Domain Controller Diagnosis using command dcdiag

How can you perform a Diagnosis in a domain controller to test Replication status and Replication Latency or any issues between them.
For this we need to install support tools

C:\support>dcdiag

Performing initial setup:
* Connecting to directory service on server testlab1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\TESTLAB1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
……………………. TESTLAB1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\TESTLAB1
Starting test: Replications
* Replications Check
* Replication Latency Check
* Replication Site Latency Check
……………………. TESTLAB1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC’s on DC TESTLAB1.
* Security Permissions Check for
DC=ForestDnsZones,DC=testlab,DC=net
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=testlab,DC=net
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=testlab,DC=net
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=testlab,DC=net
(Configuration,Version 2)
* Security Permissions Check for
DC=testlab,DC=net
(Domain,Version 2)
……………………. TESTLAB1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\TESTLAB1\netlogon
Verified share \\TESTLAB1\sysvol
……………………. TESTLAB1 passed test NetLogons
Starting test: Advertising
The DC TESTLAB1 is advertising itself as a DC and having a DS.
The DC TESTLAB1 is advertising as an LDAP server
The DC TESTLAB1 is advertising as having a writeable directory
The DC TESTLAB1 is advertising as a Key Distribution Center
The DC TESTLAB1 is advertising as a time server
The DS TESTLAB1 is advertising as a GC.
……………………. TESTLAB1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net
Role Domain Owner = CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net
Role PDC Owner = CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net
Role Rid Owner = CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net
Role Infrastructure Update Owner = CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net
……………………. TESTLAB1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2103 to 1073741823
* testlab1.testlab.net is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
* rIDPreviousAllocationPool is 1103 to 1602
* rIDNextRID: 1106
……………………. TESTLAB1 passed test RidManager
Starting test: MachineAccount
Checking machine account for DC TESTLAB1 on DC TESTLAB1.
* SPN found :LDAP/testlab1.testlab.net/testlab.net
* SPN found :LDAP/testlab1.testlab.net
* SPN found :LDAP/TESTLAB1
* SPN found :LDAP/testlab1.testlab.net/TESTLAB
* SPN found :LDAP/8e8ac158-58c1-4cba-b0dd-a4cc389850f1._msdcs.testlab.net
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/8e8ac158-58c1-4cba-b0dd-a4cc389850f1/testlab.net
* SPN found :HOST/testlab1.testlab.net/testlab.net
* SPN found :HOST/testlab1.testlab.net
* SPN found :HOST/TESTLAB1
* SPN found :HOST/testlab1.testlab.net/TESTLAB
* SPN found :GC/testlab1.testlab.net/testlab.net
……………………. TESTLAB1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
……………………. TESTLAB1 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
TESTLAB1 is in domain DC=testlab,DC=net
Checking for CN=TESTLAB1,OU=Domain Controllers,DC=testlab,DC=net in domain DC=testlab,DC=net on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net in domain CN=Configuration,DC=testlab,DC=net on 1 servers
Object is up-to-date on all servers.
……………………. TESTLAB1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service’s SYSVOL is ready
……………………. TESTLAB1 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the         SYSVOL has been shared.  Failing SYSVOL replication problems may cause         Group Policy problems.
An Warning Event occured.  EventID: 0x800034C4
Time Generated: 09/26/2008   20:20:29
(Event String could not be retrieved)
An Warning Event occured.  EventID: 0x800034C5
Time Generated: 09/26/2008   20:23:24
(Event String could not be retrieved)
……………………. TESTLAB1 failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
……………………. TESTLAB1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured.  EventID: 0x80001778
Time Generated: 09/26/2008   20:14:25
Event String: The previous system shutdown at 9:27:26 PM on9/25/2008 was unexpected.
……………………. TESTLAB1 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)         CN=TESTLAB1,OU=Domain Controllers,DC=testlab,DC=net and backlink on         CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net         are correct.
The system object reference (frsComputerReferenceBL)         CN=TESTLAB1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=testlab,DC=net         and backlink on CN=TESTLAB1,OU=Domain Controllers,DC=testlab,DC=net         are correct.
The system object reference (serverReferenceBL)         CN=TESTLAB1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=testlab,DC=net         and backlink on         CN=NTDS Settings,CN=TESTLAB1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testlab,DC=net         are correct.
……………………. TESTLAB1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
……………………. ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
……………………. ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
……………………. DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
……………………. DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
……………………. Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
……………………. Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
……………………. Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
……………………. Configuration passed test CheckSDRefDom

Running partition tests on : testlab
Starting test: CrossRefValidation
……………………. testlab passed test CrossRefValidation
Starting test: CheckSDRefDom
……………………. testlab passed test CheckSDRefDom

Running enterprise tests on : testlab.net
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope         provided by the command line arguments provided.
……………………. testlab.net passed test Intersite
Starting test: FsmoCheck
GC Name: \\testlab1.testlab.net
Locator Flags: 0xe00003fd
PDC Name: \\testlab1.testlab.net
Locator Flags: 0xe00003fd
Time Server Name: \\testlab1.testlab.net
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\testlab1.testlab.net
Locator Flags: 0xe00003fd
KDC Name: \\testlab1.testlab.net
Locator Flags: 0xe00003fd
……………………. testlab.net passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS

Advertisements

Posted on April 20, 2011, in Uncategorized, Windows. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: