Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Error NTDS General Global Catalog 1126
Error NTDS General Global Catalog 1126 [message #159694] Tue, 04 August 2009 08:05 Go to next message
joopdog  is currently offline joopdog  United States
Messages: 8
Registered: August 2009
Junior Member
Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 8/3/2009
Time: 8:10:58 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: GBSERVER13
Description:
Active Directory was unable to establish a connection with the global
catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be
contacted.
Internal ID:
3200cf3

User Action:
Make sure a global catalog is available in the forest, and is reachable
from this domain
controller. You may use the nltest utility to diagnose this problem.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
==--==
Our server 'gbserver13' is also our second exchange server. It does not
have DNS installed. However, I keep getting this error.

I ran the following:
dcdiag /e /c /v /s:gbserver13 /f:c:\dcdiag.log

netdiag.exe /v > c:\netdiag.log

repadmin.exe /showrepl /verbose /all /intersite > c:\repl.txt

See my attachments
==--==

I would appreciate any help possible.

Thanks


+----------------------------------------------------------- --------+
|Filename: gbserver13-dcdiag.txt |
|Download: http://forums.techarena.in/attachment.php?attachmentid=9431|
+----------------------------------------------------------- --------+

--
joopdog
------------------------------------------------------------ ------------
joopdog's Profile: http://forums.techarena.in/members/121380.htm
View this thread: http://forums.techarena.in/active-directory/1226353.htm

http://forums.techarena.in
Re: Error NTDS General Global Catalog 1126 [message #159696 is a reply to message #159694] Tue, 04 August 2009 08:31 Go to previous messageGo to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello joopdog,

Please post an unedited ipconfig /all from the DCs.

Are all DCs registered in the DNS zones with A records and if DNS server
with name server record?

Can you ping between the DCs with ip address, computer name and FQDN?

Any firewall running between them, if yes, are the firewall configured according
to:
http://support.microsoft.com/kb/555381

http://technet.microsoft.com/en-us/library/bb727063.aspx

http://technet.microsoft.com/en-us/library/bb125069(EXCHG.65).aspx

http://support.microsoft.com/kb/179442/

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Event Type: Error
> Event Source: NTDS General
> Event Category: Global Catalog
> Event ID: 1126
> Date: 8/3/2009
> Time: 8:10:58 AM
> User: NT AUTHORITY\ANONYMOUS LOGON
> Computer: GBSERVER13
> Description:
> Active Directory was unable to establish a connection with the global
> catalog.
> Additional Data
> Error value:
> 1355 The specified domain either does not exist or could not be
> contacted.
> Internal ID:
> 3200cf3
> User Action:
> Make sure a global catalog is available in the forest, and is
> reachable
> from this domain
> controller. You may use the nltest utility to diagnose this problem.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> ==--==
> Our server 'gbserver13' is also our second exchange server. It does
> not
> have DNS installed. However, I keep getting this error.
> I ran the following:
> dcdiag /e /c /v /s:gbserver13 /f:c:\dcdiag.log
> netdiag.exe /v > c:\netdiag.log
>
> repadmin.exe /showrepl /verbose /all /intersite > c:\repl.txt
>
> See my attachments
> ==--==
> I would appreciate any help possible.
>
> Thanks
>
> +----------------------------------------------------------- --------+
> |Filename: gbserver13-dcdiag.txt |
> |Download:
> http://forums.techarena.in/attachment.php?attachmentid=9431|
> +----------------------------------------------------------- --------+
>
> http://forums.techarena.in
>
Re: Error NTDS General Global Catalog 1126 [message #159699 is a reply to message #159694] Tue, 04 August 2009 08:40 Go to previous messageGo to next message
Syed Khairuddin  is currently offline Syed Khairuddin  Saudi Arabia
Messages: 77
Registered: June 2009
Member
Hello,

Please run the command nltest /dsgetdc: /gc and see what
happens and also let us know number of DC and sites you have .
is your exchange server is also a DC ??

