Domain Controller h...
 
Bildirimler
Hepsini Temizle

Domain Controller hatası  

  RSS
Murat kose
(@muratkose)
Üye

Merhabalar,

 

2012r2 olarak Domain controller kullanmaktayız. Aşağıdaki komutları çıktı aldığım zaman bazı hatalar görmekteyim. Bu hataları nasıl giderebilirim.

dcdiag /test:dns >> c:\dnstest.txt

dcdiag /v /e >> c:\dctest.txt

 

[DOMAINCONTROLLE] DsBindWithSpnEx() failed with error 5,
Access is denied..

[domaincontroller] Directory Binding Error 5:
Access is denied.

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
* Verifying that the local machine domaincontroller, is a Directory Server.
Home Server = domaincontroller
* Connecting to directory service on server domaincontroller.
Determining IP4 connectivity
[domaincontroller] Directory Binding Error 5:
Access is denied.
This may limit some of the tests that can be performed.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DOMAINCONTROLLE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DOMAINCONTROLLE
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
[DOMAINCONTROLLE] DsBindWithSpnEx() failed with error 5,
Access is denied..
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... DOMAINCONTROLLE failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DOMAINCONTROLLE
Skipping all tests, because server DOMAINCONTROLLE is not responding to
directory service requests.
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas

Test omitted by user request: DNS
Test omitted by user request: DNS

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : Deltatrade
Starting test: CheckSDRefDom
......................... Deltatrade passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Deltatrade passed test CrossRefValidation

Running enterprise tests on : Deltatrade.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Warning: Couldn't verify this server as a PDC using DsListRoles()
PDC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Time Server Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Preferred Time Server Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
KDC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
......................... Deltatrade.local passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... Deltatrade.local passed test Intersite

 

 

Alıntı
Gönderildi : 03/04/2020 10:22
Hakan Uzuner
(@hakanuzuner)
Kıdemli Üye Yönetici

Merhaba,

Komut setini run ad admin olarak çalıştırmayı dener misiniz lütfen?

Danışman - ITSTACK Bilgi Sistemleri
****************************************************************
Probleminiz Çözüldüğünde Sonucu Burada Paylaşırsanız.
Sizde Aynı Problemi Yaşayanlar İçin Yardım Etmiş Olursunuz.
Eğer sorununuz çözüldü ise lütfen "çözüldü" olarak işaretlerseniz diğer üyeler için çok büyük kolaylık sağlayacaktır.
*****************************************************************

CevapAlıntı
Gönderildi : 03/04/2020 10:35
Murat kose
(@muratkose)
Üye

@hakanuzuner

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
* Verifying that the local machine domaincontroller, is a Directory Server.
Home Server = domaincontroller
* Connecting to directory service on server domaincontroller.
Determining IP4 connectivity
[domaincontroller] Directory Binding Error 5:
Access is denied.
This may limit some of the tests that can be performed.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DOMAINCONTROLLE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Deltatrade,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DOMAINCONTROLLE
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
[DOMAINCONTROLLE] DsBindWithSpnEx() failed with error 5,
Access is denied..
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... DOMAINCONTROLLE failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DOMAINCONTROLLE
Skipping all tests, because server DOMAINCONTROLLE is not responding to
directory service requests.
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas

Test omitted by user request: DNS
Test omitted by user request: DNS

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : Deltatrade
Starting test: CheckSDRefDom
......................... Deltatrade passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Deltatrade passed test CrossRefValidation

Running enterprise tests on : Deltatrade.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Warning: Couldn't verify this server as a PDC using DsListRoles()
PDC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Time Server Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
Preferred Time Server Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
KDC Name: \\domaincontroller.Deltatrade.local
Locator Flags: 0xe000f3fd
......................... Deltatrade.local passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... Deltatrade.local passed test Intersite

CevapAlıntı
Gönderildi : 03/04/2020 10:39
Hakan Uzuner
(@hakanuzuner)
Kıdemli Üye Yönetici

Bu hata çok genel ondan biraz çalışmanız şart, buradaki adımları tek tek kontrol edin lütfen

https://support.microsoft.com/en-us/help/2002013/active-directory-replication-error-5-access-is-denied

Bu hatanın temelde iki nedeni oluyor 

1 - DC veya DC' lerden birisi kapalı erişemiyorsunuz

2 - Yukarıdaki makaledeki gibi erişim sorunları olabilir.

dcdiag /fix deneyebilirsiniz ama önce mutlaka yedek alın.

Danışman - ITSTACK Bilgi Sistemleri
****************************************************************
Probleminiz Çözüldüğünde Sonucu Burada Paylaşırsanız.
Sizde Aynı Problemi Yaşayanlar İçin Yardım Etmiş Olursunuz.
Eğer sorununuz çözüldü ise lütfen "çözüldü" olarak işaretlerseniz diğer üyeler için çok büyük kolaylık sağlayacaktır.
*****************************************************************

CevapAlıntı
Gönderildi : 03/04/2020 10:44
Paylaş: