Ошибка при установке BDC
Модераторы: Trinity admin`s, Free-lance moderator`s
Ошибка при установке BDC
Есть PDC на первом сервере в режиме AD integrated - надо установить BDC на второй сервер. На первом PDC Лес и Дерево каталога работают в режиме 2003 Server.
На втором сервере установил WIN2003 server, сделал его компьюьтером основного домена, далее Запускаю dcpromo - компьютер считывает объекты AD с первого сервера, но через некоторое время выдает ошибку следующего рода - The operation failed because: The Active Directory Installation Wizard was unable to convert the computer account ____$ to a domain controller account. "Access is denied."
1. Что и где надо откорректировать\смотреть?
2. Есть ли зависимость от последовательности установки BDC и secondary dns server. Я бы хотел иметь эти две роли на втором сервере.Может надо вначале dns установить?
На втором сервере установил WIN2003 server, сделал его компьюьтером основного домена, далее Запускаю dcpromo - компьютер считывает объекты AD с первого сервера, но через некоторое время выдает ошибку следующего рода - The operation failed because: The Active Directory Installation Wizard was unable to convert the computer account ____$ to a domain controller account. "Access is denied."
1. Что и где надо откорректировать\смотреть?
2. Есть ли зависимость от последовательности установки BDC и secondary dns server. Я бы хотел иметь эти две роли на втором сервере.Может надо вначале dns установить?
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
Да - верно речь идет о win2003 server на обоих машинах
Да - верно речь идет о win2003 server на обоих машинах
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
Re: Да - верно речь идет о win2003 server на обоих машинах
Обычно, когда корректно настроены зоны ДНС и правильно сконфигуроровано сетевое окужение, установка DC должна пройти без проблем. Можно увидеть ipconfig /all с обоих серверов?UZZ писал(а):Да - верно речь идет о win2003 server на обоих машинах
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
Re: Да - верно речь идет о win2003 server на обоих машинах
И еще, скорей всего это не влияет на ошибку, но я бы прописал обратную зону домена вдобавок.UZZ писал(а):Да - верно речь идет о win2003 server на обоих машинах
ЭТО С ПЕРВОГО СЕРВЕРА
Windows IP Configuration
Host Name . . . . . . . . . . . . : server
Primary Dns Suffix . . . . . . . : greenside.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : greenside.local
Ethernet adapter Internet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-E0-06-09-55-66
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : хх.хх.ххх.хх
Subnet Mask . . . . . . . . . . . : 255.255.255.х
Default Gateway . . . . . . . . . : х.х.х.х
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Local:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C900B-COMBO Ethernet Adapter (Gener
ic) #2
Physical Address. . . . . . . . . : 00-10-5A-3A-4E-B6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.1
ЭТО СО ВТОРОГО СЕРВЕРА
Windows IP Configuration
Host Name . . . . . . . . . . . . : lord
Primary Dns Suffix . . . . . . . : greenside.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : greenside.local
Ethernet adapter Local Area Connection :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-30-48-71-E5-B9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.18
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Windows IP Configuration
Host Name . . . . . . . . . . . . : server
Primary Dns Suffix . . . . . . . : greenside.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : greenside.local
Ethernet adapter Internet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-E0-06-09-55-66
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : хх.хх.ххх.хх
Subnet Mask . . . . . . . . . . . : 255.255.255.х
Default Gateway . . . . . . . . . : х.х.х.х
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Local:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C900B-COMBO Ethernet Adapter (Gener
ic) #2
Physical Address. . . . . . . . . : 00-10-5A-3A-4E-B6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.1
ЭТО СО ВТОРОГО СЕРВЕРА
Windows IP Configuration
Host Name . . . . . . . . . . . . : lord
Primary Dns Suffix . . . . . . . : greenside.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : greenside.local
Ethernet adapter Local Area Connection :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-30-48-71-E5-B9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.18
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
Такая ошибка выдается на первом сервере при работе dcpromo на втором.
Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1925
Date: 25.10.2004
Time: 16:15:11
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SERVER
Description:
The attempt to establish a replication link for the following writable directory partition failed.
Directory partition:
CN=Configuration,DC=greenside,DC=local
Source domain controller:
CN=NTDS Settings,CN=LORD,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=greenside,DC=local
Source domain controller address:
5ba36f49-8137-4203-bf00-c4d6f2b876ac._msdcs.greenside.local
Intersite transport (if any):
This domain controller will be unable to replicate with the source domain controller until this problem is corrected.
User Action
Verify if the source domain controller is accessible or network connectivity is available.
Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ПРИ ЗАПУСКЕ DCDIAG - вот такая вот фигня, может это Поможет.
