Hi,
I have some results from the BPA to post first. I want to resolve these issues reported in the BPA. I have recreated the child msdsc folder at least once.
Image may be NSFW.
Clik here to view.
Then I have a shot of the DNS console. As you can see there is one parent msdsc folder and two child folders one of which is greyed out.
Image may be NSFW.
Clik here to view.
Latsly I will post me DCDIAG /c results.
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SBS2011
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SBS2011
Starting test: Connectivity
......................... SBS2011 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SBS2011
Starting test: Advertising
......................... SBS2011 passed test Advertising
Starting test: CheckSecurityError
[SBS2011] No security related replication errors were found on this
DC! To target the connection to a specific source DC use
/ReplSource:<DC>.
......................... SBS2011 passed test CheckSecurityError
Starting test: CutoffServers
......................... SBS2011 passed test CutoffServers
Starting test: FrsEvent
......................... SBS2011 passed test FrsEvent
Starting test: DFSREvent
......................... SBS2011 passed test DFSREvent
Starting test: SysVolCheck
......................... SBS2011 passed test SysVolCheck
Starting test: FrsSysVol
......................... SBS2011 passed test FrsSysVol
Starting test: KccEvent
......................... SBS2011 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SBS2011 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SBS2011 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=Abbotts,DC=local
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=Abbotts,DC=local
......................... SBS2011 failed test NCSecDesc
Starting test: NetLogons
......................... SBS2011 passed test NetLogons
Starting test: ObjectsReplicated
......................... SBS2011 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... SBS2011 passed test OutboundSecureChannels
Starting test: Replications
......................... SBS2011 passed test Replications
Starting test: RidManager
......................... SBS2011 passed test RidManager
Starting test: Services
......................... SBS2011 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC0002719
Time Generated: 01/31/2013 10:00:19
Event String:
DCOM was unable to communicate with the computer abbmac.abbotts.local using any of the configured protocols.
An error event occurred. EventID: 0xC0002719
Time Generated: 01/31/2013 10:00:38
Event String:
DCOM was unable to communicate with the computer SBS2003.Abbotts.local using any of the configured protocols.
......................... SBS2011 failed test SystemLog
Starting test: Topology
......................... SBS2011 passed test Topology
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various important DN
references. Note, that these problems can be reported because of
latency in replication. So follow up to resolve the following
problems, only if the same problem is reported on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object: CN=SBS2011,OU=Domain Controllers,DC=Abbotts,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: msDFSR-ComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
LDAP Error 0x20 (32) - No Such Object.
......................... SBS2011 failed test
VerifyEnterpriseReferences
Starting test: VerifyReferences
......................... SBS2011 passed test VerifyReferences
Starting test: VerifyReplicas
......................... SBS2011 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SBS2011 passed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : Abbotts
Starting test: CheckSDRefDom
......................... Abbotts passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Abbotts passed test CrossRefValidation
Running enterprise tests on : Abbotts.local
Starting test: DNS
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107
DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12
DNS server: 2001:500:2d::d (d.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:2d::d
DNS server: 2001:500:2f::f (f.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:2f::f
DNS server: 2001:503:ba3e::2:30 (a.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:ba3e::2:30
......................... Abbotts.local passed test DNS
Starting test: LocatorCheck
......................... Abbotts.local passed test LocatorCheck
Starting test: FsmoCheck
......................... Abbotts.local passed test FsmoCheck
Starting test: Intersite
......................... Abbotts.local passed test Intersite
Can I please get some help resolving the BPA scan results. Currently the DNS seems to be working but I would like to have this setup as per best practice.