Command Line: "dcdiag.exe /v /c /d /e /s:qi-fs-02" Directory Server Diagnosis Performing initial setup: * Connecting to directory service on server qi-fs-02. qi-fs-02.currentTime = 20210612022221.0Z qi-fs-02.highestCommittedUSN = 7800321 qi-fs-02.isSynchronized = 1 qi-fs-02.isGlobalCatalogReady = 1 * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected QI-FS-02.currentTime = 20210612022221.0Z QI-FS-02.highestCommittedUSN = 7800321 QI-FS-02.isSynchronized = 1 QI-FS-02.isGlobalCatalogReady = 1 * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. ===============================================Printing out pDsInfo GLOBAL: ulNumServers=1 pszRootDomain=questinsuranceinc.local pszNC= pszRootDomainFQDN=DC=questinsuranceinc,DC=local pszConfigNc=CN=Configuration,DC=questinsuranceinc,DC=local pszPartitionsDn=CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local fAdam=0 iSiteOptions=0 dwTombstoneLifeTimeDays=180 dwForestBehaviorVersion=2 HomeServer=0, QI-FS-02 SERVER: pServer[0].pszName=QI-FS-02 pServer[0].pszGuidDNSName (binding str)=59f7968f-6563-48d0-bed0-c46b835134f2._msdcs.questinsuranceinc.local pServer[0].pszDNSName=QI-FS-02.questinsuranceinc.local pServer[0].pszLdapPort=(null) pServer[0].pszSslPort=(null) pServer[0].pszDn=CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local pServer[0].pszComputerAccountDn=CN=QI-FS-02,OU=Domain Controllers,DC=questinsuranceinc,DC=local pServer[0].uuidObjectGuid=59f7968f-6563-48d0-bed0-c46b835134f2 pServer[0].uuidInvocationId=4d62f6a7-0cee-4184-b83a-060c8637a0ac pServer[0].iSite=0 (Default-First-Site-Name) pServer[0].iOptions=1 pServer[0].ftLocalAcquireTime=c6689d60 01d75f31 pServer[0].ftRemoteConnectTime=c5f62c80 01d75f31 pServer[0].ppszMaster/FullReplicaNCs: ppszMaster/FullReplicaNCs[0]=DC=ForestDnsZones,DC=questinsuranceinc,DC=local ppszMaster/FullReplicaNCs[1]=DC=DomainDnsZones,DC=questinsuranceinc,DC=local ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=questinsuranceinc,DC=local ppszMaster/FullReplicaNCs[4]=DC=questinsuranceinc,DC=local SITES: pSites[0].pszName=Default-First-Site-Name pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local pSites[0].pszISTG=CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local pSites[0].iSiteOption=0 pSites[0].cServers=1 NC: pNCs[0].pszName=ForestDnsZones pNCs[0].pszDn=DC=ForestDnsZones,DC=questinsuranceinc,DC=local pNCs[0].aCrInfo[0].dwFlags=0x00000201 pNCs[0].aCrInfo[0].pszDn=CN=9318075e-4a4b-484f-a911-45c2362a19b3,CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.questinsuranceinc.local pNCs[0].aCrInfo[0].iSourceServer=0 pNCs[0].aCrInfo[0].pszSourceServer=(null) pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005 pNCs[0].aCrInfo[0].bEnabled=TRUE pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null) pNCs[0].aCrInfo[0].pszNetBiosName=(null) pNCs[0].aCrInfo[0].cReplicas=-1 pNCs[0].aCrInfo[0].aszReplicas= NC: pNCs[1].pszName=DomainDnsZones pNCs[1].pszDn=DC=DomainDnsZones,DC=questinsuranceinc,DC=local pNCs[1].aCrInfo[0].dwFlags=0x00000201 pNCs[1].aCrInfo[0].pszDn=CN=ef11bc36-77e9-44f8-829e-860cdd52d0e8,CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.questinsuranceinc.local pNCs[1].aCrInfo[0].iSourceServer=0 pNCs[1].aCrInfo[0].pszSourceServer=(null) pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005 pNCs[1].aCrInfo[0].bEnabled=TRUE pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null) pNCs[1].aCrInfo[0].pszNetBiosName=(null) pNCs[1].aCrInfo[0].cReplicas=-1 pNCs[1].aCrInfo[0].aszReplicas= NC: pNCs[2].pszName=Schema pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[2].aCrInfo[0].dwFlags=0x00000201 pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[2].aCrInfo[0].pszDnsRoot=questinsuranceinc.local pNCs[2].aCrInfo[0].iSourceServer=0 pNCs[2].aCrInfo[0].pszSourceServer=(null) pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001 pNCs[2].aCrInfo[0].bEnabled=TRUE pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null) pNCs[2].aCrInfo[0].pszNetBiosName=(null) pNCs[2].aCrInfo[0].cReplicas=-1 pNCs[2].aCrInfo[0].aszReplicas= NC: pNCs[3].pszName=Configuration pNCs[3].pszDn=CN=Configuration,DC=questinsuranceinc,DC=local pNCs[3].aCrInfo[0].dwFlags=0x00000201 pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[3].aCrInfo[0].pszDnsRoot=questinsuranceinc.local pNCs[3].aCrInfo[0].iSourceServer=0 pNCs[3].aCrInfo[0].pszSourceServer=(null) pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001 pNCs[3].aCrInfo[0].bEnabled=TRUE pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null) pNCs[3].aCrInfo[0].pszNetBiosName=(null) pNCs[3].aCrInfo[0].cReplicas=-1 pNCs[3].aCrInfo[0].aszReplicas= NC: pNCs[4].pszName=questinsuranceinc pNCs[4].pszDn=DC=questinsuranceinc,DC=local