Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Exchange2010 server not communicating with PDC

Status
Not open for further replies.

jgeekw

Technical User
Dec 30, 2009
8
US
After moving virtual server to a new VM manager, our Exchange2010 server is now not communicating with our PDC. users are not able to authenticate in Outlook to the PDC because of this. Email has been down for atleast 12 hours. See the below dcdiag log file. Any help would be spectacular!


Directory Server Diagnosis


Performing initial setup:

Trying to find home server...

Home Server = Exchange2010

* Identified AD Forest.
[AD01] LDAP bind failed with error 8341,

A directory service error has occurred..
Got error while checking if the DC is using FRS or DFSR. Error:

A directory service error has occurred.The VerifyReferences, FrsEvent and

DfsrEvent tests might fail because of this error.

Done gathering initial info.


Doing initial required tests


Testing server: Default-First-Site-Name\EXCHANGE2010

Starting test: Connectivity

......................... EXCHANGE2010 passed test Connectivity



Doing primary tests


Testing server: Default-First-Site-Name\EXCHANGE2010

Starting test: Advertising

......................... EXCHANGE2010 passed test Advertising

Starting test: FrsEvent

......................... EXCHANGE2010 passed test FrsEvent

Starting test: DFSREvent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.
......................... EXCHANGE2010 failed test DFSREvent

Starting test: SysVolCheck

......................... EXCHANGE2010 passed test SysVolCheck

Starting test: KccEvent

A warning event occurred. EventID: 0x8000072D

Time Generated: 01/27/2011 12:48:53

Event String:

An attempt to transfer the operations master role represented by the following object failed.


......................... EXCHANGE2010 passed test KccEvent

Starting test: KnowsOfRoleHolders

[AD01] DsBindWithSpnEx() failed with error -2146893022,

The target principal name is incorrect..
Warning: AD01 is the Schema Owner, but is not responding to DS RPC

Bind.

Warning: AD01 is the Schema Owner, but is not responding to LDAP Bind.

Warning: AD01 is the Domain Owner, but is not responding to DS RPC

Bind.

Warning: AD01 is the Domain Owner, but is not responding to LDAP Bind.

Warning: AD01 is the PDC Owner, but is not responding to DS RPC Bind.

Warning: AD01 is the PDC Owner, but is not responding to LDAP Bind.

Warning: AD01 is the Rid Owner, but is not responding to DS RPC Bind.

Warning: AD01 is the Rid Owner, but is not responding to LDAP Bind.

Warning: AD01 is the Infrastructure Update Owner, but is not

responding to DS RPC Bind.

Warning: AD01 is the Infrastructure Update Owner, but is not

responding to LDAP Bind.

......................... EXCHANGE2010 failed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... EXCHANGE2010 passed test MachineAccount

Starting test: NCSecDesc

......................... EXCHANGE2010 passed test NCSecDesc

Starting test: NetLogons

[EXCHANGE2010] User credentials does not have permission to perform

this operation.

The account used for this test must have network logon privileges

for this machine's domain.

......................... EXCHANGE2010 failed test NetLogons

Starting test: ObjectsReplicated

......................... EXCHANGE2010 passed test ObjectsReplicated

Starting test: Replications

[Replications Check,EXCHANGE2010] A recent replication attempt failed:

From AD01 to EXCHANGE2010

Naming Context: CN=Schema,CN=Configuration,DC=corp,DC=prvt

The replication generated an error (-2146893022):

The target principal name is incorrect.

The failure occurred at 2011-01-27 12:51:45.

The last success occurred at 2010-06-13 21:54:08.

24 failures have occurred since the last success.

[Replications Check,EXCHANGE2010] A recent replication attempt failed:

From AD01 to EXCHANGE2010

Naming Context: CN=Configuration,DC=corp,DC=prvt

The replication generated an error (-2146893022):

The target principal name is incorrect.

The failure occurred at 2011-01-27 12:51:45.

The last success occurred at 2010-06-13 21:54:08.

24 failures have occurred since the last success.

[Replications Check,EXCHANGE2010] A recent replication attempt failed:

From AD01 to EXCHANGE2010

Naming Context: DC=corp,DC=prvt

The replication generated an error (-2146893022):

The target principal name is incorrect.

The failure occurred at 2011-01-27 12:51:45.

The last success occurred at 2010-06-13 22:06:36.

26 failures have occurred since the last success.

......................... EXCHANGE2010 failed test Replications

Starting test: RidManager

......................... EXCHANGE2010 failed test RidManager

Starting test: Services

Could not open NTDS Service on EXCHANGE2010, error 0x5

"Access is denied."

......................... EXCHANGE2010 failed test Services

Starting test: SystemLog

An error event occurred. EventID: 0x0000041F

Time Generated: 01/27/2011 12:21:52

Event String:

The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:


An error event occurred. EventID: 0xC00038D6

Time Generated: 01/27/2011 12:21:59

Event String:

The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.

