burgi 0 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Hallo zusammen Vorne weg, ich habe nicht wirklich sehr viel Erfahrung mit Windows Server Umgebungen und ich gebe mir alle Mühe, die ganze Situation verständlich zu schildern. Es ist nicht meine erste Umgebung, die ich aufsetze aber meine erste produktive Umgebung. Ich habe einen Domain Controller w2008 x64 R2 installiert und DNS aufgesetzt mit dcpromo usw. hat auch alles funktioniert. Der Server hat eine statische IP Adresse 192.168.1.10 und DNS fix auf Loopback Interface und auf den Router 192.168.1.1 der dann auch für DHCP und die Clients verantwortlich ist. Mein Problem ist, dass ich mich mit den Clients zwar anmelden kann, also das Anbinden an die Domäne hat funktioniert und auch das Anmelden mit dem Benutzerkonto ABER wenn ich mit den Clients ins Internet will startet zwar der IE mit Google und ich kann einen Suchbegriff eingeben und dieser wird auch gefunden (also nicht im Cache oder so). Klicke ich nun aber auf einen Link, dann stürtzt der IE ab während des Ladens oder kurz danach. Google und andere Webseiten kann ich pingen, auch die Clients den Server und umgekehrt. Das Internet scheint schon zu funktionieren aber nur für paar Sekunden, dann eben gibt es einen Absturz. Dasselbe Problem auf dem Server, wenn ich mich mit einem Domänenadminaccount anmelde. Melde ich mich jedoch LOKAL an den Clients oder am Server an funktioniert alles. Nur mit Domänenaccounts nicht! Es wäre sehr nett, wenn mir jemand helfen könnte. danke Statische Serverkonfiguration: Server IP Adresse: 192.168.1.10 Subnetzmaske: /24 Gateway: meinen Router 192.168.1.1 DNS1: 127.0.0.1 DNS2: meinen Router 192.168.1.1 Eventlog Einträge: The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data. Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.burgerarchitektur.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Servus, der DNS muss beim DC auf sich selber zeigen. D.h. erster DNS in den Netzwerkeinstellungen muss 192.168.1.10 lauten. Meiner Meinung nach hat hier die IP des Routers nix verloren. Router = Gateway. Du machst dann im DNS eine Weiterleitung auf die externen DNS deines Provider, somit können "externe" Adressen auch aufgelöst werden. Bei den Clients kommt als DNS der Server rein. Wieso nicht den DC als DHCP Server? LG bearbeitet 28. Januar 2013 von mcdaniels Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Danke für deine schnelle Hilfe: Habe die Server Konfig nun so geändert wie du gesagt hast: IP Adresse: 192.168.1.10 Subnetzmaske: /24 Gateway: meinen Router 192.168.1.1 DNS1: 192.168.1.10 DNS2: leer habe nun im DNS Manager unter Forwarders eine IP Adresse eingetragen nämlich die meines Routers 192.168.1.1? Ist das richtig so. Und der Haken bei "use root hints if no forwarders are available" ist gesetzt. Also, ich habe diese Einstellungen mal vorgenommen. Immer noch dasselbe Problem. Wenn ich mich lokal anmelde funktioniert das Internet wenn ich mich mit domänenaccounts am server oder an clients anmelde, dann stürtzt der Browser ab. Suchergebnisse auf google werden zwar noch angezeigt, aber beim Klick auf einen Link stürtzt der IE ab. Weitere Fehlermeldungen im Eventlog: Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. The WinRM service failed to create the following SPNs: WSMAN/srvdc01.firma.local; WSMAN/srvdc01. Additional Data The error received was 8344: %%8344. User Action The SPNs can be created by an administrator using setspn.exe utility. bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Hallo, ich glaube nicht, dass die Eventlogeinträge sich auf dein Problem beziehen. habe nun im DNS Manager unter Forwarders eine IP Adresse eingetragen nämlich die meines Routers 192.168.1.1 gib hier besser die DNS deines Provider ein. Danach auf dem DC und auf dem Client ein ipconfig /flushdns in der Kommandozeile. Lies dir das das bitte durch und checke deinen Server mal damit: http://www.faq-o-matic.net/2006/08/14/domaenencontroller-mit-dcdiag-pruefen/ Danach versuche mittels nslookup a.) deinen Clientnamen aufzulösen / die IP zu FQDN aufzulösen b.) irgend eine externe Website aufzulösen zb www.mcseboard.de, oder google.de Wenn das klappt, würde ich mir noch mittels tracert eine Routenverfolgung anschauen. Eventuell auch zu www.google.at Gibt es auf den Clients irgendwelche Eventlogeinträge zu dem Crash oder sonstige Auffälligkeiten? Stürzt auch der Firefox ab? LG bearbeitet 28. Januar 2013 von mcdaniels Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 Ok werde ich mal machen: Eventlog DNS: The DNS server could not bind a User Datagram Protocol (UDP) socket to 192.168.1.10. The event data is the error code. Restart the DNS server or reboot your computer. The DNS server could not open socket for address 192.168.1.10. Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parameters\ ListenAddress value in the services section of the registry and restart.) The DNS server could not bind a Transmission Control Protocol (TCP) socket to address 192.168.1.10. The event data is the error code. An IP address of 0.0.0.0 can indicate a valid "any address" configuration in which all configured IP addresses on the computer are available for use. Restart the DNS server or reboot the computer. Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Server schonmal durchgestartet? Alle Updates auf der Maschine? Sind die entsprechenden Zoneneinträge für den Server im DNS vorhanden? Läuft sonst etwas auf dem Server, dass eventuell den Start von DNS behindern könnte? (UDP Port 53) bearbeitet 28. Januar 2013 von mcdaniels Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Server habe ich mehrmals durchgestartet und auch dns service gestoppt und wieder gestartet. updates ebenfalls drauf, denn der server wurde von mir neu aufgesetzt. In der Forward Lookup zone sind drin: schoflerarchitektur.local und dort drin sind records: srvdc01.schoflerarchitektur.local, hostmaster.schoflerarchitektur.local same as parent folder) NS srvdc01.schoflerarchitektur.local (same as parent folder) host A 192.168.1.10 srcvdc01 host a 192.168.1.10 static wsbb 192.168.1.100 Also hier mal dxdiag: Directory Server Diagnosis Performing initial setup: * Connecting to directory service on server DC-Name. Ldap search capabality attribute search failed on server DC-Name, return value = 81 The host DC-Name could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Directory Server Diagnosis Performing initial setup: * Connecting to directory service on server srvdc01. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\SRVDC01 Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity * Active Directory RPC Services Check ......................... SRVDC01 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\SRVDC01 Starting test: Advertising The DC SRVDC01 is advertising itself as a DC and having a DS. The DC SRVDC01 is advertising as an LDAP server The DC SRVDC01 is advertising as having a writeable directory The DC SRVDC01 is advertising as a Key Distribution Center The DC SRVDC01 is advertising as a time server The DS SRVDC01 is advertising as a GC. ......................... SRVDC01 passed test Advertising Starting test: CheckSecurityError * Dr Auth: Beginning security errors check! Found KDC SRVDC01 for domain schoflerarchitektur.local in site Default-First-Site-Name Checking machine account for DC SRVDC01 on DC SRVDC01. * SPN found :LDAP/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local * SPN found :LDAP/srvdc01.schoflerarchitektur.local * SPN found :LDAP/SRVDC01 * SPN found :LDAP/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT * SPN found :LDAP/1a1846c5-15c0-431c-b3d1-6e09b0d69d07._msdcs.schoflerarchitektur.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a1846c5-15c0-431c-b3d1-6e09b0d69d07/schoflerarchitektur.local * SPN found :HOST/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local * SPN found :HOST/srvdc01.schoflerarchitektur.local * SPN found :HOST/SRVDC01 * SPN found :HOST/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT * SPN found :GC/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local [sRVDC01] DsReplicaGetInfo(KCC_DS_CONNECT_FAILURES) failed with error 8453, Replication access was denied.. [sRVDC01] Unable to query the list of KCC connection failures. Continuing... [sRVDC01] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>. ......................... SRVDC01 passed test CheckSecurityError Starting test: CutoffServers * Configuration Topology Aliveness Check * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Configuration,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... SRVDC01 passed test CutoffServers Starting test: FrsEvent * The File Replication Service Event log test Skip the test because the server is running DFSR. ......................... SRVDC01 passed test FrsEvent Starting test: DFSREvent The DFS Replication Event Log. ......................... SRVDC01 passed test DFSREvent Starting test: SysVolCheck * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... SRVDC01 passed test SysVolCheck Starting test: FrsSysVol * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... SRVDC01 passed test FrsSysVol Starting test: KccEvent * The KCC Event log test Found no KCC errors in "Directory Service" Event log in the last 15 minutes. ......................... SRVDC01 passed test KccEvent Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local Role Domain Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local Role PDC Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local Role Rid Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local ......................... SRVDC01 passed test KnowsOfRoleHolders Starting test: MachineAccount Checking machine account for DC SRVDC01 on DC SRVDC01. * SPN found :LDAP/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local * SPN found :LDAP/srvdc01.schoflerarchitektur.local * SPN found :LDAP/SRVDC01 * SPN found :LDAP/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT * SPN found :LDAP/1a1846c5-15c0-431c-b3d1-6e09b0d69d07._msdcs.schoflerarchitektur.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a1846c5-15c0-431c-b3d1-6e09b0d69d07/schoflerarchitektur.local * SPN found :HOST/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local * SPN found :HOST/srvdc01.schoflerarchitektur.local * SPN found :HOST/SRVDC01 * SPN found :HOST/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT * SPN found :GC/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local ......................... SRVDC01 passed test MachineAccount Starting test: NCSecDesc * Security Permissions check for all NC's on DC SRVDC01. * Security Permissions Check for DC=ForestDnsZones,DC=schoflerarchitektur,DC=local (NDNC,Version 3) * Security Permissions Check for DC=DomainDnsZones,DC=schoflerarchitektur,DC=local (NDNC,Version 3) * Security Permissions Check for CN=Schema,CN=Configuration,DC=schoflerarchitektur,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=schoflerarchitektur,DC=local (Configuration,Version 3) * Security Permissions Check for DC=schoflerarchitektur,DC=local (Domain,Version 3) ......................... SRVDC01 passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Verified share \\SRVDC01\netlogon Verified share \\SRVDC01\sysvol [sRVDC01] User credentials does not have permission to perform this operation. The account used for this test must have network logon privileges for this machine's domain. ......................... SRVDC01 failed test NetLogons Starting test: ObjectsReplicated SRVDC01 is in domain DC=schoflerarchitektur,DC=local Checking for CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local in domain DC=schoflerarchitektur,DC=local on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local in domain CN=Configuration,DC=schoflerarchitektur,DC=local on 1 servers Object is up-to-date on all servers. ......................... SRVDC01 passed test ObjectsReplicated Starting test: OutboundSecureChannels * The Outbound Secure Channels test ** Did not run Outbound Secure Channels test because /testdomain: was not entered ......................... SRVDC01 passed test OutboundSecureChannels Starting test: Replications * Replications Check [Replications Check,SRVDC01] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105 "Replication access was denied." ......................... SRVDC01 failed test Replications Starting test: RidManager * Available RID Pool for the Domain is 1600 to 1073741823 * srvdc01.schoflerarchitektur.local is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 1100 to 1599 * rIDPreviousAllocationPool is 1100 to 1599 * rIDNextRID: 1116 ......................... SRVDC01 passed test RidManager Starting test: Services * Checking Service: EventSystem * Checking Service: RpcSs * Checking Service: NTDS Could not open NTDS Service on SRVDC01, error 0x5 "Access is denied." * Checking Service: DnsCache * Checking Service: DFSR * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: w32time * Checking Service: NETLOGON ......................... SRVDC01 failed test Services Starting test: SystemLog * The System Event log test A warning event occurred. EventID: 0x0000002F Time Generated: 01/28/2013 18:55:59 Event String: Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. A warning event occurred. EventID: 0x8000001D Time Generated: 01/28/2013 19:08:48 Event String: The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate. An error event occurred. EventID: 0xC00038D6 Time Generated: 01/28/2013 19:09:17 Event String: The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data. A warning event occurred. EventID: 0x000003F6 Time Generated: 01/28/2013 19:09:17 Event String: Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.schoflerarchitektur.local timed out after none of the configured DNS servers responded. A warning event occurred. EventID: 0x00000090 Time Generated: 01/28/2013 19:09:21 Event String: The time service has stopped advertising as a good time source. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:46 Event String: Driver HP Color LaserJet CP3505 PCL 5c required for printer Automatisch HP Color LaserJet CP3505 PCL 5c auf ARCHOUTLOOK is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:46 Event String: Driver Apple Color LW 12/660 PS required for printer Automatisch FreePDF XP auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:47 Event String: Driver HP Color LaserJet CP3505 PCL 6 required for printer Automatisch HP Color LaserJet CP3505 PCL 6 auf WSFRANZISKA is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:47 Event String: Driver HP Color LaserJet CP3525 PCL 6 required for printer Automatisch HP Color LaserJet CP3525 1OG auf serverarch is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:48 Event String: Driver Amyuni Document Converter 2.51 required for printer Automatisch Roland Messerli PDF Writer auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:48 Event String: Driver EPSON Stylus S20 Series required for printer EPSON Stylus S20 Series is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:49 Event String: Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:50 Event String: Driver Amyuni Document Converter 2.51 required for printer Roland Messerli PDF Writer is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:51 Event String: Driver Amyuni Document Converter 400 required for printer Roland Messerli PDF Writer 4.00 is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:52 Event String: Driver Canon iP5200 required for printer !!WSFRANZISKA!Canon iP5200 is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:09:52 Event String: Driver HP Color LaserJet CP3525 PCL 6 required for printer !!serverarch!HP Color LaserJet CP3525 1OG is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0xC000271A Time Generated: 01/28/2013 19:10:45 Event String: The server {73C9DFA0-750D-11E1-B0C4-0800200C9A66} did not register with DCOM within the required timeout. A warning event occurred. EventID: 0x000727AA Time Generated: 01/28/2013 19:11:24 Event String: The WinRM service failed to create the following SPNs: WSMAN/srvdc01.schoflerarchitektur.local; WSMAN/srvdc01. Additional Data The error received was 8344: %%8344. User Action The SPNs can be created by an administrator using setspn.exe utility. A warning event occurred. EventID: 0x0000002F Time Generated: 01/28/2013 19:12:51 Event String: Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. A warning event occurred. EventID: 0x00001695 Time Generated: 01/28/2013 19:34:07 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'schoflerarchitektur.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. A warning event occurred. EventID: 0x00001695 Time Generated: 01/28/2013 19:34:07 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.schoflerarchitektur.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. A warning event occurred. EventID: 0x00001695 Time Generated: 01/28/2013 19:34:07 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.schoflerarchitektur.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. A warning event occurred. EventID: 0x8000001D Time Generated: 01/28/2013 19:37:24 Event String: The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate. An error event occurred. EventID: 0xC00038D6 Time Generated: 01/28/2013 19:37:53 Event String: The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data. A warning event occurred. EventID: 0x000003F6 Time Generated: 01/28/2013 19:37:53 Event String: Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.schoflerarchitektur.local timed out after none of the configured DNS servers responded. A warning event occurred. EventID: 0x00000090 Time Generated: 01/28/2013 19:37:57 Event String: The time service has stopped advertising as a good time source. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:27 Event String: Driver HP Color LaserJet CP3505 PCL 6 required for printer Automatisch HP Color LaserJet CP3505 PCL 6 auf WSFRANZISKA is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:28 Event String: Driver HP Color LaserJet CP3525 PCL 6 required for printer Automatisch HP Color LaserJet CP3525 1OG auf serverarch is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:28 Event String: Driver Apple Color LW 12/660 PS required for printer Automatisch FreePDF XP auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:29 Event String: Driver HP Color LaserJet CP3505 PCL 5c required for printer Automatisch HP Color LaserJet CP3505 PCL 5c auf ARCHOUTLOOK is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:29 Event String: Driver Amyuni Document Converter 2.51 required for printer Automatisch Roland Messerli PDF Writer auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:30 Event String: Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:30 Event String: Driver EPSON Stylus S20 Series required for printer EPSON Stylus S20 Series is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:33 Event String: Driver Amyuni Document Converter 2.51 required for printer Roland Messerli PDF Writer is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:35 Event String: Driver Amyuni Document Converter 400 required for printer Roland Messerli PDF Writer 4.00 is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:35 Event String: Driver Canon iP5200 required for printer !!WSFRANZISKA!Canon iP5200 is unknown. Contact the administrator to install the driver before you log in again. An error event occurred. EventID: 0x00000457 Time Generated: 01/28/2013 19:38:36 Event String: Driver HP Color LaserJet CP3525 PCL 6 required for printer !!serverarch!HP Color LaserJet CP3525 1OG is unknown. Contact the administrator to install the driver before you log in again. A warning event occurred. EventID: 0x000727AA Time Generated: 01/28/2013 19:40:00 Event String: The WinRM service failed to create the following SPNs: WSMAN/srvdc01.schoflerarchitektur.local; WSMAN/srvdc01. Additional Data The error received was 8344: %%8344. User Action The SPNs can be created by an administrator using setspn.exe utility. An error event occurred. EventID: 0xC000271A Time Generated: 01/28/2013 19:40:22 Event String: The server {73C9DFA0-750D-11E1-B0C4-0800200C9A66} did not register with DCOM within the required timeout. A warning event occurred. EventID: 0x0000002F Time Generated: 01/28/2013 19:41:26 Event String: Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. ......................... SRVDC01 failed test SystemLog Starting test: Topology * Configuration Topology Integrity Check * Analyzing the connection topology for DC=ForestDnsZones,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=DomainDnsZones,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Configuration,DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=schoflerarchitektur,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... SRVDC01 passed test Topology Starting test: VerifyEnterpriseReferences ......................... SRVDC01 passed test VerifyEnterpriseReferences Starting test: VerifyReferences The system object reference (serverReference) CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local and backlink on CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local are correct. The system object reference (serverReferenceBL) CN=SRVDC01,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=schoflerarchitektur,DC=local and backlink on CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local are correct. The system object reference (msDFSR-ComputerReferenceBL) CN=SRVDC01,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=schoflerarchitektur,DC=local and backlink on CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local are correct. ......................... SRVDC01 passed test VerifyReferences Starting test: VerifyReplicas ......................... SRVDC01 passed test VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... SRVDC01 failed test DNS Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : schoflerarchitektur Starting test: CheckSDRefDom ......................... schoflerarchitektur passed test CheckSDRefDom Starting test: CrossRefValidation ......................... schoflerarchitektur passed test CrossRefValidation Running enterprise tests on : schoflerarchitektur.local Starting test: DNS Test results for domain controllers: DC: srvdc01.schoflerarchitektur.local Domain: schoflerarchitektur.