Re: NTDS replication problems

From: Herb Martin (news_at_LearnQuick.com)
Date: 07/10/04 

Date: Sat, 10 Jul 2004 10:42:36 -0500

"fghdf" <df@dzfgds.sdfgsd> wrote in message
news:O60GTNnZEHA.3988@tk2msftngp13.phx.gbl...
> I am working with an exchange 2000 system installed on a windows 2000 DC.
> There is only one DC in the domain and only one daomain in the forest.
> Problems started when the ecxhnage system attendent would not start (so no
> exchange :-( ) the events loged when starting System attendent look like
> this:

AD doesn't have anywhere to "replicate" with ONE DC in one
DOMAIN of a forest.

Given that you errors keep mentioning "Server2" it seems
probably that you USED TO HAVE another DC and have
removed it without properly allowing it to remove itself
from AD.

If so, search the MS Site from Google using something like:

[ ntdsutil.exe "metadata cleanup" 2000 remove site:microsot.com ]

Metadata cleanup (in NTDSUtil) allows one to remove abandom
DCs and abandon Domains. 

-- 
Herb Martin
>
> Event Type: Error
> Event Source: MSExchangeDSAccess
> Event Category: None
> Event ID: 2071
> Date:  10/07/2004
> Time:  12:37:27
> User:  N/A
> Computer: SERVER2
> Description:
> Process MAD.EXE" (PID=820). All the remote Domain Controller Servers in
use
> are not responding.
>
> For more information, click http://www.microsoft.com/contentredirect.asp.
>
> Event Type: Error
> Event Source: MSExchangeSA
> Event Category: General
> Event ID: 1005
> Date:  10/07/2004
> Time:  12:37:27
> User:  N/A
> Computer: SERVER2
> Description:
> Unexpected error An unknown error has occurred. Facility: Win32 ID no:
> c0070952 Microsoft Exchange System Attendant  occurred.
>
> For more information, click http://www.microsoft.com/contentredirect.asp.
>
> So I was wondering if there was something wrong with the AD. In the
> Directory Service Log I see the following every hour:
>
> Event Type: Error
> Event Source: NTDS Replication
> Event Category: Replication
> Event ID: 1411
> Date:  10/07/2004
> Time:  12:25:42
> User:  Everyone
> Computer: SERVER2
> Description:
> The Directory Service failed to construct a mutual authentication Service
> Principal Name (SPN) for server SERVER2.  The call is denied. The error
was:
>  A Service Principal Name (SPN) could not be constructed because the
> provided hostname is not in the necessary format.
>
>  The record data is the status code.
> Data:
> 0000: 6a 21 00 00               j!..
>
> Event Type: Warning
> Event Source: NTDS General
> Event Category: Global Catalog
> Event ID: 1655
> Date:  10/07/2004
> Time:  12:25:42
> User:  Everyone
> Computer: SERVER2
> Description:
> The attempt to communicate with global catalog \\SERVER2 failed with the
> following status:
>
>  A Service Principal Name (SPN) could not be constructed because the
> provided hostname is not in the necessary format.
>
> The operation in progress might be unable to continue.  The directory
> service will use the locator to try find an available global catalog
server
> for the next operation that requires one.
>
>  The record data is the status code.
> Data:
> 0000: 6a 21 00 00               j!..
>
> Event Type: Error
> Event Source: NTDS General
> Event Category: Global Catalog
> Event ID: 1126
> Date:  10/07/2004
> Time:  12:25:42
> User:  Everyone
> Computer: SERVER2
> Description:
> Unable to establish connection with global catalog.
>
> I do not have a clue why it is telling me that "the provided hostname is
not
> in the necessary format". But I wonder if it has to do with the following
> log which is now logged every time that DNS starts:
>
> Event Type: Warning
> Event Source: DNS
> Event Category: None
> Event ID: 414
> Date:  10/07/2004
> Time:  12:11:51
> User:  N/A
> Computer: SERVER2
> Description:
> The DNS server machine currently has no DNS domain name.  Its DNS name is
a
> single label hostname with no domain (example:  "host" rather than
> "host.microsoft.com").
>
> You might have forgotten to configure a primary DNS domain for the server
> computer. For more information, see either "DNS server log reference" or
"To
> configure the primary DNS suffix for a client computer" in the online
Help.
>
> While the DNS server has only a single label name, all zones created will
> have default records (SOA and NS) created using only this single label
name
> for the server's hostname.  This can lead to incorrect and failed
referrals
> when clients and other DNS servers use these records to locate this server
> by name.
>
> To correct this problem:
>   1) open ControlPanel
>   2) open System applet
>   3) select NetworkIdentification tab
>   4) click the "Properties" button and enter a domain name or workgroup
> name;  this name will be used as your DNS domain name
>   5) reboot to initialize with new domain name
>
> After reboot, the DNS server will attempt to fix up default records,
> substituting new DNS name of this server, for old single label name.
> However, you should review to make sure zone's SOA and NS records now
> properly use correct domain name of this server.
>
> This system has been set up and running for years. However the power
supply
> failed and needed replacing and at the same time an extra NIC was added.
> After this exchange did run, but following a reboot a few hours later it
has
> not worked since. Is it a DNS problem that is cause NTDS to fail, which is
> causing exchange to fail to start? How has it got like this? How can I fix
> it?
>
> Cheers all
>
> Phill
>
>