Thanks
Re: Error NTDS General Global Catalog 1126 [message #159705 is a reply to message #159699] Tue, 04 August 2009 09:34 Go to previous messageGo to next message
joopdog  is currently offline joopdog  United States
Messages: 8
Registered: August 2009
Junior Member
Syed Khairuddin;4550600 Wrote:
> Hello,
>
> Please run the command nltest /dsgetdc: /gc and see what
> happens and also let us know number of DC and sites you have .
> is your exchange server is also a DC ??
>
> Thanks

C:\>nltest /dsgetdc: /gc
DC: \\adserver.GreatBay.local
Address: \\192.168.1.60
Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
Dom Name: GreatBay.local
Forest Name: GreatBay.local
Dc Site Name: Default-First-Site
Our Site Name: Default-First-Site
Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLO
SE_SITE
The command completed successfully


--
joopdog
------------------------------------------------------------ ------------
joopdog's Profile: http://forums.techarena.in/members/121380.htm
View this thread: http://forums.techarena.in/active-directory/1226353.htm

http://forums.techarena.in
Re: Error NTDS General Global Catalog 1126 [message #159707 is a reply to message #159705] Tue, 04 August 2009 12:58 Go to previous messageGo to next message
joopdog  is currently offline joopdog  United States
Messages: 8
Registered: August 2009
Junior Member
I can not ping gbserver5 (PDC). However, I can ping adserver.

==--==
C:\>*ping gbserver5.greatbay.local*
Pinging GBSERVER5.GreatBay.local [192.168.1.14] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.14:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\>*ping adserver.greatbay.local*
Pinging adserver.GreatBay.local [192.168.1.60] with 32 bytes of data:
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.1.60:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>*nltest /dsgetdc: /gc*
DC: \\adserver.GreatBay.local
Address: \\192.168.1.60
Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
Dom Name: GreatBay.local
Forest Name: GreatBay.local
Dc Site Name: Default-First-Site
Our Site Name: Default-First-Site
Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE
The command completed successfully
==--==
I also did the following:
http://technet.microsoft.com/en-us/library/bb727063.aspx
Here is some text that you can import into the registry. It sets the AD
port to 49152 and the FRS port to 49153.
CREATE A REG FILE:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\P arameters]
"TCP/IP Port"=dword:0000c000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTFRS\ Parameters]
"RPC TCP/IP Port Assignment"=dword:0000c001

[It still doesn't work. I'm still getting EventID 1126 errors]
==--==
I am having troubles replicating over the servers. I try to do a 'force
replication', but it keeps coming back with:
The following error occurred during the attempt to contact the domain
controller GBSERVER13:
The RPC server is unavailable.
This condition may be caused by a DNS lookup problem.
==--==
Can this be a firewall issue?


--
joopdog
------------------------------------------------------------ ------------
joopdog's Profile: http://forums.techarena.in/members/121380.htm
View this thread: http://forums.techarena.in/active-directory/1226353.htm

http://forums.techarena.in
Re: Error NTDS General Global Catalog 1126 [message #159708 is a reply to message #159707] Tue, 04 August 2009 14:24 Go to previous messageGo to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello joopdog,

