question

TheWileyOne-9784 avatar image
0 Votes"
TheWileyOne-9784 asked JiaYou-MSFT edited

my Server 2016 Essentials machine is hosed

I recently performed a clean install of WSE 2016 and it has never worked.
The hardware is a new HP Envy TE-01-1 with i7-10700F CPU at 2.90 GHz, 8 cores, 16 threads, and 32GB Ram.
It came with Windows 10 Home, so it is not a true server, and many device drivers don't exist because the hardware is newer than the software. But, it seems to me that there is enough active hardware for Server 2016 to operate. I am not trying to run any virtual machines.

When I run System Information, the System Name displays as Win-9LUPAQIOPFM, a name that I am unfamiliar with. I expected it to match the name I assigned to the server, "WSC-DC1". Is that normal? It seems like System Information is totally unaware that this machine is supposed to be serving the role of domain controller.

Control Panel\System and Security\System shows the full computer name correctly: WSC-DC1.WSC.local
Windows is activated.
AD does not seem to have installed correctly, therefore DNS is inop.

I don't know where to start troubleshooting. Can somebody offer some help?

Here is the first part of what I get when I run DCDiag:
Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = WSC-DC1
[WSC-DC1] Directory Binding Error -2146893022:
The target principal name is incorrect.
This may limit some of the tests that can be performed.
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\WSC-DC1
Starting test: Connectivity
[WSC-DC1] DsBindWithSpnEx() failed with error -2146893022,
The target principal name is incorrect..
Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
......................... WSC-DC1 failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\WSC-DC1
Skipping all tests, because server WSC-DC1 is not responding to directory service requests.

windows-server-2016windows-server-essentials
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick edited

That sounds like a default name windows setup assigned. I'd check the computer name shown here. Control Panel\System and Security\System, Advanced\Computer Name

Also please run;

Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt

then put unzipped text files up on OneDrive and share a link.






5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JiaYou-MSFT avatar image
0 Votes"
JiaYou-MSFT answered JiaYou-MSFT edited

HI TheWileyOne-9784,

1.When I run System Information, the System Name displays as Win-9LUPAQIOPFM, a name that I am unfamiliar with. I expected it to match the name I assigned to the server, "WSC-DC1". Is that normal?
No, it isn't normal.

WSE2016 need to use windows server essentials wizard to create AD forest and configure itself as DC. So did you assign the "WSC-DC1" to the server like below picture?


107937-21.png


2."AD does not seem to have installed correctly, therefore DNS is inop."
If it is possible, could you please follow below video to install wse2016 again? I check this video is correct to install wse2016, meanwhile if we don't need to install DHCP, we can ignore it.

Setup Windows server 2016 essentials (EN)
https://channel9.msdn.com/Blogs/MVP-Azure/Setup-Windows-server-2016-essentials-EN



============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



21.png (298.5 KiB)
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

When I go into Control Panel\System and Security\System, Advanced\Computer Name, the computer name is WSC-DC1\WSC.local
and the domain is WSC.local. Of course, the Change button is grayed out.

The three files that you requested can be found here: https://1drv.ms/u/s!BBi8N_PxRPt2q2dH0qAKvSfN-w09?e=tiBXlu

So, I guess we need to find a way to change the "machine name" to match the Windows name?

Then, perhaps AD and DNS will start working correctly?

1 Vote 1 ·

It has been a week, but I am sure I entered the correct server name into the Wizard. I don't see how it could have gotten in there otherwise.
At this point, if I try to run the Wizard again, I get this:
"Networking domain controller server is not accessible, some operations in Dashboard may not be succeed." (this is exactly what it says)
"Please check your network and make sure you can access the domain controller name"
Then a Windows Server logo appears and eventually Essentials Dashboard launches.
.Here is the Quick Status:
User Accounts: N/A
Server Folders: 8
Server Backup: N/A
Windows Defender: OFF
Anywhere Access: OFF
Health Report settings: N/A
Devices: N/A



1 Vote 1 ·

I made the mistake of following poor advice offered by DSPatrick.
Now my system won't recognize any login.
I'm facing a 3 hour drive unless I can find a way to get into it through Ethernet.

Do you have any suggestions that might help?

1 Vote 1 ·

I have managed to recover somewhat after following the disastrous advice given by DSPatrick.
I now have control of the machine using TeamViewer through the static IP and I'm logged in, just as if I was sitting in front of it.
I do not, however, have Internet access from this machine.