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\SERVER
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\SERVER
Starting test: Replications
......................... SERVER passed test Replications
Starting test: NCSecDesc
......................... SERVER passed test NCSecDesc
Starting test: NetLogons
......................... SERVER passed test NetLogons
Starting test: Advertising
......................... SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... SERVER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... SERVER passed test RidManager
Starting test: MachineAccount
......................... SERVER passed test MachineAccount
Starting test: Services
......................... SERVER passed test Services
Starting test: ObjectsReplicated
......................... SERVER passed test ObjectsReplicated
Starting test: frssysvol
......................... SERVER passed test frssysvol
Starting test: frsevent
......................... SERVER passed test frsevent
Starting test: kccevent
......................... SERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x40000004
Time Generated: 10/25/2004 17:05:20
Event String: The kerberos client received a
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:20
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:20
Event String: DCOM got error "%2147942405" from the computer
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:28
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:28
Event String: DCOM got error "%2147942405" from the computer
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:36
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:36
Event String: DCOM got error "%2147942405" from the computer
......................... SERVER failed test systemlog
Starting test: VerifyReferences
......................... SERVER passed test VerifyReferences
Running partition tests on : TAPI3Directory
Starting test: CrossRefValidation
......................... TAPI3Directory passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... TAPI3Directory passed test CheckSDRefDom
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : greenside
Starting test: CrossRefValidation
......................... greenside passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... greenside passed test CheckSDRefDom
Running enterprise tests on : greenside.local
Starting test: Intersite
......................... greenside.local passed test Intersite
Starting test: FsmoCheck
......................... greenside.local passed test FsmoCheck
Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1925
Date: 25.10.2004
Time: 16:15:11
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SERVER
Description:
The attempt to establish a replication link for the following writable directory partition failed.
Directory partition:
CN=Configuration,DC=greenside,DC=local
Source domain controller:
CN=NTDS Settings,CN=LORD,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=greenside,DC=local
Source domain controller address:
5ba36f49-8137-4203-bf00-c4d6f2b876ac._msdcs.greenside.local
Intersite transport (if any):
This domain controller will be unable to replicate with the source domain controller until this problem is corrected.
User Action
Verify if the source domain controller is accessible or network connectivity is available.
Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ПРИ ЗАПУСКЕ DCDIAG - вот такая вот фигня, может это Поможет.
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\SERVER
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\SERVER
Starting test: Replications
......................... SERVER passed test Replications
Starting test: NCSecDesc
......................... SERVER passed test NCSecDesc
Starting test: NetLogons
......................... SERVER passed test NetLogons
Starting test: Advertising
......................... SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... SERVER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... SERVER passed test RidManager
Starting test: MachineAccount
......................... SERVER passed test MachineAccount
Starting test: Services
......................... SERVER passed test Services
Starting test: ObjectsReplicated
......................... SERVER passed test ObjectsReplicated
Starting test: frssysvol
......................... SERVER passed test frssysvol
Starting test: frsevent
......................... SERVER passed test frsevent
Starting test: kccevent
......................... SERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x40000004
Time Generated: 10/25/2004 17:05:20
Event String: The kerberos client received a
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:20
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:20
Event String: DCOM got error "%2147942405" from the computer
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:28
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:28
Event String: DCOM got error "%2147942405" from the computer
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/25/2004 17:05:36
Event String: DCOM was unable to communicate with the computer
An Error Event occured. EventID: 0xC0002716
Time Generated: 10/25/2004 17:05:36
Event String: DCOM got error "%2147942405" from the computer
......................... SERVER failed test systemlog
Starting test: VerifyReferences
......................... SERVER passed test VerifyReferences
Running partition tests on : TAPI3Directory
Starting test: CrossRefValidation
......................... TAPI3Directory passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... TAPI3Directory passed test CheckSDRefDom
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : greenside
Starting test: CrossRefValidation
......................... greenside passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... greenside passed test CheckSDRefDom
Running enterprise tests on : greenside.local
Starting test: Intersite
......................... greenside.local passed test Intersite
Starting test: FsmoCheck
......................... greenside.local passed test FsmoCheck
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
У вас проблема с АД, не проходит Consistency Check. Сейчас посмотрю, что можно сделать.UZZ писал(а):Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1925
Date: 25.10.2004
Time: 16:15:11
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SERVER
Description:
The attempt to establish a replication link for the following writable directory partition failed.
- Stranger03
- Сотрудник Тринити
- Сообщения: 12979
- Зарегистрирован: 14 ноя 2003, 16:25
- Откуда: СПб, Екатеринбург
- Контактная информация:
Вообще наверное я не прав. К сожалению ничего толкового на KB не нашел, засранцы... Есть подозрение, что у вас проблемы с DNS. Ситуация такая, когда вы пытаетесь поднять второй контроллер, с первого через репликацию передается необходимая информация как для первого, так и для второго контроллера.UZZ писал(а):Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1925
Date: 25.10.2004
Time: 16:15:11
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SERVER
Description:
The attempt to establish a replication link for the following writable directory partition failed.
Directory partition:
CN=Configuration,DC=greenside,DC=local
Source domain controller:
CN=NTDS Settings,CN=LORD,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=greenside,DC=local
Source domain controller address:
5ba36f49-8137-4203-bf00-c4d6f2b876ac._msdcs.greenside.local
Intersite transport (if any):
This domain controller will be unable to replicate with the source domain controller until this problem is corrected.
User Action
Verify if the source domain controller is accessible or network connectivity is available.
Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.
Первое, что предлагаю, почитайте здесь и выполните настройки для Dynamic Updates.
http://support.microsoft.com/default.as ... -us;319202
Второе, помотрите, что происходит в логе DNS. Возможно там есть что-то, что натолкнет на мысли.
Третье, ммм, может имеет смысл все-таки поднять обратную зону AD Integrated, хотя это фигня....
Кто сейчас на конференции
Сейчас этот форум просматривают: нет зарегистрированных пользователей и 17 гостей