Forum Discussion

fernandomichels's avatar
fernandomichels
Copper Contributor
Oct 26, 2020

"The security database has not been started" after promote new DC

Hi, I have two DC with W2K12 and W2K16. Recently, I've promoted a new server W2K19 as a domain controller. All the process was successfully executed and after the first reboot, I can't do an intera...
Active Directory
Windows Server
Dave Patrick's avatar
Dave Patrick
MVP
Oct 26, 2020

Please run;

- Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
- repadmin /showrepl >C:\repl.txt
- ipconfig /all > C:\dc1.txt
- ipconfig /all > C:\dc2.txt
- ipconfig /all > C:\dc3.txt



then put **unzipped** text files up on OneDrive and share a link.

 

 

 

fernandomichels's avatar
fernandomichels
Copper Contributor
Oct 27, 2020

Hi Dave Patrick . I really appreciate any help.

 

Log files are on: https://1drv.ms/u/s!Am8pbgsXRHYGiNxIIAqLPaNB7l64Zw?e=bgZEy1

 

SRVASA-DC01 - Old DC W2K19

SRVASA-DC03- Old DC W2K16

SRVASA-DC04 - New DC WK19 with problems

SRVASA-DC05 - it was another try, unsuccessful too. I already demoted it.

 

I found this error messages in DCDIAG on DC04:

SRVASA-DC03.isGlobalCatalogReady = 1 
Got error while checking if the DC is using FRS or DFSR. Error: 
The operation being requested was not performed because the user has not been authenticated.T 
he VerifyReferences, FrsEvent and DfsrEvent tests might fail because of this 
error.

 

   Testing server: Matriz\SRVASA-DC01

      Starting test: Connectivity

         * Active Directory LDAP Services Check
         Determining IP4 connectivity 
         Failure Analysis: SRVASA-DC01 ... OK.
         * Active Directory RPC Services Check
         [SRVASA-DC01] DsBindWithSpnEx() failed with error 5,

         Access is denied..
         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... SRVASA-DC01 failed test Connectivity

Testing server: Filial\SRVASA-DC03

      Starting test: Connectivity

         * Active Directory LDAP Services Check
         Determining IP4 connectivity 
         Failure Analysis: SRVASA-DC03 ... OK.
         * Active Directory RPC Services Check
         [SRVASA-DC03] DsBindWithSpnEx() failed with error 5,

         Access is denied..
         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... SRVASA-DC03 failed test Connectivity

 There is no firewall enabled on both servers.

  • Dave Patrick's avatar
    Dave Patrick
    MVP
    Oct 27, 2020

    Please do not zip the files.

     

     

     

      • Dave Patrick's avatar
        Dave Patrick
        MVP
        Oct 27, 2020

        SRVASA-DC01 has the RRAS role installed.
        SRVASA-DC03 has the RRAS role installed.
        Multi homing a domain controller will always cause no end to grief for active directory domain DNS. Remove RRAS role and if its still needed then stand up dedicated member servers for this role. I did not look at other files since these are show stoppers. After correcting these problems if issues persist then put up a new set of files to look at.

         

         (please don't forget to mark helpful replies)

         

         

         

         

Resources