Please check my previous posting.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> I can not ping gbserver5 (PDC). However, I can ping adserver.
>
> ==--==
> C:\>*ping gbserver5.greatbay.local*
> Pinging GBSERVER5.GreatBay.local [192.168.1.14] with 32 bytes of data:
> Request timed out.
> Request timed out.
> Request timed out.
> Request timed out.
> Ping statistics for 192.168.1.14:
> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
> C:\>*ping adserver.greatbay.local*
> Pinging adserver.GreatBay.local [192.168.1.60] with 32 bytes of data:
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Ping statistics for 192.168.1.60:
> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
> C:\>*nltest /dsgetdc: /gc*
> DC: \\adserver.GreatBay.local
> Address: \\192.168.1.60
> Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
> Dom Name: GreatBay.local
> Forest Name: GreatBay.local
> Dc Site Name: Default-First-Site
> Our Site Name: Default-First-Site
> Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN
> DNS_FOREST CLOSE_SITE
> The command completed successfully
> ==--==
> I also did the following:
> http://technet.microsoft.com/en-us/library/bb727063.aspx
> Here is some text that you can import into the registry. It sets the
> AD
> port to 49152 and the FRS port to 49153.
> CREATE A REG FILE:
> Windows Registry Editor Version 5.00
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\P arameters]
> "TCP/IP Port"=dword:0000c000
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTFRS\ Parameters
> ] "RPC TCP/IP Port Assignment"=dword:0000c001
>
> [It still doesn't work. I'm still getting EventID 1126 errors]
> ==--==
> I am having troubles replicating over the servers. I try to do a
> 'force
> replication', but it keeps coming back with:
> The following error occurred during the attempt to contact the domain
> controller GBSERVER13:
> The RPC server is unavailable.
> This condition may be caused by a DNS lookup problem.
> ==--==
> Can this be a firewall issue?
> http://forums.techarena.in
>
Re: Error NTDS General Global Catalog 1126 [message #159711 is a reply to message #159707] Tue, 04 August 2009 16:33 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"joopdog" <joopdog.3wes3b@DoNotSpam.com> wrote in message
news:joopdog.3wes3b@DoNotSpam.com...
>
> I can not ping gbserver5 (PDC). However, I can ping adserver.
>
> ==--==
> C:\>*ping gbserver5.greatbay.local*
> Pinging GBSERVER5.GreatBay.local [192.168.1.14] with 32 bytes of data:
> Request timed out.
> Request timed out.
> Request timed out.
> Request timed out.
> Ping statistics for 192.168.1.14:
> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
>
> C:\>*ping adserver.greatbay.local*
> Pinging adserver.GreatBay.local [192.168.1.60] with 32 bytes of data:
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Ping statistics for 192.168.1.60:
> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
>
> C:\>*nltest /dsgetdc: /gc*
> DC: \\adserver.GreatBay.local
> Address: \\192.168.1.60
> Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
> Dom Name: GreatBay.local
> Forest Name: GreatBay.local
> Dc Site Name: Default-First-Site
> Our Site Name: Default-First-Site
> Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN
> DNS_FOREST CLOSE_SITE
> The command completed successfully
> ==--==
> I also did the following:
> http://technet.microsoft.com/en-us/library/bb727063.aspx
> Here is some text that you can import into the registry. It sets the AD
> port to 49152 and the FRS port to 49153.
> CREATE A REG FILE:
>
> Windows Registry Editor Version 5.00
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\P arameters]
> "TCP/IP Port"=dword:0000c000
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTFRS\ Parameters]
> "RPC TCP/IP Port Assignment"=dword:0000c001
>
> [It still doesn't work. I'm still getting EventID 1126 errors]
> ==--==
> I am having troubles replicating over the servers. I try to do a 'force
> replication', but it keeps coming back with:
> The following error occurred during the attempt to contact the domain
> controller GBSERVER13:
> The RPC server is unavailable.
> This condition may be caused by a DNS lookup problem.
> ==--==
> Can this be a firewall issue?
>


If it says a DNS lookup problem, that could be the reason. Firewall as well.
Meinolf asked for an ipconfig /all. I haven't seen your response with one.
Can you provide one from each server?

Also, according to your dcdiag, gbserver13 can't resolve the following. Are
they pingable? Does they exist in DNS under the _msdcs.GreatBay.local zone?
What servers do they reference?

01e1d963-f6cb-4088-a8d8-89cb434a2659._msdcs.GreatBay.local
8e52aa3c-c5df-42ed-a9e5-851af1cbb591._msdcs.GreatBay.local
fa0b8736-28a2-4902-b230-cf7ad083f7fe._msdcs.GreatBay.local
a7d04a11-b3b1-43cd-95ad-e88835363ef1._msdcs.GreatBay.local

So to me, it looks like a DNS lookup issue. Honestly, the ipconfigs would be
REALLY helpful to start an actual diagnose to eliminate a DNS lookup issue,
as well as your responses to my questions above.

Thank you

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Re: Error NTDS General Global Catalog 1126 [message #159712 is a reply to message #159708] Tue, 04 August 2009 17:15 Go to previous messageGo to next message
joopdog  is currently offline joopdog  United States
Messages: 8
Registered: August 2009
Junior Member
I have done all what you've asked:

PLEASE POST AN UNEDITED IPCONFIG /ALL FROM THE DCS.
IPCONFIG /ALL
GBSERVER5
C:\>ipconfig/all
Windows IP Configuration

Host Name . . . . . . . . . . . . : GBSERVER5
Primary Dns Suffix . . . . . . . : GreatBay.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : GreatBay.local

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-13-72-40-01-1B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.14
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.9
DNS Servers . . . . . . . . . . . : 192.168.1.14
Primary WINS Server . . . . . . . : 192.168.1.14
Secondary WINS Server . . . . . . : 192.168.1.108

ADVSERVER
C:\>ipconfig/all
Windows IP Configuration

Host Name . . . . . . . . . . . . : adserver
Primary Dns Suffix . . . . . . . : GreatBay.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : GreatBay.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-24-E8-52-01-DC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.60
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.6
DNS Servers . . . . . . . . . . . : 192.168.1.60
24.56.100.20
24.56.102.20
Primary WINS Server . . . . . . . : 192.168.1.14
Secondary WINS Server . . . . . . : 192.168.1.108

