Scribd Logo
Upload

Welcome to Scribd!

  • Dcdiag

    Uploaded by

    Sreenivasan Nagappan
    136 views22 pages
    dcdiag

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    dcdiag

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    136 views22 pages

    Dcdiag

    Uploaded by

    Sreenivasan Nagappan
    dcdiag

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 22

    Dcdiag.

    exe: Domain Controller Diagnostic Tool


    This command-line tool analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, Dcdiag encapsulates detailed knowledge of how to identify abnormal behavior in the system. Dcdiag displays command output at the command line. Dcdiag consists of a framework for executing tests and a series of tests to verify different functional areas of the system. This framework selects which domain controllers are tested according to scope directives from the user, such as enterprise, site, or single server. The Dcdiag command-line tool is included when you install Windows Server 2003 Support Tools from the product CD or from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=100114 (http://go.microsoft.com/fwlink/?LinkId=62270 ). For more information about how to ). install Windows Support Tools, see Install Windows Support Tools

    Corresponding UI
    There is no corresponding user interface (UI) for this tool.

    Concepts
    All domain controllers in the same domain are peers of one another and any domain controller can make directory updates. However, given the way in which directory updates are replicated from one domain controller to another, it is possible that difficulties can arise. For example, if the necessary domain controllers are not connected by a replication topology, the appropriate domain controllers do not receive directory updates when replication occurs. Also, in order for the (Domain Controller) Locator to find a domain controller, it must have accurate information so that it can properly locate the resource. If a domain controller is incorrectly advertised, the Locator is unable to find it.

    Dcdiag Syntax
    DCDiag Syntax DCDiag uses the following syntax: dcdiag/s:DomainController [/n:NamingContext] [/u:Domain\UserName /p:{* | Password | ""}] [{/a | /e}] [{/q | /v}] [/i] [/f:LogFile] [/ferr:ErrLog] [/c [/skip:Test]] [/test:Test] [/fix] [{/h | /?}] [/ReplSource:SourceDomainController] Parameters /s:DomainController Uses DomainController as the home server. This parameter is required. It is ignored for DcPromo and RegisterInDns tests which can only be run locally. /n:NamingContext Uses NamingContext as the naming context to test. Domains may be specified in NetBIOS, DNS or distinguished name format. /u:Domain\UserName /p:{* | Password | ""} Uses Domain\UserNameDCDiag uses the process's or users default credentials. If alternate credentials are needed, use the following options to provide those credentials for binding with Password as the password. Use "" for an empty or null password, or the wildcard character ( *) to prompt for the password. /a Tests all the servers on this site. /e Tests all the servers in the entire enterprise. Overrides /a. /q Quiet. Prints only error messages. /v Verbose. Prints extended information.

    /i Ignores superfluous error messages. /fix Only affects the MachineAccount test. It causes the test to fix the SPNs (Service Principal Names) on the domain controller's Machine Account Object. /f:LogFile Redirects all output to LogFile. The /f parameter operates independently of /ferr. /ferr:ErrLog Redirects fatal error output to a separate file ErrLog. The /ferr parameter operates independently of /f. /c Comprehensive. Runs all tests except DCPromo and RegisterInDNS, including non-default tests. Optionally, can be used with /skip to skip specified tests. The following tests are not run by default: TopologyCutoffServersOutboundSecureChannels { /h | /?} Displays a syntax screen at the command prompt. /test:Test Runs only this test. The nonskippable test Connectivity is also run. Should not be run in the same command with /skip.NoteAll tests except DcPromo and RegisterInDNS must be run on computers that have been promoted to domain controller.The test CheckSecurityError is available only in the version of Dcdiag that is included with Windows Support Tools in Windows Server 2003 Service Pack 1 (SP1) and must be run on a domain controller that is running Windows Server 2003 with SP1. /ReplSource:SourceDomainController

