Re: Active Directory Replication error
- From: "Paul Bergson" <pbergson@xxxxxxxxxx>
- Date: Sat, 10 Dec 2005 12:07:41 -0600
It appears Jorge has solved this. Nice work Jorge.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Thomas" <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:694A2D6C-B1D4-444C-9DC2-64F5E47DA53D@xxxxxxxxxxxxxxxx
> thats a great tool that you made... well rean the tool on both servers and
> the logs are are large.... I will copy the text below that where errors,
> warnings or failed messages..
>
> The primary DC that is rejecting the other one is this server is called
> DC2
> _____________________________________________________________
> 1. Gathering IPX configuration information.
> Opening \Device\NwlnkIpx failed
>
> 2. [WARNING] At least one of the <00> 'WorkStation Service', <03>
> 'Messenger Service', <20> 'WINS' names is missing.
>
> NetBios Resolution : via DHCP
>
> Netbios Remote Cache Table
> Name Type HostAddress Life [sec]
> ---------------------------------------------------------------
> SHARE <20> UNIQUE 192.168.16.5 222
> MAIL <20> UNIQUE 192.168.16.9 222
>
> 3. Doing primary tests
>
> Testing server: Default-First-Site-Name\DC2
> Starting test: Replications
> * Replications Check
> [Replications Check,DC2] A recent replication attempt failed:
> From MAIL to DC2
> Naming Context: DC=ForestDnsZones,DC=source,DC=local
> The replication generated an error (8456):
> The source server is currently rejecting replication requests.
> The failure occurred at 2005-12-09 14:50:38.
> The last success occurred at 2005-11-27 12:58:43.
> 265 failures have occurred since the last success.
> Replication has been explicitly disabled through the server
> options.
> [Replications Check,DC2] A recent replication attempt failed:
> From MAIL to DC2
> Naming Context: DC=DomainDnsZones,DC=source,DC=local
> The replication generated an error (8456):
> The source server is currently rejecting replication requests.
> The failure occurred at 2005-12-09 14:50:38.
> The last success occurred at 2005-11-27 12:58:43.
> 264 failures have occurred since the last success.
> Replication has been explicitly disabled through the server
> options.
> [Replications Check,DC2] A recent replication attempt failed:
> From MAIL to DC2
> Naming Context: CN=Schema,CN=Configuration,DC=source,DC=local
> The replication generated an error (8456):
> The source server is currently rejecting replication requests.
> The failure occurred at 2005-12-09 14:50:38.
> The last success occurred at 2005-11-27 12:58:43.
> 267 failures have occurred since the last success.
> Replication has been explicitly disabled through the server
> options.
> [Replications Check,DC2] A recent replication attempt failed:
> From MAIL to DC2
> Naming Context: CN=Configuration,DC=source,DC=local
> The replication generated an error (8456):
> The source server is currently rejecting replication requests.
> The failure occurred at 2005-12-09 14:50:38.
> The last success occurred at 2005-11-27 14:10:56.
> 268 failures have occurred since the last success.
> Replication has been explicitly disabled through the server
> options.
> [Replications Check,DC2] A recent replication attempt failed:
> From MAIL to DC2
> Naming Context: DC=source,DC=local
> The replication generated an error (8456):
> The source server is currently rejecting replication requests.
> The failure occurred at 2005-12-09 15:16:48.
> The last success occurred at 2005-11-27 14:10:53.
> 449 failures have occurred since the last success.
> Replication has been explicitly disabled through the server
> options.
> * Replication Latency Check
> REPLICATION-RECEIVED LATENCY WARNING
> DC2: Current time is 2005-12-09 15:20:40.
> DC=ForestDnsZones,DC=source,DC=local
> Last replication recieved from MAIL at 2005-11-27 12:58:43.
> Latency information for 3 entries in the vector were
> ignored.
> 3 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
>
> 4. Checking for CN=NTDS
> Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=source,DC=local
> in domain CN=Configuration,DC=source,DC=local on 2 servers
> Object is up-to-date on all servers.
> ......................... DC2 failed test ObjectsReplicated
>
> 5. * Replications Check
> [Replications Check,MAIL] Inbound replication is disabled.
> To correct, run "repadmin /options MAIL -DISABLE_INBOUND_REPL"
> [Replications Check,MAIL] Outbound replication is disabled.
> To correct, run "repadmin /options MAIL -DISABLE_OUTBOUND_REPL"
> ......................... MAIL failed test Replications
>
> 6. Starting test: Advertising
> Warning: DsGetDcName returned information for \\dc2.source.local,
> when we were trying to reach MAIL.
> Server is not responding or is not considered suitable.
> The DC MAIL is advertising itself as a DC and having a DS.