GBSERVER13
C:\>ipconfig/all
Windows IP Configuration

Host Name . . . . . . . . . . . . : gbserver13
Primary Dns Suffix . . . . . . . : GreatBay.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : GreatBay.local

Ethernet adapter Broadcom NetXtreme Dual Port Gigabit Ethernet Adapter
- Onboard
- Link A:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-11-43-58-6B-64
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.9
DNS Servers . . . . . . . . . . . : 192.168.1.14
192.168.1.60
Primary WINS Server . . . . . . . : 192.168.1.14
Secondary WINS Server . . . . . . : 192.168.1.108

GBSERVER1
C:\>ipconfig/all
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : gbserver1
Primary DNS Suffix . . . . . . . : GreatBay.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : GreatBay.local

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DGE-530T Gigabit Ethernet
Ada
pter
Physical Address. . . . . . . . . : 00-15-E9-A6-3C-C1
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.108
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.9
DNS Servers . . . . . . . . . . . : 192.168.1.14
Primary WINS Server . . . . . . . : 192.168.1.14
==--==
ARE ALL DCS REGISTERED IN THE DNS ZONES WITH A RECORDS AND IF DNS
SERVER
WITH NAME SERVER RECORD?

How can I check for this?
==--==
CAN YOU PING BETWEEN THE DCS WITH IP ADDRESS, COMPUTER NAME AND FQDN?
That's strange
adserver can ping gbserver5
gbserver13 cannot ping gbserver5
gbserver1 cannot ping gbserver5

I never noticed that. I just took it for granted. Why can't the server
ping gbserver5?
C:\>ping gbserver5.greatbay.local
Pinging GBSERVER5.GreatBay.local [192.168.1.14] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.14:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\>ping adserver.greatbay.local
Pinging adserver.GreatBay.local [192.168.1.60] with 32 bytes of data:
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.1.60:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>nltest /dsgetdc: /gc
DC: \\adserver.GreatBay.local
Address: \\192.168.1.60
Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
Dom Name: GreatBay.local
Forest Name: GreatBay.local
Dc Site Name: Default-First-Site
Our Site Name: Default-First-Site
Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST
CLOSE_SITE
The command completed successfully
==--==

ANY FIREWALL RUNNING BETWEEN THEM, IF YES, ARE THE FIREWALL CONFIGURED
ACCORDING TO:

http://support.microsoft.com/kb/555381

http://technet.microsoft.com/en-us/l.../bb727063.aspx

http://technet.microsoft.com/en-us/l...EXCHG.65).aspx

http://support.microsoft.com/kb/179442/

I also did the following:
http://technet.microsoft.com/en-us/l.../bb727063.aspx
Here is some text that you can import into the registry. It sets the AD
port to 49152 and the FRS port to 49153.
CREATE A REG FILE:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\NTDS\Parameters]
"TCP/IP Port"=dword:0000c000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\NTFRS\Parameters]
"RPC TCP/IP Port Assignment"=dword:0000c001

[the reg file attempt didn't work. I'm still getting EventID 1126
errors]


--
joopdog
------------------------------------------------------------ ------------
joopdog's Profile: http://forums.techarena.in/members/121380.htm
View this thread: http://forums.techarena.in/active-directory/1226353.htm