    Option for /test:CheckSecurityError. Tests the connection between the domain controller on which you run the command and the source domain controller. SourceDomainController is the DNS name, NetBIOS name, or distinguished name of a real or potential "from" server that is represented by a real or potential connection object. DNS Syntax The new DNS tests in Windows Server 2003 SP1 use the following syntax: dcdiag /test:DNS [/DnsBasic | /DnsForwarders | /DnsDelegation | /DnsDynamicUpdate | /DnsRecordRegistration | /DnsResolveExtName [/DnsInternetName:InternetName] | /DnsAll] [/f:LogFile] [/ferr:ErrLog] /s:DomainController [/e] [/v] Parameters /test:DNS [DNS test] Performs the specified DNS test. If no test is specified, defaults to /DnsAll. /DnsBasic Performs basic DNS tests, including network connectivity, DNS client configuration, service availability, and zone existence. /DnsForwarders Performs the /DnsBasic tests, and also checks the configuration of forwarders. /DnsDelegation Performs the /DnsBasic tests, and also checks for proper delegations. /DnsDynamicUpdate Performs /DnsBasic tests, and also determines if dynamic update is enabled in the Active Directory zone. /DnsRecordRegistration Performs the /DnsBasic tests, and also checks if the address (A), canonical name (CNAME) and well-known service (SRV) resource records are registered. In addition, creates an inventory report based on the test results. /DnsResolveExtName [/DnsInternetName:InternetName] Performs the /DnsBasic tests, and also attempts to resolve InternetName. If /DnsInternetName is not specified, attempts to resolve the name www.microsoft.com. If /DnsInternetName is specified, attempts to resolve the Internet name supplied by the user. /DnsAll Performs all tests, except for the DnsResolveExtName test, and generates a report. /f:LogFile Redirects all output to LogFile. The /f parameter operates independently of /ferr. /ferr:ErrLog Redirects fatal error output to a separate file ErrLog. The /ferr parameter operates independently of /f. /s:DomainController Runs the tests against DomainController. /e

    Runs all tests specified by /test:DNS against all domain controllers in the Active Directory forest. /v Verbose. Presents extended information about successful test results, in addition to information about errors and warnings. When the /v parameter is not used, provides only error and warning information. Use the /v switch when errors or warnings are reported in the summary table.

    Dcdiag Examples
    DCDiag Examples Example 1: A normal DC In this example, you want to examine the domain controller so you can verify that it is healthy and functioning properly. Type the following at the command prompt: C:\Program Files\Support Tools>dcdiag /s:reskit-DC1 \administrator password Output similar to the following displays: Domain Controller Diagnosis

    Performing initial setup: Done gathering initial info.

    Doing initial required tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Connectivity ......................... RESKIT-DC1 passed test Connectivity

    Doing primary tests

    Testing server: Default-First-Site-Name\RESKIT-DC1

    Starting test: Replications ......................... RESKIT-DC1 passed test Replications Starting test: NCSecDesc ......................... RESKIT-DC1 passed test NCSecDesc Starting test: NetLogons ......................... RESKIT-DC1 passed test NetLogons Starting test: Advertising ......................... RESKIT-DC1 passed test Advertising Starting test: KnowsOfRoleHolders ......................... RESKIT-DC1 passed test KnowsOfRoleHolders Starting test: RidManager ......................... RESKIT-DC1 passed test RidManager Starting test: MachineAccount ......................... RESKIT-DC1 passed test MachineAccount Starting test: Services ......................... RESKIT-DC1 passed test Services Starting test: ObjectsReplicated ......................... RESKIT-DC1 passed test ObjectsReplicated Starting test: frssysvol ......................... RESKIT-DC1 passed test frssysvol Starting test: kccevent ......................... RESKIT-DC1 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:28:25

    Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:40:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:43:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:58:46 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:02:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:05:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:10:51 Event String: The time provider NtpClient is configured to ......................... RESKIT-DC1 failed test systemlog

    Running partition tests on : Schema Starting test: DeadCRTest ......................... Schema passed test DeadCRTest Starting test: CheckSDRefDom

    ......................... Schema passed test CheckSDRefDom

    Running partition tests on : Configuration Starting test: DeadCRTest ......................... Configuration passed test DeadCRTest Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom

    Running partition tests on : RESKIT-DOM Starting test: DeadCRTest ......................... RESKIT-DOM passed test DeadCRTest Starting test: CheckSDRefDom ......................... RESKIT-DOM passed test CheckSDRefDom

    Running enterprise tests on : RESKIT-DOM.reskit.com Starting test: Intersite ......................... RESKIT-DOM.reskit.com passed test Intersite Starting test: FsmoCheck ......................... RESKIT-DOM.reskit.com passed test FsmoCheck Example 2: Failed DNS registration In this example, you have noticed that one of the DCs is not replicating properly. After verifying that the DC is operational and can be pinged by IP address, use DCDiag to do an enterprise check. Type the following at the command prompt: C:\Program Files\Support Tools>dcdiag /s:reskit-DC1 \administrator password /e Output similar to the following displays: Domain Controller Diagnosis

    Performing initial setup: Done gathering initial info.