pNCs[4].aCrInfo[0].dwFlags=0x00000201 pNCs[4].aCrInfo[0].pszDn=CN=QUESTINSURANCE,CN=Partitions,CN=Configuration,DC=questinsuranceinc,DC=local pNCs[4].aCrInfo[0].pszDnsRoot=questinsuranceinc.local pNCs[4].aCrInfo[0].iSourceServer=0 pNCs[4].aCrInfo[0].pszSourceServer=(null) pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003 pNCs[4].aCrInfo[0].bEnabled=TRUE pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null) pNCs[4].aCrInfo[0].pszNetBiosName=(null) pNCs[4].aCrInfo[0].cReplicas=-1 pNCs[4].aCrInfo[0].aszReplicas= 5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, questinsuranceinc, 1 TARGETS: QI-FS-02, =============================================Done Printing pDsInfo Doing initial required tests Testing server: Default-First-Site-Name\QI-FS-02 Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Failure Analysis: QI-FS-02 ... OK. * Active Directory RPC Services Check ......................... QI-FS-02 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\QI-FS-02 Starting test: Advertising The DC QI-FS-02 is advertising itself as a DC and having a DS. The DC QI-FS-02 is advertising as an LDAP server The DC QI-FS-02 is advertising as having a writeable directory The DC QI-FS-02 is advertising as a Key Distribution Center The DC QI-FS-02 is advertising as a time server The DS QI-FS-02 is advertising as a GC. ......................... QI-FS-02 passed test Advertising Starting test: CheckSecurityError * Dr Auth: Beginning security errors check! Found KDC QI-FS-02 for domain questinsuranceinc.local in site Default-First-Site-Name Checking machine account for DC QI-FS-02 on DC QI-FS-02. * SPN found :LDAP/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local * SPN found :LDAP/QI-FS-02.questinsuranceinc.local * SPN found :LDAP/QI-FS-02 * SPN found :LDAP/QI-FS-02.questinsuranceinc.local/QUESTINSURANCE * SPN found :LDAP/59f7968f-6563-48d0-bed0-c46b835134f2._msdcs.questinsuranceinc.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/59f7968f-6563-48d0-bed0-c46b835134f2/questinsuranceinc.local * SPN found :HOST/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local * SPN found :HOST/QI-FS-02.questinsuranceinc.local * SPN found :HOST/QI-FS-02 * SPN found :HOST/QI-FS-02.questinsuranceinc.local/QUESTINSURANCE * SPN found :GC/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local [QI-FS-02] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:. ......................... QI-FS-02 passed test CheckSecurityError Starting test: CutoffServers * Configuration Topology Aliveness Check * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for CN=Configuration,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the alive system replication topology for DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... QI-FS-02 passed test CutoffServers Starting test: FrsEvent * The File Replication Service Event log test ......................... QI-FS-02 passed test FrsEvent Starting test: DFSREvent The DFS Replication Event Log. Skip the test because the server is running FRS. ......................... QI-FS-02 passed test DFSREvent Starting test: SysVolCheck * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... QI-FS-02 passed test SysVolCheck Starting test: FrsSysVol * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... QI-FS-02 passed test FrsSysVol Starting test: KccEvent * The KCC Event log test Found no KCC errors in "Directory Service" Event log in the last 15 minutes. ......................... QI-FS-02 passed test KccEvent Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local Role Domain Owner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local Role PDC Owner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local Role Rid Owner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local Role Infrastructure Update Owner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local ......................... QI-FS-02 passed test KnowsOfRoleHolders Starting test: MachineAccount Checking machine account for DC QI-FS-02 on DC QI-FS-02. * SPN found :LDAP/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local * SPN found :LDAP/QI-FS-02.questinsuranceinc.local * SPN found :LDAP/QI-FS-02 * SPN found :LDAP/QI-FS-02.questinsuranceinc.local/QUESTINSURANCE * SPN found :LDAP/59f7968f-6563-48d0-bed0-c46b835134f2._msdcs.questinsuranceinc.