原文链接:http://blog.51cto.com/491033/2349492

Domain Controller Diagnosis

Performing initial setup: 初始化安装:

  • Verifying that the local machine test-w301, is a DC. 检验目标主机test-w301,是一台DC
  • Connecting to directory service on server test-w301. 连接test-w301的目录服务
  • Collecting site info. 收集站点信息
  • Identifying all servers. 识别所有服务器
  • Identifying all NC cross-refs.
  • Found 2 DC(s). Testing 1 of them. 找到两台DC,并检测其中一台
    Done gathering initial info. 完成初始化信息收集

Doing initial required tests执行初始化测试

Testing server: Default-First-Site-Name\TEST-W301 测试服务器:Default-First-Site-Name\TEST-W301
Starting test: Connectivity 开始测试:连通性

  • Active Directory LDAP Services Check 活动目录LDAP服务检测
  • Active Directory RPC Services Check 活动目录RPC服务检测
    ......................... TEST-W301 passed test Connectivity TEST-W301连通性检测通过

Doing primary tests 执行主要测试

Testing server: Default-First-Site-Name\TEST-W301测试服务器:Default-First-Site-Name\TEST-W301
Starting test: Replications开始测试:复制

  • Replications Check复制检测
  • Replication Latency Check潜在性复制检测
  • Replication Site Latency Check
    ......................... TEST-W301 passed test Replications
    Test omitted by user request: Topology
    Test omitted by user request: CutoffServers
    Starting test: NCSecDesc
  • Security Permissions check for all NC's on DC TEST-W301.
  • Security Permissions Check for
    DC=ForestDnsZones,DC=test,DC=com
    (NDNC,Version 2)
  • Security Permissions Check for
    DC=DomainDnsZones,DC=test,DC=com
    (NDNC,Version 2)
  • Security Permissions Check for
    CN=Schema,CN=Configuration,DC=test,DC=com
    (Schema,Version 2)
  • Security Permissions Check for
    CN=Configuration,DC=test,DC=com
    (Configuration,Version 2)
  • Security Permissions Check for
    DC=test,DC=com
    (Domain,Version 2)
    ......................... TEST-W301 passed test NCSecDesc
    Starting test: NetLogons开始测试:网络登录
  • Network Logons Privileges Check网络登录检测
    Verified share \TEST-W301\netlogon
    Verified share \TEST-W301\sysvol
    ......................... TEST-W301 passed test NetLogons TEST-W301通过网络登录测试
    Starting test: Advertising开始测试:宣告
    The DC TEST-W301 is advertising itself as a DC and having a DS.域控制器宣告自己是一台域控制器同时拥有目录服
    The DC TEST-W301 is advertising as an LDAP server域控制器宣告是一台LDAP服务器
    The DC TEST-W301 is advertising as having a writeable directory域控制器宣告拥有可写的目录
    The DC TEST-W301 is advertising as a Key Distribution Center域控制器宣告自己是一台密钥分发中心(KDC)
    The DC TEST-W301 is advertising as a time server域控制器宣告自己是一台时间服务器
    The DS TEST-W301 is advertising as a GC. 域控制器宣告自己是一台全局编录服务器
    ......................... TEST-W301 passed test Advertising TEST-W301通过宣告测试
    Starting test: KnowsOfRoleHolders开始测试:角色分配
    Role Schema Owner = CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com
    架构主机角色
    Role Domain Owner = CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com
    域命名角色
    Role PDC Owner = CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com
    PDC主机角色
    Role Rid Owner = CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com
    Rid主机角色
    Role Infrastructure Update Owner = CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com
    结构主机角色
    ......................... TEST-W301 passed test KnowsOfRoleHolders TEST-W301通过角色分配测试
    Starting test: RidManager开始测试:Rid管理
  • Available RID Pool for the Domain is 2103 to 1073741823 域控制器可用的RID地址池从2103至1073741823
  • test-w301.test.com is the RID Master test-w301.test.com为RID主机
  • DsBind with RID Master was successful 与RID主机绑定成功
  • rIDAllocationPool is 1103 to 1602 RID分配地址池从1103至1602
  • rIDPreviousAllocationPool is 1103 to 1602 RID之前分配池从1103至1602
  • rIDNextRID: 1107 RID下一个分配地址是1107
    ......................... TEST-W301 passed test RidManager TEST-W301通过RID管理测试
    Starting test: MachineAccount开始测试:机器帐户
    Checking machine account for DC TEST-W301 on DC TEST-W301.
  • SPN found :LDAP/test-w301.test.com/test.com
  • SPN found :LDAP/test-w301.test.com
  • SPN found :LDAP/TEST-W301
  • SPN found :LDAP/test-w301.test.com/TEST
  • SPN found :LDAP/798338cd-9c44-4051-a1c2-2ff3e45dd480._msdcs.test.com
  • SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/798338cd-9c44-4051-a1c2-2ff3e45dd480/test.com
  • SPN found :HOST/test-w301.test.com/test.com
  • SPN found :HOST/test-w301.test.com
  • SPN found :HOST/TEST-W301
  • SPN found :HOST/test-w301.test.com/TEST
  • SPN found :GC/test-w301.test.com/test.com
    ......................... TEST-W301 passed test MachineAccount TEST-W301通过机器帐户测试
    Starting test: Services开始测试:服务
  • Checking Service: Dnscache
  • Checking Service: NtFrs
  • Checking Service: IsmServ
  • Checking Service: kdc
  • Checking Service: SamSs
  • Checking Service: LanmanServer
  • Checking Service: LanmanWorkstation
  • Checking Service: RpcSs
  • Checking Service: w32time
  • Checking Service: NETLOGON
    ......................... TEST-W301 passed test Services TEST-W301通过服务测试
    Test omitted by user request: OutboundSecureChannels测试用户请求:对外安全通道
    Starting test: ObjectsReplicated 开始测试:对象复制
    TEST-W301 is in domain DC=test,DC=com
    Checking for CN=TEST-W301,OU=Domain Controllers,DC=test,DC=com in domain DC=test,DC=com on 1 servers
    Object is up-to-date on all servers.
    Checking for CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com in domain

