3 is advertising as a Key Distribution Center The DC DC3 is advertising as a time server The DS DC3 is advertising as a GC. ......................... DC3 passed test Advertising Starting test: CheckSecurityError * Dr Auth: Beginning security errors check! Found KDC DC3 for domain domain_name.local in site HQ Checking machine account for DC DC3 on DC DC3. * SPN found :LDAP/DC3.domain_name.local/domain_name.local * SPN found :LDAP/DC3.domain_name.local * SPN found :LDAP/DC3 * SPN found :LDAP/DC3.domain_name.local/domain_name * SPN found :LDAP/f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c._msdcs.domain_name.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c/domain_name.local * SPN found :HOST/DC3.domain_name.local/domain_name.local * SPN found :HOST/DC3.domain_name.local * SPN found :HOST/DC3 * SPN found :HOST/DC3.domain_name.local/domain_name * SPN found :GC/DC3.domain_name.local/domain_name.local Source DC DC1 has possible security error (1722). Diagnosing... Found KDC DC3 for domain domain_name.local in site HQ Checking time skew between servers: DC1 DC3 Time is in sync: 0 seconds different. Checking machine account for DC DC1 on DC DC3. * SPN found :LDAP/DC1.domain_name.local/domain_name.local * SPN found :LDAP/DC1.domain_name.local * SPN found :LDAP/DC1 * SPN found :LDAP/DC1.domain_name.local/domain_name * SPN found :LDAP/01ebe70a-7c8f-4d31-8558-86ef42e06b1b._msdcs.domain_name.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/01ebe70a-7c8f-4d31-8558-86ef42e06b1b/domain_name.local * SPN found :HOST/DC1.domain_name.local/domain_name.local * SPN found :HOST/DC1.domain_name.local * SPN found :HOST/DC1 * SPN found :HOST/DC1.domain_name.local/domain_name * SPN found :GC/DC1.domain_name.local/domain_name.local [DC1] DsBindWithSpnEx() failed with error 1722, The RPC server is unavailable.. RPC Extended Error Info not available. Use group policy on the local machine at "Computer Configuration/Administrative Templates/System/Remote Procedure Call" to enable it. Checking for CN=DC1,OU=Domain Controllers,DC=domain_name,DC=local in domain DC=domain_name,DC=local on 1 servers Object is up-to-date on all servers. * Security Permissions check for all NC's on DC DC1. * Security Permissions Check for DC=ForestDnsZones,DC=domain_name,DC=local (NDNC,Version 3) * Security Permissions Check for DC=DomainDnsZones,DC=domain_name,DC=local (NDNC,Version 3) * Security Permissions Check for CN=Schema,CN=Configuration,DC=domain_name,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=domain_name,DC=local (Configuration,Version 3) * Security Permissions Check for DC=domain_name,DC=local (Domain,Version 3) * Network Logons Privileges Check Verified share \\DC1\netlogon Verified share \\DC1\sysvol Ignoring DC DC1 in the convergence test of object CN=DC1,OU=Domain Controllers,DC=domain_name,DC=local, because we cannot connect! Checking for CN=DC1,OU=Domain Controllers,DC=domain_name,DC=local in domain DC=domain_name,DC=local on 2 servers Object is up-to-date on all servers. [DC1] Unable to diagnose problem for this source. See any errors reported in attempting tests. ......................... DC3 passed test CheckSecurityError Starting test: CutoffServers * Configuration Topology Aliveness Check * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Configuration,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... DC3 passed test CutoffServers Starting test: FrsEvent * The File Replication Service Event log test Skip the test because the server is running DFSR. ......................... DC3 passed test FrsEvent Starting test: DFSREvent The DFS Replication Event Log. There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 13:16:09 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE An error event occurred. EventID: 0xC0001390 Time Generated: 03/09/2021 13:30:31 Event String: The DFS Replication service failed to communicate with partner DC1 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server. Partner DNS Address: DC1.domain_name.local Optional data if available: Partner WINS Address: DC1 Partner IP Address: 192.168.1.85 The service will retry the connection periodically. Additional Information: Error: 1722 (The RPC server is unavailable.) Connection ID: 9DE905AE-261C-4EB5-990E-428544FEBC0E Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 14:17:09 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 15:17:09 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 16:20:08 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 17:16:07 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE An error event occurred. EventID: 0xC0001390 Time Generated: 03/09/2021 17:30:52 Event String: The DFS Replication service failed to communicate with partner DC1 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server. Partner