http://forums.techarena.in
Re: Error NTDS General Global Catalog 1126 [message #159714 is a reply to message #159712] Tue, 04 August 2009 18:52 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"joopdog" <joopdog.3wf37b@DoNotSpam.com> wrote in message
news:joopdog.3wf37b@DoNotSpam.com...
>
> I have done all what you've asked:
>
> PLEASE POST AN UNEDITED IPCONFIG /ALL FROM THE DCS.
> IPCONFIG /ALL
> GBSERVER5
> C:\>ipconfig/all
> Windows IP Configuration
>
> Host Name . . . . . . . . . . . . : GBSERVER5
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : Yes
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
>
> Ethernet adapter Local Area Connection 2:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
> Connection
> Physical Address. . . . . . . . . : 00-13-72-40-01-1B
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.14
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
>
> ADVSERVER
> C:\>ipconfig/all
> Windows IP Configuration
>
> Host Name . . . . . . . . . . . . : adserver
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
>
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> Physical Address. . . . . . . . . : 00-24-E8-52-01-DC
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.60
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.6
> DNS Servers . . . . . . . . . . . : 192.168.1.60
> 24.56.100.20
> 24.56.102.20
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
>
> GBSERVER13
> C:\>ipconfig/all
> Windows IP Configuration
>
> Host Name . . . . . . . . . . . . : gbserver13
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
>
> Ethernet adapter Broadcom NetXtreme Dual Port Gigabit Ethernet Adapter
> - Onboard
> - Link A:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> Physical Address. . . . . . . . . : 00-11-43-58-6B-64
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.4
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> 192.168.1.60
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
>
> GBSERVER1
> C:\>ipconfig/all
> Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : gbserver1
> Primary DNS Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : Yes
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
>
> Ethernet adapter Local Area Connection 2:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : D-Link DGE-530T Gigabit Ethernet
> Ada
> pter
> Physical Address. . . . . . . . . : 00-15-E9-A6-3C-C1
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.108
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> Primary WINS Server . . . . . . . : 192.168.1.14
> ==--==

Hello joopdog,

Thank you for posting the ipconfigs. It's greatly appreciated. I see some
anamolies that should be cleared up. Let's see...

For GBSERVER5:
- IP Routing is enabled. That means RRAS is installed, but I don't see any
interfaces. Disable RRAS in Services, please. RRAS on a DC is problematic,
same with IP routing.
- Enter 192.168.1.60 as the second DNS entry.
- Leave WINS address as is.
- Configure a WINS replication partner to 192.168.1.108


For ADVSERVER:
- Remove the ISP's DNS addresses. They are:
> 24.56.100.20
> 24.56.102.20
- Make the second DNS entry 192.168.1.14
- Change the gateway to 192.168.1.9 (like the others)


For GBSERVER13:
- Leave as is. Looks good.


For GBSERVER1:
- Make the WINS server 192.168.1.108 (only itself). This is a WINS rule that
must be followed were a WINS server can only point to itself.
- Configure a WINS replication partner to 192.168.1.14.
- IP Routing is enabled. Please disable RRAS because of the same reason for
GBSERVER5


Make the changes as suggested, please, and restart each DC that a change was
made. Then try your pings. Attempt to manually force replication in AD Sites
and Services.

Let us know your results.

Thank you,

Ace
Re: Error NTDS General Global Catalog 1126 [message #159715 is a reply to message #159714] Tue, 04 August 2009 19:10 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"Ace Fekay [MCT]" <aceman@mvps.RemoveThisPart.org> wrote in message
news:uOQXzbWFKHA.1336@TK2MSFTNGP05.phx.gbl...
> "joopdog" <joopdog.3wf37b@DoNotSpam.com> wrote in message



Oh, one more thing - Configure a Forwarder on each DNS server to your ISP's
DNS servers:
24.56.100.20
24.56.102.20

The setting is found by right-clicking the DNS server name in the DNS
console, click on Forwarders tab, and enter both IP addresses. If not sure
how, the following article will explain it. Scroll down to "Configure a
Forwarder."

HOW TO Configure DNS for Internet Access in Windows Server 2003:
http://support.microsoft.com/?id=323380

Ace
Re: Error NTDS General Global Catalog 1126 [message #159720 is a reply to message #159712] Wed, 05 August 2009 00:48 Go to previous message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello joopdog,

I second Ace's information and suggestions.

For DNS open the DNS management console and open your forward lookup zone
'Greatbay.local', here you should find for each machine it's A record and
if the machine is also DNS server a second entry named 'Nameserver'.

Of course you cna enable the firewall on each machine in the domain, personal
i would avoid this. You are in a private ip range and have a connection over
a router to the internet, because of NAT you have a kind of small firewall
with that. Only packets requested from the internal domain will pass the
gateway.

