Collect diagnostic information on DCs:
netdiag /v
dcdiag /v
repadmin /replsum
dcdiag /test:Connectivity /e /v /f:c:\DCDIAG\dnsConnectivity.log
dcdiag /test:Replications /e /v /f:c:\DCDIAG\dnsReplications.log
dcdiag /test:Topology /e /v /f:c:\DCDIAG\dnsTopology.log
dcdiag /test:CutoffServers /e /v /f:c:\DCDIAG\dnsCutoffServers.log
dcdiag /test:NCSecDesc /e /v /f:c:\DCDIAG\dnsNCSecDesc.log
dcdiag /test:NetLogons /e /v /f:c:\DCDIAG\dnsNetLogons.log
dcdiag /test:Advertising /e /v /f:c:\DCDIAG\dnsAdvertising.log
dcdiag /test:KnowsOfRoleHolders /e /v /f:c:\DCDIAG\dnsKnowsOfRoleHolders.log
dcdiag /test:Intersite /e /v /f:c:\DCDIAG\dnsIntersite.log
dcdiag /test:FsmoCheck /e /v /f:c:\DCDIAG\dnsFsmoCheck.log
dcdiag /test:RidManager /e /v /f:c:\DCDIAG\dnsRidManager.log
dcdiag /test:MachineAccount /e /v /f:c:\DCDIAG\dnsMachineAccount.log
dcdiag /test:Services /e /v /f:c:\DCDIAG\dnsServices.log
dcdiag /test:OutboundSecureChannels /e /v /f:c:\DCDIAG\dnsOutboundSecureChannels.log
dcdiag /test:ObjectsReplicated /e /v /f:c:\DCDIAG\dnsObjectsReplicated.log
dcdiag /test:frssysvol /e /v /f:c:\DCDIAG\dnsfrssysvol.log
dcdiag /test:frsevent /e /v /f:c:\DCDIAG\dnsfrsevent.log
dcdiag /test:kccevent /e /v /f:c:\DCDIAG\dnskccevent.log
dcdiag /test:systemlog /e /v /f:c:\DCDIAG\dnssystemlog.log
dcdiag /test:RegisterInDNS /DnsDomain:nrdc.net /e /v /f:c:\DCDIAG\dnsRegisterinDNS.log
dcdiag /test:CrossRefValidation /e /v /f:c:\DCDIAG\dnsCrossRefValidation.log
dcdiag /test:CheckDRefDom /e /v /f:c:\DCDIAG\dnsCheckDRefDom.log
dcdiag /test:VerifyReplicas /e /v /f:c:\DCDIAG\dnsVerifyReplicas.log
dcdiag /test:VerifyReferences /e /v /f:c:\DCDIAG\dnsVerifyReferences.log
dcdiag /test:VerifyEnterpriseReferences /e /v /f:c:\DCDIAG\dnsVerifyEnterpriseReferences.log
dcdiag /test:CheckSecurityError /e /v /f:c:\DCDIAG\dnsCheckSecurityError.log
dcdiag /test:DNS /e /v /f:c:\DCDIAG\dnsDNS.log
=======================================================
Force Domain Replication:
1- repadmin /syncall OR Repadmin /syncall ABCdc /APed
2- then run dcdiag
3- In the Allow Dynamic Updates box, click Yes.
4- Stop and then restart the Netlogon service on YourDomainController.
Check below services , start if not running:
file replication
windows time
netlogon
=======================================================
Configure Time on windows 3002 domain:
ntdsutil
roles
connections
connect to server ABCdc
q
Select operation target
List roles for connected server
-----------------
OR
-----------------
netdom query /domain:ABC.bh.com fsmo
net time /querysntp
w32tm /config /manualpeerlist:172.16.1.135 /syncfromflags:MANUAL
net time /querysntp
net stop w32time && net start w32time
w32tm /config /update
net time /querysntp
-----------
Show replication:
repadmin.exe /showrepl shows the replication-status for the domain controller the tool are being run from.
repadmin.exe /showrepl servername shows the replication-status for the domain controller with the provided servername,
repadmin.exe /queue shows the replication-queue for the domain controller the tool are being run from.
repadmin.exe /queue servername shows the replication-queue for the domain controller with the provided servername,
repadmin.exe /replsummary shows a brief summary of the replication status.
------------
Reset Group Policy on client#
DEL /S /F /Q
"%ALLUSERSPROFILE%\Application Data\Microsoft\Group
Policy\History\*.*"
gpupdate
/force
No comments:
Post a Comment