A warning event occurred. EventID: 0x000003F6

Time Generated: 01/27/2011 12:22:00

Event String:

Name resolution for the name corp.prvt timed out after none of the configured DNS servers responded.

An error event occurred. EventID: 0xC00038D6

Time Generated: 01/27/2011 12:22:15

Event String:

The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:22:15

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was ldap/AD01.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:22:16

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was DNS/ad01.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

A warning event occurred. EventID: 0x000003F6

Time Generated: 01/27/2011 12:22:16

Event String:

Name resolution for the name corp.prvt timed out after none of the configured DNS servers responded.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:22:53

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was CORP\AD01$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:24:24

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was E3514235-4B06-11D1-AB04-00C04FC2DCD2/29cc8033-0130-4260-8b63-df1e8c800dbe/corp.prvt@corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

A warning event occurred. EventID: 0x000727AA

Time Generated: 01/27/2011 12:24:46

Event String:

The WinRM service failed to create the following SPNs: WSMAN/Exchange2010.corp.prvt; WSMAN/Exchange2010.


A warning event occurred. EventID: 0x00000018

Time Generated: 01/27/2011 12:26:33

Event String:

Time Provider NtpClient: No valid response has been received from domain controller AD01.corp.prvt after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. The error was: The client fails authenticating a response with a bad signature.

A warning event occurred. EventID: 0x00000018

Time Generated: 01/27/2011 12:26:33

Event String:

Time Provider NtpClient: No valid response has been received from domain controller AD01.corp.prvt after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. The error was: The client fails authenticating a response with a bad signature.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:36

Event String:

Driver Dell Laser MFP 1815 PCL 6 required for printer Dell Laser MFP 1815 PCL 6 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:37

Event String:

Driver Canon iR C3220 PS3 required for printer Canon iR C3220 PS3 (Copy 1) is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:38

Event String:

Driver Canon iR C3220 PS3 required for printer Canon iR C3220 PS3 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:38

Event String:

Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:39

Event String:

Driver HP LaserJet III required for printer eCopy Desktop Printer BW is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:40

Event String:

Driver HP Color LaserJet required for printer eCopy Desktop Printer Color is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:41

Event String:

Driver Amyuni Document Converter 2.50 required for printer Epic PDF Creator is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:43

Event String:

Driver Test Fax Driver required for printer BroadFax Capture 7 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:44

Event String:

Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:44

Event String:

Driver ActiveTouch Document Loader required for printer ActiveTouch Document Loader is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:47

Event String:

Driver FAXability required for printer FAXability is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:48

Event String:

Driver HP LaserJet 4000 Series PCL6 required for printer HP LaserJet 4000 Series PCL6 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:49

Event String:

Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:49

Event String:

Driver Amyuni Document Converter 2.50 required for printer ConceptOne PDF Creator 2.50 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:50

Event String:

Driver Canon iR2200-3300 PCL5e required for printer !!tera!IMMIBack is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:50

Event String:

Driver Canon iR2200-3300 PCL5e required for printer !!Tera!EXECanon is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 01/27/2011 12:35:51

Event String:

Driver Canon iR8070 PCL6 required for printer !!tera!Canon iR8070 Fishbowl is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:36:21

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was LDAP/29CC8033-0130-4260-8B63-DF1E8C800DBE._msdcs.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:36:50

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was ldap/AD01.corp.prvt/ForestDnsZones.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:36:50

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was ldap/AD01.corp.prvt/DomainDnsZones.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:36:56

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was cifs/AD01.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x00000422

Time Generated: 01/27/2011 12:36:56

Event String:

The processing of Group Policy failed. Windows attempted to read the file \\corp.prvt\sysvol\corp.prvt\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:


An error event occurred. EventID: 0x00000422

Time Generated: 01/27/2011 12:46:58

Event String:

The processing of Group Policy failed. Windows attempted to read the file \\corp.prvt\sysvol\corp.prvt\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:


An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:53:13

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was ldap/ad01.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

An error event occurred. EventID: 0x40000004

Time Generated: 01/27/2011 12:53:13

Event String:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ad01$. The target name used was LDAP/29cc8033-0130-4260-8b63-df1e8c800dbe._msdcs.corp.prvt. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (CORP.PRVT) is different from the client domain (CORP.PRVT), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

......................... EXCHANGE2010 failed test SystemLog

Starting test: VerifyReferences

......................... EXCHANGE2010 passed test VerifyReferences



Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation


Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation


Running partition tests on : corp

Starting test: CheckSDRefDom

......................... corp passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... corp passed test CrossRefValidation


Running enterprise tests on : corp.prvt

Starting test: LocatorCheck

......................... corp.prvt passed test LocatorCheck

Starting test: Intersite

......................... corp.prvt passed test Intersite

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top