DNS Address: DC1.domain_name.local Optional data if available: Partner WINS Address: DC1 Partner IP Address: 192.168.1.85 The service will retry the connection periodically. Additional Information: Error: 1722 (The RPC server is unavailable.) Connection ID: 9DE905AE-261C-4EB5-990E-428544FEBC0E Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/09/2021 18:17:09 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE An error event occurred. EventID: 0xC0001390 Time Generated: 03/10/2021 01:34:08 Event String: The DFS Replication service failed to communicate with partner DC1 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server. Partner DNS Address: DC1.domain_name.local Optional data if available: Partner WINS Address: DC1 Partner IP Address: 192.168.1.85 The service will retry the connection periodically. Additional Information: Error: 1722 (The RPC server is unavailable.) Connection ID: 9DE905AE-261C-4EB5-990E-428544FEBC0E Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/10/2021 08:16:05 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/10/2021 09:09:06 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE An error event occurred. EventID: 0xC0001390 Time Generated: 03/10/2021 09:37:25 Event String: The DFS Replication service failed to communicate with partner DC1 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server. Partner DNS Address: DC1.domain_name.local Optional data if available: Partner WINS Address: DC1 Partner IP Address: 192.168.1.85 The service will retry the connection periodically. Additional Information: Error: 1722 (The RPC server is unavailable.) Connection ID: 9DE905AE-261C-4EB5-990E-428544FEBC0E Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/10/2021 10:22:07 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/10/2021 11:15:06 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE A warning event occurred. EventID: 0x80001396 Time Generated: 03/10/2021 12:17:07 Event String: The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically. Additional Information: Error: 9036 (Paused for backup or restore) Connection ID: 373E4D13-87FD-4F2A-95B9-01DF6CD3A218 Replication Group ID: B8F22B47-9845-436A-9CC6-85E07FDF60DE ......................... DC3 failed test DFSREvent Starting test: SysVolCheck * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... DC3 passed test SysVolCheck Starting test: FrsSysVol * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... DC3 passed test FrsSysVol Starting test: KccEvent * The KCC Event log test Found no KCC errors in "Directory Service" Event log in the last 15 minutes. ......................... DC3 passed test KccEvent Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local Role Domain Owner = CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local Role PDC Owner = CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local Role Rid Owner = CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local ......................... DC3 passed test KnowsOfRoleHolders Starting test: MachineAccount Checking machine account for DC DC3 on DC DC3. * SPN found :LDAP/DC3.domain_name.local/domain_name.local * SPN found :LDAP/DC3.domain_name.local * SPN found :LDAP/DC3 * SPN found :LDAP/DC3.domain_name.local/domain_name * SPN found :LDAP/f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c._msdcs.domain_name.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c/domain_name.local * SPN found :HOST/DC3.domain_name.local/domain_name.local * SPN found :HOST/DC3.domain_name.local * SPN found :HOST/DC3 * SPN found :HOST/DC3.domain_name.local/domain_name * SPN found :GC/DC3.domain_name.local/domain_name.local ......................... DC3 passed test MachineAccount Starting test: NCSecDesc * Security Permissions check for all NC's on DC DC3. * Security Permissions Check for DC=ForestDnsZones,DC=domain_name,DC=local (NDNC,Version 3) * Security Permissions Check for DC=DomainDnsZones,DC=domain_name,DC=local (NDNC,Version 3) * Security Permissions Check for CN=Schema,CN=Configuration,DC=domain_name,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=domain_name,DC=local (Configuration,Version 3) * Security Permissions Check for DC=domain_name,DC=local (Domain,Version 3) ......................... DC3 passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Verified share \\DC3\netlogon Verified share \\DC3\sysvol ......................... DC3 passed test NetLogons Starting test: ObjectsReplicated DC3 is in domain DC=domain_name,DC=local Checking for CN=DC3,OU=Domain Controllers,DC=domain_name,DC=local in domain DC=domain_name,DC=local on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local in domain CN=Configuration,DC=domain_name,DC=local on 1 servers Object is up-to-date on all servers. ......................... DC3 passed test ObjectsReplicated Starting test: OutboundSecureChannels * The Outbound Secure Channels test ** Did not run Outbound Secure Channels test because /testdomain: was not entered ......................... DC3 passed test OutboundSecureChannels Starting test: Replications * Replications Check * Replication Latency Check DC=ForestDnsZones,DC=domain_name,DC=local Latency information for 7 entries in the vector were ignored. 