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/59f7968f-6563-48d0-bed0-c46b835134f2/questinsuranceinc.local * SPN found :HOST/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local * SPN found :HOST/QI-FS-02.questinsuranceinc.local * SPN found :HOST/QI-FS-02 * SPN found :HOST/QI-FS-02.questinsuranceinc.local/QUESTINSURANCE * SPN found :GC/QI-FS-02.questinsuranceinc.local/questinsuranceinc.local ......................... QI-FS-02 passed test MachineAccount Starting test: NCSecDesc * Security Permissions check for all NC's on DC QI-FS-02. The forest is not ready for RODC. Will skip checking ERODC ACEs. * Security Permissions Check for DC=ForestDnsZones,DC=questinsuranceinc,DC=local (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDnsZones,DC=questinsuranceinc,DC=local * Security Permissions Check for DC=DomainDnsZones,DC=questinsuranceinc,DC=local (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=DomainDnsZones,DC=questinsuranceinc,DC=local * Security Permissions Check for CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=questinsuranceinc,DC=local (Configuration,Version 3) * Security Permissions Check for DC=questinsuranceinc,DC=local (Domain,Version 3) ......................... QI-FS-02 failed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Verified share \\QI-FS-02\netlogon Verified share \\QI-FS-02\sysvol ......................... QI-FS-02 passed test NetLogons Starting test: ObjectsReplicated QI-FS-02 is in domain DC=questinsuranceinc,DC=local Checking for CN=QI-FS-02,OU=Domain Controllers,DC=questinsuranceinc,DC=local in domain DC=questinsuranceinc,DC=local on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local in domain CN=Configuration,DC=questinsuranceinc,DC=local on 1 servers Object is up-to-date on all servers. ......................... QI-FS-02 passed test ObjectsReplicated Starting test: OutboundSecureChannels * The Outbound Secure Channels test ** Did not run Outbound Secure Channels test because /testdomain: was not entered ......................... QI-FS-02 passed test OutboundSecureChannels Starting test: Replications * Replications Check DC=ForestDnsZones,DC=questinsuranceinc,DC=local has 2 cursors. DC=DomainDnsZones,DC=questinsuranceinc,DC=local has 2 cursors. CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local has 2 cursors. CN=Configuration,DC=questinsuranceinc,DC=local has 2 cursors. DC=questinsuranceinc,DC=local has 2 cursors. * Replication Latency Check DC=ForestDnsZones,DC=questinsuranceinc,DC=local Latency information for 1 entries in the vector were ignored. 1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). DC=DomainDnsZones,DC=questinsuranceinc,DC=local Latency information for 1 entries in the vector were ignored. 1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local Latency information for 1 entries in the vector were ignored. 1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). CN=Configuration,DC=questinsuranceinc,DC=local Latency information for 1 entries in the vector were ignored. 1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). DC=questinsuranceinc,DC=local Latency information for 1 entries in the vector were ignored. 1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC). ......................... QI-FS-02 passed test Replications Starting test: RidManager ridManagerReference = CN=RID Manager$,CN=System,DC=questinsuranceinc,DC=local * Available RID Pool for the Domain is 2109 to 1073741823 fSMORoleOwner = CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local * QI-FS-02.questinsuranceinc.local is the RID Master * DsBind with RID Master was successful rIDSetReferences = CN=RID Set,CN=QI-FS-02,OU=Domain Controllers,DC=questinsuranceinc,DC=local * rIDAllocationPool is 1609 to 2108 * rIDPreviousAllocationPool is 1609 to 2108 * rIDNextRID: 1775 ......................... QI-FS-02 passed test RidManager Starting test: Services * Checking Service: EventSystem * Checking Service: RpcSs * Checking Service: NTDS * Checking Service: DnsCache * Checking Service: NtFrs * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: w32time * Checking Service: NETLOGON ......................... QI-FS-02 passed test Services Starting test: SystemLog * The System Event log test A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:25:10 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:25:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:01 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:02 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:03 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:04 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:05 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:06 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:07 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:08 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 21:30:09 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:30:11 