What is this?

This is basically where I write down stuff that I work with at my job as a GIS Technical Analyst (previously system administrator). I do it because it's practical for documentation purposes (although, I remove stuff that might be a security breach) and I hope it can be of use to someone out there. I frequently search the net for help myself, and this is my way of contributing.

Monday, August 17, 2009

Windows 2003 - dcdiag.exe fails on systemlog test

During Active Directory cleanup I found that dcdiag.exe (see below) gives me a failure warning on the systemlog. I thought this was weird on a otherwise well functioning domain so I decided to check it out.

C:\Program Files\Support Tools>dcdiag

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\dc1
Starting test: Connectivity
......................... dc1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\dc1
Starting test: Replications
......................... dc1 passed test Replications
Starting test: NCSecDesc
......................... dc1 passed test NCSecDesc
Starting test: NetLogons
......................... dc1 passed test NetLogons
Starting test: Advertising
......................... dc1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... dc1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... dc1 passed test RidManager
Starting test: MachineAccount
......................... dc1 passed test MachineAccount
Starting test: Services
......................... dc1 passed test Services
Starting test: ObjectsReplicated
......................... dc1 passed test ObjectsReplicated
Starting test: frssysvol
......................... dc1 passed test frssysvol
Starting test: frsevent
......................... dc1 passed test frsevent
Starting test: kccevent
......................... dc1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 03/20/2009 09:50:04
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 03/20/2009 09:50:05
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 03/20/2009 09:50:05
(Event String could not be retrieved)
......................... dc1 failed test systemlog
Starting test: VerifyReferences
......................... dc1 passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation

Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation

Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : dirnat
Starting test: CrossRefValidation
......................... dirnat passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... dirnat passed test CheckSDRefDom

Running enterprise tests on : dirnat.intern
Starting test: Intersite
......................... dirnat.intern passed test Intersite
Starting test: FsmoCheck
......................... dirnat.intern passed test FsmoCheck

First thing I did was to check the system log on the local server, and I found the culprit:
Event Type: Error
Event Source: TermServDevices
Event Category: None
Event ID: 1111
Date: 17.08.2009
Time: 09:50:04
User: N/A
Computer: dc1
Description:
Driver Microsoft Shared Fax Driver required for printer Fax is unknown. Contact the administrator to install the driver before you log in again.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 12 0d 00 00 ........
I also found two more log posts from 09:50:05 saying exactly the same (with different printer names). Hex 457 (0x00000457) = 1111, so basically it seems that dcdiag.exe gives me this warning due to the fact I was running from within a terminal services client session and local printer mapping had failed during connect (which it always does since I don't have the drivers for these printers installed on the servers). I suppose I could always disable printer mapping in the mstsc client prior to connecting, but since it's harmless I think I'll just live with it.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)