7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). DC=DomainDnsZones,DC=domain_name,DC=local Latency information for 7 entries in the vector were ignored. 7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). CN=Schema,CN=Configuration,DC=domain_name,DC=local Latency information for 7 entries in the vector were ignored. 7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). CN=Configuration,DC=domain_name,DC=local Latency information for 7 entries in the vector were ignored. 7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). DC=domain_name,DC=local Latency information for 7 entries in the vector were ignored. 7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). ......................... DC3 passed test Replications Starting test: RidManager * Available RID Pool for the Domain is 34600 to 1073741823 * DC3.domain_name.local is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 34100 to 34599 * rIDPreviousAllocationPool is 34100 to 34599 * rIDNextRID: 34100 ......................... DC3 passed test RidManager Starting test: Services * Checking Service: EventSystem * Checking Service: RpcSs * Checking Service: NTDS * Checking Service: DnsCache * Checking Service: DFSR * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: w32time * Checking Service: NETLOGON ......................... DC3 passed test Services Starting test: SystemLog * The System Event log test An error event occurred. EventID: 0x0000272C Time Generated: 03/10/2021 12:36:49 Event String: DCOM was unable to communicate with the computer 4.2.2.2 using any of the configured protocols; requested by PID 710 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}. An error event occurred. EventID: 0x0000272C Time Generated: 03/10/2021 12:37:10 Event String: DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID 710 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}. ......................... DC3 failed test SystemLog Starting test: Topology * Configuration Topology Integrity Check * Analyzing the connection topology for DC=ForestDnsZones,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=DomainDnsZones,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Configuration,DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=domain_name,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... DC3 passed test Topology Starting test: VerifyEnterpriseReferences ......................... DC3 passed test VerifyEnterpriseReferences Starting test: VerifyReferences The system object reference (serverReference) CN=DC3,OU=Domain Controllers,DC=domain_name,DC=local and backlink on CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local are correct. The system object reference (serverReferenceBL) CN=DC3,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=domain_name,DC=local and backlink on CN=NTDS Settings,CN=DC3,CN=Servers,CN=HQ,CN=Sites,CN=Configuration,DC=domain_name,DC=local are correct. The system object reference (msDFSR-ComputerReferenceBL) CN=DC3,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=domain_name,DC=local and backlink on CN=DC3,OU=Domain Controllers,DC=domain_name,DC=local are correct. ......................... DC3 passed test VerifyReferences Starting test: VerifyReplicas ......................... DC3 passed test VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... DC3 passed test DNS Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : domain_name Starting test: CheckSDRefDom ......................... domain_name passed test CheckSDRefDom Starting test: CrossRefValidation ......................... domain_name passed test CrossRefValidation Running enterprise tests on : domain_name.local Starting test: DNS Test results for domain controllers: DC: DC3.domain_name.local Domain: domain_name.