Maybe you should think about using an Cisco ASA or ISA server as firewall
device between, so the network is also secured.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> I have done all what you've asked:
>
> PLEASE POST AN UNEDITED IPCONFIG /ALL FROM THE DCS.
> IPCONFIG /ALL
> GBSERVER5
> C:\>ipconfig/all
> Windows IP Configuration
> Host Name . . . . . . . . . . . . : GBSERVER5
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : Yes
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
> Ethernet adapter Local Area Connection 2:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
> Connection
> Physical Address. . . . . . . . . : 00-13-72-40-01-1B
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.14
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
> ADVSERVER
> C:\>ipconfig/all
> Windows IP Configuration
> Host Name . . . . . . . . . . . . : adserver
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> Physical Address. . . . . . . . . : 00-24-E8-52-01-DC
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.60
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.6
> DNS Servers . . . . . . . . . . . : 192.168.1.60
> 24.56.100.20
> 24.56.102.20
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
> GBSERVER13
> C:\>ipconfig/all
> Windows IP Configuration
> Host Name . . . . . . . . . . . . : gbserver13
> Primary Dns Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
> Ethernet adapter Broadcom NetXtreme Dual Port Gigabit Ethernet Adapter
> - Onboard
> - Link A:
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> Physical Address. . . . . . . . . : 00-11-43-58-6B-64
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.4
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> 192.168.1.60
> Primary WINS Server . . . . . . . : 192.168.1.14
> Secondary WINS Server . . . . . . : 192.168.1.108
> GBSERVER1
> C:\>ipconfig/all
> Windows 2000 IP Configuration
> Host Name . . . . . . . . . . . . : gbserver1
> Primary DNS Suffix . . . . . . . : GreatBay.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : Yes
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : GreatBay.local
> Ethernet adapter Local Area Connection 2:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : D-Link DGE-530T Gigabit Ethernet
> Ada
> pter
> Physical Address. . . . . . . . . : 00-15-E9-A6-3C-C1
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.108
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.9
> DNS Servers . . . . . . . . . . . : 192.168.1.14
> Primary WINS Server . . . . . . . : 192.168.1.14
> ==--==
> ARE ALL DCS REGISTERED IN THE DNS ZONES WITH A RECORDS AND IF DNS
> SERVER
> WITH NAME SERVER RECORD?
> How can I check for this?
> ==--==
> CAN YOU PING BETWEEN THE DCS WITH IP ADDRESS, COMPUTER NAME AND FQDN?
> That's strange
> adserver can ping gbserver5
> gbserver13 cannot ping gbserver5
> gbserver1 cannot ping gbserver5
> I never noticed that. I just took it for granted. Why can't the server
> ping gbserver5?
> C:\>ping gbserver5.greatbay.local
> Pinging GBSERVER5.GreatBay.local [192.168.1.14] with 32 bytes of data:
> Request timed out.
> Request timed out.
> Request timed out.
> Request timed out.
> Ping statistics for 192.168.1.14:
> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
> C:\>ping adserver.greatbay.local
> Pinging adserver.GreatBay.local [192.168.1.60] with 32 bytes of data:
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Reply from 192.168.1.60: bytes=32 time<1ms TTL=128
> Ping statistics for 192.168.1.60:
> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
> C:\>nltest /dsgetdc: /gc
> DC: \\adserver.GreatBay.local
> Address: \\192.168.1.60
> Dom Guid: 04a62fdc-d9a6-4541-bb88-093b804e43de
> Dom Name: GreatBay.local
> Forest Name: GreatBay.local
> Dc Site Name: Default-First-Site
> Our Site Name: Default-First-Site
> Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST
> CLOSE_SITE
> The command completed successfully
> ==--==
> ANY FIREWALL RUNNING BETWEEN THEM, IF YES, ARE THE FIREWALL CONFIGURED
> ACCORDING TO:
>
> http://support.microsoft.com/kb/555381
>
> http://technet.microsoft.com/en-us/l.../bb727063.aspx
>
> http://technet.microsoft.com/en-us/l...EXCHG.65).aspx
>
> http://support.microsoft.com/kb/179442/
>
> I also did the following:
> http://technet.microsoft.com/en-us/l.../bb727063.aspx
> Here is some text that you can import into the registry. It sets the
> AD
> port to 49152 and the FRS port to 49153.
> CREATE A REG FILE:
> Windows Registry Editor Version 5.00
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
> es\NTDS\Parameters]
> "TCP/IP Port"=dword:0000c000
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
> es\NTFRS\Parameters]
> "RPC TCP/IP Port Assignment"=dword:0000c001
> [the reg file attempt didn't work. I'm still getting EventID 1126
> errors]
>
> http://forums.techarena.in
>
Previous Topic:IAS
Next Topic:Combining Domains On One Computer
Goto Forum:
  


Current Time: Tue Jan 23 16:21:25 MST 2018

Total time taken to generate the page: 0.10828 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software