I had a catastrophic failure of a PDC emulator
(server01.landenhousecomputing.com). I was able to move the FSMO roles
to another DC (seize) (exchange.landenhousecomputing.com). I removed
references to server01 from AD Sites Services. I repointed (AD
Integrated) DNS to exchange.landenhousecomputing.com. Rebooted multiple
times. Since the crash, though,
* No one can connect to Exchange email
* I can't join a machine to the domain
* I can't DCPromo server01's replacement
* If I try to add a reverse lookup zone (AD integrated) for a different
subnet, I get the following error:
The zone cannot be created. There was a server failure.

I receive a variety of event log errors:
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10009
Date: 8/20/2009
Time: 2:19:27 PM
User: N/A
Computer: EXCHANGE
Description:
DCOM was unable to communicate with the computer
server01.LandenHouseComputing.com using any of the configured protocols.
(Note the reference to the failed DC - don't know where this comes
from) << Note the reference to the failed DC, but I don't know where
that comes from
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: DhcpServer
Event Category: None
Event ID: 1056
Date: 8/20/2009
Time: 2:18:11 PM
User: N/A
Computer: EXCHANGE
Description:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated
by the DHCP service. This is not a recommended security configuration.
Credentials for Dynamic DNS registrations may be configured using the
command line "netsh dhcp server set dnscredentials" or via the DHCP
Administrative tool. << Yes, I ran that <<
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 8/20/2009
Time: 2:18:01 PM
User: N/A
Computer: EXCHANGE
Description:
The Security System detected an authentication error for the server
LDAP/EXCHANGE. The failure code from authentication protocol Kerberos
was "There are currently no logon servers available to service the logon
request.
(0xc000005e)".
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Date: 8/20/2009
Time: 2:19:27 PM
User: N/A
Computer: EXCHANGE
Description:
Automatic certificate enrollment for local system failed to enroll for
one Domain Controller Authentication certificate (0x800706ba). The RPC
server is unavailable.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Date: 8/20/2009
Time: 2:19:27 PM
User: N/A
Computer: EXCHANGE
Description:
Automatic certificate enrollment for local system failed to enroll for
one Directory Email Replication certificate (0x800706ba). The RPC
server is unavailable.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 4521
Date: 8/20/2009
Time: 2:39:07 PM
User: N/A
Computer: EXCHANGE
Description:
The DNS server encountered error 9002 attempting to load zone . from
Active Directory. The DNS server will attempt to load this zone again on
the next timeout cycle. This can be caused by high Active Directory load
and may be a transient condition. << I used DNSCMD to change this to
registry only, & that made it so DNS didn't work at all, so changed back
to 3 - registry + AD
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Most of the online help suggests I had tried to do a domain rename. I
haven't. Ever.
Other possibly useful information:
DCDiag:

Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests

Testing server: Default-First-Site\EXCHANGE
Starting test: Connectivity
......................... EXCHANGE passed test Connectivity
Doing primary tests

Testing server: Default-First-Site\EXCHANGE
Starting test: Replications
......................... EXCHANGE passed test Replications
Starting test: NCSecDesc
......................... EXCHANGE passed test NCSecDesc
Starting test: NetLogons
......................... EXCHANGE passed test NetLogons
Starting test: Advertising
......................... EXCHANGE passed test Advertising
Starting test: KnowsOfRoleHolders
......................... EXCHANGE passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... EXCHANGE passed test RidManager
Starting test: MachineAccount
......................... EXCHANGE passed test MachineAccount
Starting test: Services
......................... EXCHANGE passed test Services
Starting test: ObjectsReplicated
......................... EXCHANGE passed test
ObjectsReplicated
Starting test: frssysvol
......................... EXCHANGE passed test frssysvol
Starting test: frsevent
......................... EXCHANGE passed test frsevent
Starting test: kccevent
......................... EXCHANGE passed test kccevent
Starting test: systemlog
......................... EXCHANGE passed test systemlog
Starting test: VerifyReferences
......................... EXCHANGE passed test
VerifyReferences

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom

Running partition tests on : LandenHouseComputing
Starting test: CrossRefValidation
......................... LandenHouseComputing passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... LandenHouseComputing passed test
CheckSDRefDom

Running enterprise tests on : LandenHouseComputing.com
Starting test: Intersite
......................... LandenHouseComputing.com passed test
Intersite
Starting test: FsmoCheck
......................... LandenHouseComputing.com passed test
FsmoCheck

NetDiag:

......................................
Computer Name: EXCHANGE
DNS Host Name: exchange.LandenHouseComputing.com
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 16 Model 2 Stepping 3, AuthenticAMD
List of installed hotfixes :
KB923561
KB924667-v2
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB932168
KB933729
KB933854
KB935839
KB935840
KB936021
KB936782
KB938127
KB938127-IE7
KB938464
KB941569
KB941693
KB942830
KB942831
KB943055
KB943295
KB943460
KB943485
KB943729
KB944338-v2
KB944653
KB945553
KB946026
KB948496
KB948590
KB949014
KB950762
KB950974
KB951066
KB951072-v2
KB951698
KB951748
KB952004
KB952069
KB952954
KB953838
KB953838-IE7
KB953839
KB954211
KB954600
KB955069
KB955839
KB956390-IE7
KB956391
KB956572
KB956744
KB956802
KB956803
KB956841
KB957095
KB957097
KB958215-IE7
KB958469
KB958644
KB958687
KB958690
KB959426
KB960225
KB960714-IE7
KB960715
KB960803
KB960859
KB961063
KB961260-IE7
KB961371
KB961371-v2
KB961373
KB961501
KB963027-IE7
KB967715
KB968389
KB968537
KB969805
KB969897-IE7
KB969897-IE8
KB969898
KB970238
KB970483
KB971032
KB971180-IE8
KB971557
KB971633
KB971657
KB972260-IE8
KB972636-IE8
KB973346
KB973354
KB973507
KB973540
KB973815
KB973825
KB973869
Q147222