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:35:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:35:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:40:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:40:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:45:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:45:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:50:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:50:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:55:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 21:55:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:00:17 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. An error event occurred. EventID: 0x40000004 Time Generated: 06/11/2021 22:00:33 Event String: The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server qi-lt-04$. The target name used was RPCSS/QIWS06.questinsuranceinc.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (QUESTINSURANCEINC.LOCAL) is different from the client domain (QUESTINSURANCEINC.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer QIWS06.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:33 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:34 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:35 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:36 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:37 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:38 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:39 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. An error event occurred. EventID: 0xC0002719 Time Generated: 06/11/2021 22:00:41 Event String: DCOM was unable to communicate with the computer ds415.questinsuranceinc.local using any of the configured protocols. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:00:42 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:00:45 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:05:41 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:10:10 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:10:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x8000001D Time Generated: 06/11/2021 22:15:09 Event String: The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:15:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:15:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:20:09 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. A warning event occurred. EventID: 0x00009016 Time Generated: 06/11/2021 22:20:13 Event String: No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this. ......................... QI-FS-02 failed test SystemLog Starting test: Topology * Configuration Topology Integrity Check * Analyzing the connection topology for DC=ForestDnsZones,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=DomainDnsZones,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for CN=Configuration,DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. * Analyzing the connection topology for DC=questinsuranceinc,DC=local. * Performing upstream (of target) analysis. * Performing downstream (of target) analysis. ......................... QI-FS-02 passed test Topology Starting test: VerifyEnterpriseReferences ......................... QI-FS-02 passed test VerifyEnterpriseReferences Starting test: VerifyReferences The system object reference (serverReference) CN=QI-FS-02,OU=Domain Controllers,DC=questinsuranceinc,DC=local and backlink on CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local are correct. The system object reference (serverReferenceBL) CN=QI-FS-02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=questinsuranceinc,DC=local and backlink on CN=NTDS Settings,CN=QI-FS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=questinsuranceinc,DC=local are correct. The system object reference (frsComputerReferenceBL) CN=QI-FS-02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=questinsuranceinc,DC=local and backlink on CN=QI-FS-02,OU=Domain Controllers,DC=questinsuranceinc,DC=local are correct. ......................... QI-FS-02 passed test VerifyReferences Starting test: VerifyReplicas ......................... QI-FS-02 passed test VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... QI-FS-02 passed test DNS Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : questinsuranceinc Starting test: CheckSDRefDom ......................... questinsuranceinc passed test CheckSDRefDom Starting test: CrossRefValidation ......................... questinsuranceinc passed test CrossRefValidation Running enterprise tests on : questinsuranceinc.local Starting test: DNS Test results for domain controllers: DC: QI-FS-02.questinsuranceinc.local Domain: questinsuranceinc.