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) The OS Microsoft Windows Server 2008 R2 Enterprise (Service Pack level: 1.0) is supported. NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet: MAC address is 3C:4A:92:49:13:41 IP Address is static IP address: 192.168.1.10 DNS servers: 192.168.1.10 (SRVDC01) [Valid] The A host record(s) for this DC was found The SOA record for the Active Directory zone was found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) [Error details: 5 (Type: Win32 - Description: Access is denied.)] Summary of test results for DNS servers used by the above domain controllers: DNS server: 192.168.1.10 (SRVDC01) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: schoflerarchitektur.local srvdc01 PASS WARN n/a n/a n/a n/a n/a ......................... schoflerarchitektur.local passed test DNS Starting test: LocatorCheck GC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd PDC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd Time Server Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd Preferred Time Server Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd KDC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd ......................... schoflerarchitektur.local passed test LocatorCheck Starting test: FsmoCheck GC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd PDC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd Time Server Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd Preferred Time Server Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd KDC Name: \\srvdc01.schoflerarchitektur.local Locator Flags: 0xe00031fd ......................... schoflerarchitektur.local passed test FsmoCheck Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided. ......................... schoflerarchitektur.local passed test Intersite NSLOOKUP und Tracert: C:\Users\adm_ro>nslookup www.google.chServer: UnKnownAddress: 192.168.1.10 Non-authoritative answer:Name: www.google.chAddresses: 2a00:1450:4001:c02::5e 173.194.32.87 173.194.32.95 173.194.32.88 C:\Users\adm_ro>tracert www.google.at Tracing route to www.google.at [173.194.44.184]over a maximum of 30 hops: 1 1 ms <1 ms <1 ms 192.168.1.1 2 14 ms 17 ms 15 ms zhhia00p-adsl14.bluewin.ch [83.79.128.1] 3 16 ms 16 ms 17 ms 45-0-186-195.bluewin.ch [195.186.0.45] 4 49 ms 16 ms 14 ms 46-0-186-195.bluewin.ch [195.186.0.46] 5 19 ms 19 ms 19 ms 138.187.129.135 6 18 ms 15 ms 15 ms i79inx-015-ae3.bb.ip-plus.net [138.187.130.106] 7 92 ms 93 ms 95 ms 72.14.222.46 8 22 ms 16 ms 16 ms 209.85.243.125 9 17 ms 15 ms 16 ms 173.194.44.184 Trace complete. auf UPD Port 53 läuft nur dns. bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Hey, spontan war ich mal kurzerhand erschlagen von der Ausgabe die du hier rein gestellt hast ;-) Hat der Server in der DNS MMC alle nötigen Einträge (Host A, Pointer). Schaut nämlich so aus, als würde da was fehlen. Dein Nslookup meint nämlich : Server: UnKnown --> Hier sollte der FQDN deines Server stehen. LG bearbeitet 28. Januar 2013 von mcdaniels Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Reicht das? http://www.bilder-hochladen.net/files/kepi-1-c4ca-png.html http://www.bilder-hochladen.net/files/kepi-3-eccb-png.html Fehlt da was...keine Ahnung leider...bis anhing funktionierte DNS immer nach Neuinstallation, habe auch nichts da drin gemacht! bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
NorbertFe 2.016 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 Hey, spontan war ich mal kurzerhand erschlagen von der Ausgabe die du hier rein gestellt hast ;-) Hat der Server in der DNS MMC alle nötigen Einträge (Host A, Pointer). Schaut nämlich so aus, als würde da was fehlen. Dein Nslookup meint nämlich : Server: UnKnown --> Hier sollte der FQDN deines Server stehen. LG Wenn man keine Reverse Zone nutzt (nicht notwendig) dann steht da auch kein Name. ;) Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Reverse Lookup brauchst auch noch. (ich mach das immer @Norbert -- aber danke für die Info ;-) --> Wusste ich nicht) bearbeitet 28. Januar 2013 von mcdaniels Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Meine Reverse Lookup ist leer! Muss das eine neue Zone rein, wenn ja, dann bin ich wohl spätestens jetzt überfordert ... Muss ich da eine primary, secondary, stub zone?? bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
NorbertFe 2.016 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 Nein braucht man nicht. Zitieren Link zu diesem Kommentar
burgi 0 Geschrieben 28. Januar 2013 Autor Melden Teilen Geschrieben 28. Januar 2013 (bearbeitet) Also das heisst jetzt, dass ich keine Reverse machen muss...ich habe so langsam das Gefühl, dass das Problem gar nicht bei DNS liegt?? Hat jemand von euch Lust per remote mir zu helfen hahahah :) bearbeitet 28. Januar 2013 von burgi Zitieren Link zu diesem Kommentar
mcdaniels 29 Geschrieben 28. Januar 2013 Melden Teilen Geschrieben 28. Januar 2013 Nein, musst du nicht -> siehe Norberts Anmerkung. Zitieren Link zu diesem Kommentar
Empfohlene Beiträge
Schreibe einen Kommentar
Du kannst jetzt antworten und Dich später registrieren. Falls Du bereits ein Mitglied bist, logge Dich jetzt ein.