Netcard queries test . . . . . . . : Passed

Per interface results:
Adapter : VM to Host Only
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : exchange
IP Address . . . . . . . . : 10.1.0.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 10.0.0.5

AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Adapter : DSL
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : exchange
IP Address . . . . . . . . : 67.42.197.177
Subnet Mask. . . . . . . . : 255.255.255.248
Default Gateway. . . . . . : 67.42.197.182
Dns Servers. . . . . . . . : 10.0.0.5

AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
No names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Adapter : LAN
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : exchange
IP Address . . . . . . . . : 10.0.0.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 10.0.0.5

AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.

Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{68C31838-8C6A-4201-A667-239437CC1F5E}
NetBT_Tcpip_{9385813F-CA4B-4117-B1FB-5D7C41228943}
2 NetBt transports currently configured.

Autonet address test . . . . . . . : Passed

IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Passed

NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names
defined.

Winsock test . . . . . . . . . . . : Passed

DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.0.0.5' and other DCs also have some of the names registered.

Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{68C31838-8C6A-4201-A667-239437CC1F5E}
NetBT_Tcpip_{9385813F-CA4B-4117-B1FB-5D7C41228943}
The redir is bound to 2 NetBt transports.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{68C31838-8C6A-4201-A667-239437CC1F5E}
NetBT_Tcpip_{9385813F-CA4B-4117-B1FB-5D7C41228943}
The browser is bound to 2 NetBt transports.

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Passed

Trust relationship test. . . . . . : Skipped

Kerberos test. . . . . . . . . . . : Passed

LDAP test. . . . . . . . . . . . . : Passed

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped
No active remote access connections.

Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed
information

The command completed successfully

NetLogon.dns

LandenHouseComputing.com. 600 IN A 10.0.0.5
_ldap._tcp.LandenHouseComputing.com. 600 IN SRV 0 100 389
exchange.LandenHouseComputing.com.
_ldap._tcp.Default-First-Site._sites.LandenHouseComputing.com. 600 IN
SRV 0 100 389 exchange.LandenHouseComputing.com.
_ldap._tcp.379c591a-6d94-477d-9a5b-6a43379c7fff.domains._msdcs.LandenHouseComputing.com.
600 IN SRV 0 100 389 exchange.LandenHouseComputing.com.
fcff472c-a6c6-4d25-bba2-dd05dae201eb._msdcs.LandenHouseComputing.com.
600 IN CNAME exchange.LandenHouseComputing.com.
_kerberos._tcp.dc._msdcs.LandenHouseComputing.com. 600 IN SRV 0 100 88
exchange.LandenHouseComputing.com.
_kerberos._tcp.Default-First-Site._sites.dc._msdcs.LandenHouseComputing.com.
600 IN SRV 0 100 88 exchange.LandenHouseComputing.com.
_ldap._tcp.dc._msdcs.LandenHouseComputing.com. 600 IN SRV 0 100 389
exchange.LandenHouseComputing.com.
_ldap._tcp.Default-First-Site._sites.dc._msdcs.LandenHouseComputing.com.
600 IN SRV 0 100 389 exchange.LandenHouseComputing.com.
_kerberos._tcp.LandenHouseComputing.com. 600 IN SRV 0 100 88
exchange.LandenHouseComputing.com.
_kerberos._tcp.Default-First-Site._sites.LandenHouseComputing.com. 600
IN SRV 0 100 88 exchange.LandenHouseComputing.com.
_kerberos._udp.LandenHouseComputing.com. 600 IN SRV 0 100 88
exchange.LandenHouseComputing.com.
_kpasswd._tcp.LandenHouseComputing.com. 600 IN SRV 0 100 464
exchange.LandenHouseComputing.com.
_kpasswd._udp.LandenHouseComputing.com. 600 IN SRV 0 100 464
exchange.LandenHouseComputing.com.
_ldap._tcp.gc._msdcs.LandenHouseComputing.com. 600 IN SRV 0 100 3268
exchange.LandenHouseComputing.com.
_ldap._tcp.Default-First-Site._sites.gc._msdcs.LandenHouseComputing.com.
600 IN SRV 0 100 3268 exchange.LandenHouseComputing.com.
gc._msdcs.LandenHouseComputing.com. 600 IN A 10.0.0.5
_gc._tcp.LandenHouseComputing.com. 600 IN SRV 0 100 3268
exchange.LandenHouseComputing.com.
_gc._tcp.Default-First-Site._sites.LandenHouseComputing.com. 600 IN SRV
0 100 3268 exchange.LandenHouseComputing.com.
LandenHouseComputing.com. 600 IN A 67.42.197.177
gc._msdcs.LandenHouseComputing.com. 600 IN A 67.42.197.177
_ldap._tcp.pdc._msdcs.LandenHouseComputing.com. 600 IN SRV 0 100 389
exchange.LandenHouseComputing.com.
LandenHouseComputing.com. 600 IN A 10.1.0.5
gc._msdcs.LandenHouseComputing.com. 600 IN A 10.1.0.5

*The exchange server itself is fully functional - it sends and receives
(Exch 2003 SP2), and I can connect locally or remotely using webmail.
ANY ideas on where to go would help.*


--
AndyLandenSr
------------------------------------------------------------------------
AndyLandenSr's Profile: http://forums.techarena.in/members/126932.htm
View this thread: http://forums.techarena.in/windows-s...lp/1234819.htm

http://forums.techarena.in