RE: Replication errors/ LDAP won't bind

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "pankaj_EPS_Support_Prof.." <pankaj_EPS_Support_Prof..@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 6 Feb 2006 13:30:36 -0800

Hello,

It Looks like your DNS Configuration on ME11Server is not correct. Make sure
you are pointing to internal DNS if you are poiting to ISP in Alternate ,
Stop doing that rather use DNS Forwader.

Another thing i suspect is SRV records in DNS - Make sure SRV's are
registered..

pankaj

"msteinhoff" wrote:

Hello all,

I have been struggling with replication errors for some time now.
Background: I have 11 servers in remote locations, all set up as sites using
IP as the transfer protocol. I have a bridgehead server setup at the
corporate location, but only one remote server is able to replicate. I have
compared the one good server to the bad servers, and cannot find any
differences(other than ISP).

I run DCDIAG /test:connectivity and I receive the following errors(on all
servers but one):

Testing server: ME11\ME11SERVER
Starting test: Connectivity
[ME11SERVER] LDAP bind failed with error 1053,
The service did not respond to the start or control request in a
timely fashion..
......................... ME11SERVER failed test Connectivity

I did some research and did some testing using the ldp tool. I was able to
connect to the remote server, but enable to bind LDAP the out follows:

ld = ldap_open("me11server", 389);
Established connection to me11server.
Retrieving base DSA information...
Result <0>: (null)
Matched DNs:
Getting 1 entries:

Dn:

1> currentTime: 02/06/2006 13:31:05 Eastern Standard Time Eastern Daylight
Time;
1> subschemaSubentry:
CN=Aggregate,CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
1> dsServiceName: CN=NTDS
Settings,CN=ME11SERVER,CN=Servers,CN=ME11,CN=Sites,CN=Configuration,DC=NRGOS,DC=COM;
5> namingContexts: DC=NRGOS,DC=COM; CN=Configuration,DC=NRGOS,DC=COM;
CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
DC=DomainDnsZones,DC=NRGOS,DC=COM; DC=ForestDnsZones,DC=NRGOS,DC=COM;
1> defaultNamingContext: DC=NRGOS,DC=COM;
1> schemaNamingContext: CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
1> configurationNamingContext: CN=Configuration,DC=NRGOS,DC=COM;
1> rootDomainNamingContext: DC=NRGOS,DC=COM;
22> supportedControl: 1.2.840.113556.1.4.319; 1.2.840.113556.1.4.801;
1.2.840.113556.1.4.473; 1.2.840.113556.1.4.528; 1.2.840.113556.1.4.417;
1.2.840.113556.1.4.619; 1.2.840.113556.1.4.841; 1.2.840.113556.1.4.529;
1.2.840.113556.1.4.805; 1.2.840.113556.1.4.521; 1.2.840.113556.1.4.970;
1.2.840.113556.1.4.1338; 1.2.840.113556.1.4.474; 1.2.840.113556.1.4.1339;
1.2.840.113556.1.4.1340; 1.2.840.113556.1.4.1413; 2.16.840.1.113730.3.4.9;
2.16.840.1.113730.3.4.10; 1.2.840.113556.1.4.1504; 1.2.840.113556.1.4.1852;
1.2.840.113556.1.4.802; 1.2.840.113556.1.4.1907;
2> supportedLDAPVersion: 3; 2;
12> supportedLDAPPolicies: MaxPoolThreads; MaxDatagramRecv;
MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime;
MaxPageSize; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize;
MaxNotificationPerConn; MaxValRange;
1> highestCommittedUSN: 74076;
4> supportedSASLMechanisms: GSSAPI; GSS-SPNEGO; EXTERNAL; DIGEST-MD5;
1> dnsHostName: ME11SERVER.NRGOS.COM;
1> ldapServiceName: NRGOS.COM:me11server$@NRGOS.COM;
1> serverName:
CN=ME11SERVER,CN=Servers,CN=ME11,CN=Sites,CN=Configuration,DC=NRGOS,DC=COM;
3> supportedCapabilities: 1.2.840.113556.1.4.800; 1.2.840.113556.1.4.1670;
1.2.840.113556.1.4.1791;
1> isSynchronized: TRUE;
1> isGlobalCatalogReady: TRUE;
1> domainFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
1> forestFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
1> domainControllerFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
-----------
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, 1158); // v.3
{NtAuthIdentity: User=<unavailable>; Pwd= <unavailable>; domain =
'nrgos.com'.}
Error <85>: ldap_bind_s() failed: Timeout.
Server error: <empty>

I really need help in discerning why LDAP won't bind. I do not konw where
to go from here.

Follow-Ups:
- Re: Replication errors/ LDAP won't bind
  - From: msteinhoff

References:
- Replication errors/ LDAP won't bind
  - From: msteinhoff

Prev by Date: Re: multiple errors in Active Directory
Next by Date: Re: Account Operators accessing other account operators
Previous by thread: Re: Replication errors/ LDAP won't bind
Next by thread: Re: Replication errors/ LDAP won't bind
Index(es):
- Date
- Thread

Relevant Pages

Issues migrating SBS 2003 domain to Server 2008 Standard
... We are stuck migrating our SBS 2003 domain to Server 2008. ... Fatal Error:DsGetDcName (SRV-EXCH) call failed, ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ...
(microsoft.public.windows.server.sbs)
Re: AD management snap in cannot find DC (netdiag /v workstation)
... The name.local entries are used by my apache server to implement ... change button, more button, the "Primary DNS suffix of this ... Attr: subschemaSubentry ... Owner of the binding path: ...
(microsoft.public.windows.server.active_directory)
Re: Exchange reverse DNS problems
... reverse DNS lookup on my clients server. ... 1- I need to create an A record at their ISP or web provider DNS ...
(microsoft.public.windows.server.sbs)
Re: CEICW settings for static IP - need advice
... people wishing to access your website may forget about typing ... We need to tell DNS 'yeah, all the above is OK but I want to handle email on ... I recently went through a server rebuild that lasted ... since then we've gone from dial-up ISP to satellite ISP to ...
(microsoft.public.windows.server.sbs)
Re: AD management snap in cannot find DC (netdiag /v workstation)
... button, more button, the "Primary DNS suffix of this computer", it should ... The Security System could not establish a secured connection with the server ... Attr: subschemaSubentry ... Owner of the binding path: ...
(microsoft.public.windows.server.active_directory)