Issue
A SCOM MG reported the Alert Script Based Test Failed to Complete for all its Domain Controllers. The AD Helper Object was in place however, so this couldn’t be the issue at all.
Funny thing, sometimes the scripts ran just fine and the other time they failed. And different scripts were involved, some examples:
- AD Replication Partner Count : The script 'AD Replication Partner Count' failed to initialize correctly.
The error returned was: 'Object required' (0x80000000); - While running 'AD General Response' the following consecutive errors were encountered:
Failed to bind to 'LDAP://<DOMAINCONTROLLER.y.z>/rootDSE'. This is an unexpected error.
The error returned was 'LDAP://<DOMAINCONTROLLER.y.z>/rootDSE' (0x8007203A); - AD Replication Monitoring : encountered a runtime error.
Failed to bind to 'LDAP://<DOMAINCONTROLLER.y.z>/RootDSE'.
The error returned was: 'The server is not operational.' (0x8007203A).
Investigation
Even though SCOM reported issues, nothing was wrong. AD worked as intended. These DCs are WS 2012 R2 based. When looking at those servers I noticed that IPv6 was unbound on the NICs:
However, unbinding or disabling IPv6 on WS 2012 R2 has consequences, like this posting tells us: Known Issues with Disabling or Unbinding IPv6.
Cause
IPv6 is unbound on the related NICs of the DCs.
Solution
Enable IPv6 or bind it again on the NICs of the DCs and the script Alerts won’t show up again.
No comments:
Post a Comment