The NetLogin service is indeed not running. Both of its dependencies, Server and Workstation, are running nicely.
When I try to start NetLogin, I get an error 000064

When I try to start the Windows Server Essentials Service Integration Configuration Wizard (C:\Windows\System32\Essentials\ConfigWizard.exe), nothing happens.
Is that the same as the Server Essentials Wizard?

Do you have any suggestions that might help me get this server running?



1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--






· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I'm sorry. I accidentally commented back to the wrong person.

The files you requested are here: https://1drv.ms/u/s!BBi8N_PxRPt2q2dH0qAKvSfN-w09?e=tiBXlu

1 Vote 1 ·

Hopefully you'll see my reply eventually..


1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

Domain controller must have it's own static ip address (10.1.10.10) listed for DNS so the router address should be removed / replaced. Also there appears to be a rouge IPv6 DHCP server on network (router?), either turn that function off or uncheck IPv6 in connection properties. Then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service. I did not bother looking at other files since this one is a show stopper.

--please don't forget to upvote and Accept as answer if the reply is helpful--



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I had it set up the way you describe, but there was no Internet access, so we know the DNS is broken.
Until we get DNS working properly, that router address is the best way to connect to the Internet.
I also added IPv6, but I'm not sure whether that had any effect.

I am not planning to use DHCP on this server. Should I remove IPv6?

1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

I had it set up the way you describe, but there was no Internet access

Regardless this is a fatal error, the server will never be functional like that.

I also added IPv6

Not sure what is meant by if it isn't configured correctly then this causes great confusion for active directory DNS

--please don't forget to upvote and Accept as answer if the reply is helpful--









· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I'm sorry, but I can't accept that "the system will never be functional".
I'came here to learn how to fix it.

Obviously, my DNS has been unable to set itself up, probably because AD isn't installed properly.
How do we fix that?

1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

I'd start by setting it's own static ip address (10.1.10.10) listed for DNS, remove the router address. Also the rouge IPv6 DHCP server on network (router?), either turn that function off or uncheck IPv6 in connection properties. Then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service. If problems persist then put up a new set of files to look at.

--please don't forget to upvote and Accept as answer if the reply is helpful--










· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Disabled IPv6 DHCP on Comcast router, disabled IPv6 on Ethernet adapter, removed DNS addresses except 127.0.0.1, & restarted server.
as you instructed.

Now I have lost internet and I am unable to login to this machine under any user name.
They all return "an attempt was made to log in but the login service is not started".

Great. Now what? This is a remote computer in a data center. Truck roll?

1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--






5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

attempt was made to log in but the login service is not started

Sounds like the netlogon service is not running.

removed DNS addresses except 127.0.0.1

Server also needs own static ip address listed for DNS. Then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service

Setting up a new domain controller usually requires someone at the console until configuration is completed.



--please don't forget to upvote and Accept as answer if the reply is helpful--




















· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


so now I have to get in my car and drive 3 hours? Then what?
I still won't be able to log in to this piece of crap.

1 Vote 1 ·

I do have RDP access to it through another PC, even without DNS.
I wonder if any of the SYSInternal utilities will bail me out.

1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

wonder if any of the SYSInternal utilities will bail me out

Not sure what is meant here. I'd start with setting server's own static ip address listed for DNS. A domain controller cannot function with other settings here. Then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service. The event logs may also have something useful. There may be something else now broken not mentioned here. If that's the case you may want to clean install it.

--please don't forget to upvote and Accept as answer if the reply is helpful--











· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Are you paying attention, Patrick?
I am UNABLE to log into this machine after following your advice.
I can't make any configuration changes until I find a way to LOG IN to this box.

Are you not familiar with the SysInternals Utilities that Microsoft purchased and buried about 10 years ago?

1 Vote 1 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered TheWileyOne-9784 commented

Are you not familiar with the SysInternals Utilities

Of course, but never needed them to deploy a new domain controller.

UNABLE to log into this machine

As I mentioned before, standing up a new stand-alone domain controller is a job done while sitting at the machine console.

--please don't forget to upvote and Accept as answer if the reply is helpful--













· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

It was working, somewhat, until I followed your advice.
Now you want to quit on me? OK

How did you become an Community Expert if you've never heard of SysInternals?

1 Vote 1 ·