    Doing initial required tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Connectivity ......................... RESKIT-DC1 passed test Connectivity

    Testing server: Default-First-Site-Name\RESKIT-DC2 Starting test: Connectivity The host 7594898c-8ba4-4496-a01a-b0f2cadd28a6._msdcs.RESKITDOM.reskit.com could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (7594898c-8ba4-4496-a01a-b0f2cadd28a6._msdcs.RESKIT-DOM.reskit.com) couldn't be resolved, the server name (reskit-DC2.reskit-sib.RESKIT-DOM.reskit.com) resolved to the IP address (172.26.220.34) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... RESKIT-DC2 failed test Connectivity

    Doing primary tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Replications

    [Replications Check,RESKIT-DC1] A recent replication attempt failed: From RESKIT-DC2 to RESKIT-DC1 Naming Context: CN=Configuration,DC=RESKIT-DOM,DC=reskit,DC=com The replication generated an error (1722): The RPC server is unavailable. The failure occurred at 2001-12-21 02:19:04. The last success occurred at 2001-12-21 01:57:43. 1 failures have occurred since the last success. The source remains down. Please check the machine. ......................... RESKIT-DC1 passed test Replications Starting test: NCSecDesc ......................... RESKIT-DC1 passed test NCSecDesc Starting test: NetLogons ......................... RESKIT-DC1 passed test NetLogons Starting test: Advertising ......................... RESKIT-DC1 passed test Advertising Starting test: KnowsOfRoleHolders ......................... RESKIT-DC1 passed test KnowsOfRoleHolders Starting test: RidManager ......................... RESKIT-DC1 passed test RidManager Starting test: MachineAccount ......................... RESKIT-DC1 passed test MachineAccount Starting test: Services ......................... RESKIT-DC1 passed test Services Starting test: ObjectsReplicated

    ......................... RESKIT-DC1 passed test ObjectsReplicated Starting test: frssysvol ......................... RESKIT-DC1 passed test frssysvol Starting test: kccevent ......................... RESKIT-DC1 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:28:25 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:40:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:43:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:58:46 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:02:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:05:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D

    Time Generated: 12/21/2001 02:10:51 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:13:51 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:18:58 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:21:58 Event String: The time provider NtpClient is configured to ......................... RESKIT-DC1 failed test systemlog

    Testing server: Default-First-Site-Name\RESKIT-DC2 Skipping all tests, because server RESKIT-DC2 is not responding to directory service requests

    Running partition tests on : Schema Starting test: DeadCRTest ......................... Schema passed test DeadCRTest Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom

    Running partition tests on : Configuration Starting test: DeadCRTest

    ......................... Configuration passed test DeadCRTest Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom

    Running partition tests on : RESKIT-DOM Starting test: DeadCRTest ......................... RESKIT-DOM passed test DeadCRTest Starting test: CheckSDRefDom ......................... RESKIT-DOM passed test CheckSDRefDom

    Running partition tests on : reskit-sib Starting test: DeadCRTest ......................... reskit-sib passed test DeadCRTest Starting test: CheckSDRefDom ......................... reskit-sib passed test CheckSDRefDom

    Running enterprise tests on : RESKIT-DOM.reskit.com Starting test: Intersite ......................... RESKIT-DOM.reskit.com passed test Intersite Starting test: FsmoCheck ......................... RESKIT-DOM.reskit.com passed test FsmoCheck Example 3: Failed Netlogon Service In this example, the Netlogon Service has failed on one of the domain controllers. To troubleshoot, type the following command: C:\Program Files\Support Tools>dcdiag /s:reskit-DC1 \administrator password Output similar to the following displays:

    Domain Controller Diagnosis

    Performing initial setup: Done gathering initial info.

    Doing initial required tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Connectivity ......................... RESKIT-DC1 passed test Connectivity

    Doing primary tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Replications ......................... RESKIT-DC1 passed test Replications Starting test: NCSecDesc ......................... RESKIT-DC1 passed test NCSecDesc Starting test: NetLogons ......................... RESKIT-DC1 passed test NetLogons Starting test: Advertising Fatal Error:DsGetDcName (RESKIT-DC1) call failed, error 1722 The Locator could not find the server. ......................... RESKIT-DC1 failed test Advertising Starting test: KnowsOfRoleHolders

    ......................... RESKIT-DC1 passed test KnowsOfRoleHolders Starting test: RidManager ......................... RESKIT-DC1 passed test RidManager Starting test: MachineAccount ......................... RESKIT-DC1 passed test MachineAccount Starting test: Services NETLOGON Service is stopped on [RESKIT-DC1] ......................... RESKIT-DC1 failed test Services Starting test: ObjectsReplicated ......................... RESKIT-DC1 passed test ObjectsReplicated Starting test: frssysvol ......................... RESKIT-DC1 passed test frssysvol Starting test: kccevent ......................... RESKIT-DC1 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:28:25 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:40:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:43:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D

    Time Generated: 12/21/2001 01:58:46 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:02:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:05:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:10:51 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:13:51 Event String: The time provider NtpClient is configured to ......................... RESKIT-DC1 failed test systemlog