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) The OS Microsoft Windows Server 2019 Standard (Service Pack level: 0.0) is supported. NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000001] vmxnet3 Ethernet Adapter: MAC address is 00:50:56:93:6D:2B IP Address is static IP address: 192.168.1.86 DNS servers: 192.168.1.84 (DC2) [Valid] 127.0.0.1 (DC3) [Valid] 127.0.0.1 (DC3) [Valid] The A host record(s) for this DC was found The SOA record for the Active Directory zone was found The Active Directory zone on this DC/DNS server was found primary Root zone on this DC/DNS server was not found TEST: Forwarders/Root hints (Forw) Recursion is enabled Forwarders Information: 4.2.2.2 () [Valid] 8.8.8.8 () [Valid] TEST: Delegations (Del) Delegation information for the zone: domain_name.local. Delegated domain name: _msdcs.domain_name.local. DNS server: win-et62g9v96ip.domain_name.local. IP:192.168.1.85 [Valid] TEST: Dynamic update (Dyn) Test record dcdiag-test-record added successfully in zone domain_name.local Test record dcdiag-test-record deleted successfully in zone domain_name.local TEST: Records registration (RReg) Network Adapter [00000001] vmxnet3 Ethernet Adapter: Matching CNAME record found at DNS server 192.168.1.84: f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.84: DC3.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.b1a84221-703b-43a0-b0af-19ff8c596e27.domains._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kerberos._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kerberos._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kerberos._udp.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kpasswd._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kerberos._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _kerberos._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.gc._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.84: gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _gc._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.HQ._sites.gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.84: _ldap._tcp.pdc._msdcs.domain_name.local Matching CNAME record found at DNS server 192.168.1.86: f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.86: DC3.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.b1a84221-703b-43a0-b0af-19ff8c596e27.domains._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._udp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kpasswd._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.gc._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.86: gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _gc._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.pdc._msdcs.domain_name.local Matching CNAME record found at DNS server 192.168.1.86: f23c8d1a-14c0-4e07-9ffd-aaed5ed3305c._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.86: DC3.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.b1a84221-703b-43a0-b0af-19ff8c596e27.domains._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._udp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kpasswd._tcp.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.dc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _kerberos._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.gc._msdcs.domain_name.local Matching A record found at DNS server 192.168.1.86: gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _gc._tcp.HQ._sites.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.HQ._sites.gc._msdcs.domain_name.local Matching SRV record found at DNS server 192.168.1.86: _ldap._tcp.pdc._msdcs.domain_name.local Summary of test results for DNS servers used by the above domain controllers: DNS server: 192.168.1.84 (DC2) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered DNS server: 192.168.1.85 (win-et62g9v96ip.domain_name.local.) All tests passed on this DNS server DNS delegation for the domain _msdcs.domain_name.local. is operational on IP 192.168.1.85 DNS server: 192.168.1.86 (DC3) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered DNS server: 4.2.2.2 () All tests passed on this DNS server DNS server: 8.8.8.8 () All tests passed on this DNS server Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: domain_name.local DC3 PASS PASS PASS PASS PASS PASS n/a ......................... domain_name.local passed test DNS Starting test: LocatorCheck GC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd PDC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd Time Server Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd Preferred Time Server Name: \\DC1.domain_name.local Locator Flags: 0xe00033fc KDC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd ......................... domain_name.local passed test LocatorCheck Starting test: FsmoCheck GC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd PDC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd Time Server Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd Preferred Time Server Name: \\DC2.domain_name.local Locator Flags: 0xe000f3fc KDC Name: \\DC3.domain_name.local Locator Flags: 0xe003f1fd ......................... domain_name.local passed test FsmoCheck Starting test: Intersite Skipping site HQ, this site is outside the scope provided by the command line arguments provided. ......................... domain_name.local passed test Intersite