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) The OS Microsoft Windowsr Small Business Server 2011 Standard (Service Pack level: 1.0) is supported. NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000010] Broadcom NetXtreme Gigabit Ethernet: MAC address is E0:DB:55:1E:EC:6C IP Address is static IP address: 192.168.176.12, fe80::7d5c:402a:6ab5:ef5a, fe80::3bd4:95a:a07f:e8f1 DNS servers: 192.168.176.12 (qi-fs-02.questinsuranceinc.local.) [Valid] The A host record(s) for this DC was found The SOA record for the Active Directory zone was found The Active Directory zone on this DC/DNS server was found primary Root zone on this DC/DNS server was not found TEST: Forwarders/Root hints (Forw) Recursion is enabled Forwarders Information: 151.196.0.38 () [Valid] 151.196.0.39 () [Valid] TEST: Delegations (Del) Delegation information for the zone: questinsuranceinc.local. Delegated domain name: _msdcs.questinsuranceinc.local. DNS server: qi-fs-02.questinsuranceinc.local. IP:192.168.176.12 [Valid] TEST: Dynamic update (Dyn) Test record dcdiag-test-record added successfully in zone questinsuranceinc.local Test record dcdiag-test-record deleted successfully in zone questinsuranceinc.local TEST: Records registration (RReg) Network Adapter [00000010] Broadcom NetXtreme Gigabit Ethernet: Matching CNAME record found at DNS server 192.168.176.12: 59f7968f-6563-48d0-bed0-c46b835134f2._msdcs.questinsuranceinc.local Matching A record found at DNS server 192.168.176.12: QI-FS-02.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.questinsuranceinc.local Error: Missing SRV record at DNS server 192.168.176.12: _ldap._tcp.7f6a9fc1-ba9f-4e61-a909-42c4c40c80fb.domains._msdcs.questinsuranceinc.local [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)] Matching SRV record found at DNS server 192.168.176.12: _kerberos._tcp.dc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.dc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _kerberos._tcp.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _kerberos._udp.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _kpasswd._tcp.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.Default-First-Site-Name._sites.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _kerberos._tcp.Default-First-Site-Name._sites.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.gc._msdcs.questinsuranceinc.local Matching A record found at DNS server 192.168.176.12: gc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _gc._tcp.Default-First-Site-Name._sites.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.questinsuranceinc.local Matching SRV record found at DNS server 192.168.176.12: _ldap._tcp.pdc._msdcs.questinsuranceinc.local Warning: Record Registrations not found in some network adapters Total query time:0 min. 0 sec.. Total RPC connection time:0 min. 0 sec. Total WMI connection time:0 min. 42 sec. Total Netuse connection time:0 min. 0 sec. Summary of test results for DNS servers used by the above domain controllers: DNS server: 151.196.0.38 () All tests passed on this DNS server Total query time:0 min. 0 sec., Total WMI connection time:0 min. 21 sec. DNS server: 151.196.0.39 () All tests passed on this DNS server Total query time:0 min. 0 sec., Total WMI connection time:0 min. 21 sec. DNS server: 192.168.176.12 (qi-fs-02.questinsuranceinc.local.) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered DNS delegation for the domain _msdcs.questinsuranceinc.local. is operational on IP 192.168.176.12 Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec. Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: questinsuranceinc.local QI-FS-02 PASS PASS PASS PASS PASS WARN n/a Total Time taken to test all the DCs:0 min. 42 sec. ......................... questinsuranceinc.local passed test DNS Starting test: LocatorCheck GC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd PDC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd Time Server Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd Preferred Time Server Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd KDC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd ......................... questinsuranceinc.local passed test LocatorCheck Starting test: FsmoCheck GC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd PDC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd Time Server Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd Preferred Time Server Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd KDC Name: \\QI-FS-02.questinsuranceinc.local Locator Flags: 0xe00033fd ......................... questinsuranceinc.local passed test FsmoCheck Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided. ......................... questinsuranceinc.local passed test Intersite