    Running partition tests on : Schema Starting test: DeadCRTest ......................... Schema passed test DeadCRTest Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom

    Running partition tests on : Configuration Starting test: DeadCRTest ......................... Configuration passed test DeadCRTest

    Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom

    Running partition tests on : RESKIT-DOM Starting test: DeadCRTest ......................... RESKIT-DOM passed test DeadCRTest Starting test: CheckSDRefDom ......................... RESKIT-DOM passed test CheckSDRefDom

    Running enterprise tests on : RESKIT-DOM.reskit.com Starting test: Intersite ......................... RESKIT-DOM.reskit.com passed test Intersite Starting test: FsmoCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1717 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1717 A Primary Domain Controller could not be located. The server holding the PDC role is down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1717 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1717 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1717 A KDC could not be located - All the KDCs are down.

    ......................... RESKIT-DOM.reskit.com failed test FsmoCheck Example 4: Unresponsive or inaccessible server In this example, you have noticed replication problems. To resolve the issue, type the following at the command line: C:\Program Files\Support Tools>dcdiag /s:reskit-DC1 \administrator password /e Output similar to the following displays: Domain Controller Diagnosis

    Performing initial setup: Done gathering initial info.

    Doing initial required tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Connectivity ......................... RESKIT-DC1 passed test Connectivity

    Testing server: Default-First-Site-Name\RESKIT-DC2 Starting test: Connectivity Server RESKIT-DC2 resolved to this IP address 172.26.220.34, but the address couldn't be reached(pinged), so check the network. The error returned was: Error due to lack of resources. This error more often means that the targeted server is shutdown or disconnected from the network ......................... RESKIT-DC2 failed test Connectivity

    Doing primary tests

    Testing server: Default-First-Site-Name\RESKIT-DC1 Starting test: Replications [Replications Check,RESKIT-DC1] A recent replication attempt failed: From RESKIT-DC2 to RESKIT-DC1 Naming Context: CN=Configuration,DC=RESKIT-DOM,DC=reskit,DC=com The replication generated an error (1722): The RPC server is unavailable. The failure occurred at 2001-12-21 02:19:04. The last success occurred at 2001-12-21 01:57:43. 1 failures have occurred since the last success. The source remains down. Please check the machine. ......................... RESKIT-DC1 passed test Replications Starting test: NCSecDesc ......................... RESKIT-DC1 passed test NCSecDesc Starting test: NetLogons ......................... RESKIT-DC1 passed test NetLogons Starting test: Advertising ......................... RESKIT-DC1 passed test Advertising Starting test: KnowsOfRoleHolders ......................... RESKIT-DC1 passed test KnowsOfRoleHolders Starting test: RidManager ......................... RESKIT-DC1 passed test RidManager Starting test: MachineAccount

    ......................... RESKIT-DC1 passed test MachineAccount Starting test: Services ......................... RESKIT-DC1 passed test Services Starting test: ObjectsReplicated ......................... RESKIT-DC1 passed test ObjectsReplicated Starting test: frssysvol ......................... RESKIT-DC1 passed test frssysvol Starting test: kccevent ......................... RESKIT-DC1 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:28:25 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:40:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:43:30 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 01:58:46 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:02:11 Event String: The time provider NtpClient is configured to

    An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:05:11 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:10:51 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:13:51 Event String: The time provider NtpClient is configured to An Error Event occured. EventID: 0xC25A001D Time Generated: 12/21/2001 02:18:58 Event String: The time provider NtpClient is configured to ......................... RESKIT-DC1 failed test systemlog

    Testing server: Default-First-Site-Name\RESKIT-DC2 Skipping all tests, because server RESKIT-DC2 is not responding to directory service requests

    Running partition tests on : Schema Starting test: DeadCRTest ......................... Schema passed test DeadCRTest Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom

    Running partition tests on : Configuration

    Starting test: DeadCRTest ......................... Configuration passed test DeadCRTest Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom

    Running partition tests on : RESKIT-DOM Starting test: DeadCRTest ......................... RESKIT-DOM passed test DeadCRTest Starting test: CheckSDRefDom ......................... RESKIT-DOM passed test CheckSDRefDom

    Running partition tests on : reskit-sib Starting test: DeadCRTest ......................... reskit-sib passed test DeadCRTest Starting test: CheckSDRefDom ......................... reskit-sib passed test CheckSDRefDom

    Running enterprise tests on : RESKIT-DOM.reskit.com Starting test: Intersite ......................... RESKIT-DOM.reskit.com passed test Intersite Starting test: FsmoCheck ......................... RESKIT-DOM.reskit.com passed test FsmoCheck

    You might also like