> The DC MAIL is advertising as an LDAP server
> The DC MAIL is advertising as having a writeable directory
> The DC MAIL is advertising as a Key Distribution Center
> The DC MAIL is advertising as a time server
> ......................... MAIL failed test Advertising
>
> 7. Starting test: Services
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> * Checking Service: IsmServ
> * Checking Service: kdc
> * Checking Service: SamSs
> * Checking Service: LanmanServer
> * Checking Service: LanmanWorkstation
> * Checking Service: RpcSs
> * Checking Service: w32time
> w32time Service is stopped on [MAIL]
> * Checking Service: NETLOGON
> NETLOGON Service is paused on [MAIL]
> ......................... MAIL failed test Services
>
> 8. TEST: Basic (Basc)
> Error: Can't read OS version through WMI
> [Error details: 0x80070005 (Type: HRESULT - Facility:
> Win32, Description: Access is denied.) - Query Win32_OperatingSystem class
> failed]
>
> 9. REPLICATION-RECEIVED LATENCY WARNING
> DC2: Current time is 2005-12-09 15:20:40.
> DC=ForestDnsZones,DC=source,DC=local
> Last replication recieved from MAIL at 2005-11-27 12:58:43.
> Latency information for 3 entries in the vector were
> ignored.
> 3 were retired Invocations. 0 were either: read-only
> replicas and are not verifiably latent, or dc's no longer replicating this
> nc. 0 had no latency information (Win2K DC).
>
> 10. Summary of DNS test results:
>
> Auth Basc Forw Del Dyn RReg
> Ext
>
> ________________________________________________________________
> Domain: source.local
> dc2 PASS WARN FAIL PASS PASS PASS
> n/a
> mail PASS FAIL n/a n/a n/a n/a
> n/a
>
> ......................... source.local failed test DNS
>
> __________________________________________________________________
>
> Below is the second server called mail this is the server that is being
> rejected.
> _________________________________________________________________-
>
> 1. Starting test: ObjectsReplicated
> DC2 is in domain DC=source,DC=local
> Checking for CN=DC2,OU=Domain Controllers,DC=source,DC=local in
> domain DC=source,DC=local on 2 servers
> Authoritative attribute servicePrincipalName on MAIL
> (writeable)
> usnLocalChange = 6484145
> LastOriginatingDsa = DC2
> usnOriginatingChange = 6229814
> timeLastOriginatingChange = 2005-03-25 14:37:48
> VersionLastOriginatingChange = 21
> Out-of-date attribute servicePrincipalName on DC2 (writeable)
> usnLocalChange = 5537612
> LastOriginatingDsa = DC2
> usnOriginatingChange = 5537612
> timeLastOriginatingChange = 2005-01-11 13:45:46
> VersionLastOriginatingChange = 16
> Checking for CN=NTDS
> Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=source,DC=local
> in domain CN=Configuration,DC=source,DC=local on 2 servers
> Object is up-to-date on all servers.
> ......................... DC2 failed test ObjectsReplicated
>
> 2. Starting test: systemlog
> * The System Event log test
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/09/2005 15:21:20
> (Event String could not be retrieved)
> ......................... DC2 failed test systemlog
>
> 3. Testing server: Default-First-Site-Name\MAIL
> Starting test: Replications
> * Replications Check
> [Replications Check,MAIL] Inbound replication is disabled.
> To correct, run "repadmin /options MAIL -DISABLE_INBOUND_REPL"
> [Replications Check,MAIL] Outbound replication is disabled.
> To correct, run "repadmin /options MAIL -DISABLE_OUTBOUND_REPL"
> ......................... MAIL failed test Replications
>
> 4. Starting test: Advertising
> Warning: DsGetDcName returned information for \\dc2.source.local,
> when we were trying to reach MAIL.
> Server is not responding or is not considered suitable.
> The DC MAIL is advertising itself as a DC and having a DS.
> The DC MAIL is advertising as an LDAP server
> The DC MAIL is advertising as having a writeable directory
> The DC MAIL is advertising as a Key Distribution Center
> The DC MAIL is advertising as a time server
> ......................... MAIL failed test Advertising
>
> 5. Starting test: Services
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> * Checking Service: IsmServ
> * Checking Service: kdc
> * Checking Service: SamSs
> * Checking Service: LanmanServer
> * Checking Service: LanmanWorkstation
> * Checking Service: RpcSs
> * Checking Service: w32time
> w32time Service is stopped on [MAIL]
> * Checking Service: NETLOGON
> NETLOGON Service is paused on [MAIL]
> ......................... MAIL failed test Services
>
> 6. TEST: Basic (Basc)
> Error: Can't read OS version through WMI
> [Error details: 0x80070005 (Type: HRESULT - Facility:
> Win32, Description: Access is denied.) - Query Win32_OperatingSystem class
> failed]
>
> 7. TEST: Basic (Basc)
> Error: Can't read OS version through WMI
> [Error details: 0x80070005 (Type: HRESULT - Facility:
> Win32, Description: Access is denied.) - Query Win32_OperatingSystem class
> failed]
>
> 8. TEST: Basic (Basc)
> Microsoft(R) Windows(R) Server 2003, Standard Edition
> (Service Pack level: 1.0) is supported
> Error: NETLOGON service is not running
> [Error details: 1062 (Type: Win32 - Description: The service has not been
> started.)]