CN=Configuration,DC=test,DC=com on 1 servers
Object is up-to-date on all servers.
以上二项检测域中是否存在TEST-W301的信息,并且是否与所有的服务器进行同步
......................... TEST-W301 passed test ObjectsReplicated TEST-W301通过对象复制测试
Starting test: frssysvol开始测试:SYSVOL目录的文件复制服务

  • The File Replication Service SYSVOL ready test SYSVOL目录的文件复制服务准备测试
    File Replication Service's SYSVOL is ready SYSVOL目录的文件复制服务准备就绪
    ......................... TEST-W301 passed test frssysvol TEST-W301通过SYSVOL目录的文件复制服务测试
    Starting test: frsevent开始测试:文件复制服务的日志
  • The File Replication Service Event log test 文件复制服务的日志测试
    ......................... TEST-W301 passed test frsevent TEST-W301通过文件复制服务的日志测试
    Starting test: kccevent开始测试:KCC日志
  • The KCC Event log test KCC日志测试
    Found no KCC errors in Directory Service Event log in the last 15 minutes.15分钟之内在目录服务日志中未发现KCC错误
    ......................... TEST-W301 passed test kccevent TEST-W301通过KCC日志测试
    Starting test: systemlog 开始测试:系统日志
  • The System Event log test 系统日志测试
    Found no errors in System Event log in the last 60 minutes. 60分钟内在系统日志中未发现错误
    ......................... TEST-W301 passed test systemlog TEST-W301通过系统日志测试
    Test omitted by user request: VerifyReplicas 忽略用户请求:复制校验
    Starting test: VerifyReferences 开始测试:校验参考
    The system object reference (serverReference) CN=TEST-W301,OU=Domain Controllers,DC=test,DC=com and backlink on CN=TEST-

W301,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=test,DC=com are correct.
系统对象参考(服务器参考)
The system object reference (frsComputerReferenceBL) CN=TEST-W301,CN=Domain System Volume (SYSVOL share),CN=File Replication

Service,CN=System,DC=test,DC=com and backlink on CN=TEST-W301,OU=Domain Controllers,DC=test,DC=com are correct.
The system object reference (serverReferenceBL) CN=TEST-W301,CN=Domain System Volume (SYSVOL share),CN=File Replication

Service,CN=System,DC=test,DC=com and backlink on CN=NTDS Settings,CN=TEST-W301,CN=Servers,CN=Default-First-Site-

Name,CN=Sites,CN=Configuration,DC=test,DC=com are correct.
......................... TEST-W301 passed test VerifyReferences TEST-W301通过校验参考测试
Test omitted by user request: VerifyEnterpriseReferences忽略用户请求:企业参考校验
Test omitted by user request: CheckSecurityError忽略用户请求:检查安全错误

Running partition tests on : ForestDnsZones 运行分区测试在:森林DNS区域
Starting test: CroefValidation
......................... ForestDnsZones passed test Cro
efValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones 运行分区测试在:域DNS区域
Starting test: CroefValidation
......................... DomainDnsZones passed test Cro
efValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema 运行分区测试在:架构
Starting test: CroefValidation
......................... Schema passed test Cro
efValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration 运行分区测试在:配置
Starting test: CroefValidation
......................... Configuration passed test Cro
efValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : test 运行分区测试在:test
Starting test: CroefValidation
......................... test passed test Cro
efValidation
Starting test: CheckSDRefDom
......................... test passed test CheckSDRefDom

Running enterprise tests on : test.com 运行企业测试在:test.com
Starting test: Intersite开始测试:内部站点
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided.
......................... test.com passed test Intersite
Starting test: FsmoCheck 开始测试:FSMO检测
GC Name: \test-w301.test.com 全局编录名
Locator Flags: 0xe00003fd 位置标志
PDC Name: \test-w301.test.com PDC主机名
Locator Flags: 0xe00003fd 位置标志
Time Server Name: \test-w301.test.com 时间服务器名
Locator Flags: 0xe00003fd 位置标志 Preferred Time Server Name: \test-w301.test.com 首选时间服务器名
Locator Flags: 0xe00003fd 位置标志
KDC Name: \test-w301.test.com 密钥分配中心名
Locator Flags: 0xe00003fd位置标志
......................... test.com passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS

转载于:https://blog.51cto.com/491033/2349492


 

服务投诉 | 微信公众平台 | 站长工具 | IT外包服务 | IT外包 |深圳IT外包 | IT服务外包 | 北京IT外包 | 杭州IT外包 | 天津IT外包 | IT外包公司 | 无线覆盖 | 虚拟化 | 北京无线覆盖 | 信诺IT外包

Copyright © 2005~2021 Grandtec All Right Reserved .备案号:粤ICP备09111491号

常年法律顾问:香港马杰律师行  深圳灵泉律师事务所

Powered by PageAdmin CMS Free Version