> kdc service is running
> DNSCACHE service is running
> DNS service is running
> DC is a DNS server
> Network adapters information:
> Adapter [00000001] Realtek RTL8139 Family PCI Fast
> Ethernet NIC:
> MAC address is 00:05:5D:31:74:A0
> IP address is static
> IP address: 192.168.16.9
> DNS servers:
> 192.168.16.9 (<name unavailable>) [Valid]
> 192.168.16.3 (<name unavailable>) [Valid]
> The A record for this DC was found
> The SOA record for the Active Directory zone was found
> The Active Directory zone on this DC/DNS server was found
> (primary)
> Root zone on this DC/DNS server was not found
>
> 9. Summary of DNS test results:
>
> Auth Basc Forw Del Dyn RReg
> Ext
>
> ________________________________________________________________
> Domain: source.local
> dc2 PASS FAIL n/a n/a n/a n/a
> n/a
> mail PASS FAIL FAIL PASS PASS PASS
> n/a
>
> ......................... source.local failed test DNS
>
> ________________________________________________________________
>
> That is the end of the tests results that had errors or in them....????
>
> Do you see the problem
>
> Thanks
>
> Thomas
>
> "Paul Bergson" wrote:
>
>> Run diagnostics against your Active Directory domain.
>>
>> If you don't have the tools installed, install them from your server
>> install
>> disk.
>> d:\support\tools\setup.exe
>>
>> Run dcdiag and netdiag in verbose mode, try this on both dc's.
>>
>> If you download a gui script I wrote it should be simple to set and run.
>> It
>> has the option to run individual tests without having to learn all the
>> switch options.
>>
>> The script is at http://pbbergs.dynu.com/windows/windows.htm, download it
>> and save it to c:\program files\support tools\
>>
>> Just select both dcdiag and netdiag make sure verbose is set. (Leave the
>> default settings for dcdiag as set when selected)
>>
>> When complete search for fail, error and warning messages.
>>
>>
>> --
>>
>>
>> Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> "Thomas" <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:712772A2-8029-4E7F-818A-56DA2A8666B4@xxxxxxxxxxxxxxxx
>> > Hello Paul
>> >
>> > I downloaded and tried to install the ultrasound package, It installed
>> > the
>> > main componany just fine on the promary server as well as the provider
>> > on
>> > that server but ultasound is unable to install the ultrasound provider
>> onto
>> > the remote server, it just hangs there and when I try to install the
>> provider
>> > on the machine locally the install of the provider sops before
>> > completion
>> > saying that the "wizard was interupted before ultasound could be
>> > installed.......
>> >
>> > Maybe the problem I am having with the server in general is preventing
>> this
>> > from installing correctly...
>> >
>> > What else can I do??
>> >
>> > Thanks
>> >
>> > "Paul Bergson" wrote:
>> >
>> > > Load up the tool Ultrasound and evaluate its findings
>> > >
>> > >
>> http://www.microsoft.com/downloads/details.aspx?familyid=61acb9b9-c354-4f98-a823-24cc0da73b50&displaylang=en
>> > >
>> > >
>> > >
>> > > --
>> > >
>> > >
>> > > Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
>> > >
>> > > This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> > >
>> > >
>> > > "Thomas" <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > > news:F7676EA7-4A6F-4193-83D4-21A8F4C08148@xxxxxxxxxxxxxxxx
>> > > > Hello
>> > > >
>> > > > I am having a problem with my active directory replication. I have
>> > > > two
>> > > > domain controlers in my domain, and one of them is rejecting the
>> > > > other
>> > > server
>> > > > from replicating. So I ran repadmin.exe to verify and it said the
>> > > > same
>> > > > thing... that the main domain controler was rejecting its request.
>> > > >
>> > > > How can I fix this...
>> > > >
>> > > > in the error log I get a lot of 1864 and 2093 event IDs
>> > > >
>> > > > I have searched everywhere that I can find and no where do I see
>> > > > how
>> to
>> > > fix
>> > > > the problem.
>> > > >
>> > > > Is there a way to force the main server to trust the other server
>> > > > or
>> force
>> > > > it to replicate in some way???
>> > > >
>> > > > Please help....
>> > > >
>> > > > Thanks in advance
>> > > >
>> > > > Thomas
>> > >
>> > >
>> > >
>>
>>
>>
.
- References:
- Re: Active Directory Replication error
- From: Paul Bergson
- Re: Active Directory Replication error
- From: Paul Bergson
- Re: Active Directory Replication error
- From: Thomas
- Re: Active Directory Replication error
- Prev by Date: Re: Multihomed Domain Controller Setup
- Next by Date: Re: Multihomed Domain Controller Setup
- Previous by thread: Re: Active Directory Replication error
- Next by thread: Re: Active Directory Replication error
- Index(es):
Relevant Pages
|
Loading
