Re: Replication errors/ LDAP won't bind
- From: "msteinhoff" <msteinhoff@xxxxxxxxxxxxxxxxx>
- Date: Tue, 7 Feb 2006 10:36:25 -0500
heh..the SRV records. As far asI can tell, it looks like the SRV records
are registered. I hope the information below is not confusing. I did
notice that in _msdcs => gc the port number is 3268 for ldap, not 389..could
that be a problem? I realize this is alot of information to look at, but I
am stumped.
Thanks in advance.
When I look in my primary dns I see this:
_msdcs.NRGOS.COM
dc
_sites
ME11(Sitename)(all other sites appear here as well)
_tcp(folder)
Name=_ldap, type=SRV, Data=[0][100][389]
me11server.nrgos.com
Name=_kerberos, type=SRV, Data=[0][100][88]
me11server.nrgos.com
_tcp
Name=_ldap, type=SRV, Data=[0][100][389] me11server.nrgos.com
Name=_kerberos, type=SRV, Data=[0][100][88] me11server.nrgos.com
domains
46b4bdcc-b330-49c9-a787-09ee91aea1e5 (SID??)
_tcp
Name=_ldap, type=SRV, Data=[0][100][389]
me11server.nrgos.com
gc
name=same as parent folder, type=A, Data=192.168.111.10(all other servers
have A records here as well)
_sites
Name=_ldap, type=SRV, Data=[0][100][3268] me11server.nrgos.com
Name=_ldap, type=SRV, Data=[0][100][3268] ceasar.nrgos.com
_tcp
Name=_ldap, type=SRV, Data=[0][100][3268] me11server.nrgos.com
pdc
_tcp
Name=_ldap, type=SRV, Data=[0][100][389] ceasar.nrgos.com
NRGOS.COM(on FSMO)
_msdcs
name=same as parent folder, type=NS, Data=ceasar.nrgos.com
_sites
ME11(Sitename)(all other sites appear here as well)
_tcp(folder)
Name=_ldap, type=SRV, Data=[0][100][389]
me11server.nrgos.com
Name=_kerberos, type=SRV, Data=[0][100][88]
me11server.nrgos.com
Name=_gc, type=SRV, Data=[0][100][3268] me11server.nrgos.com
Name=_gc, type=SRV, Data=[0][100][3268] ceasar.nrgos.com
(FSMO Master)
_tcp
Name=_ldap, Type=SRV, Data=[0][100][389] me11server.nrgos.com ( as
well as all the other servers)
Name=_kpasswd, Type=SRV, Data=[0][100][464] me11server.nrgos.com (
as well as all the other servers)
Name=_kerberos, Type=SRV, Data=[0][100][88] me11server.nrgos.com (
as well as all the other servers)
Name=_gc, type=SRV, Data=[0][100][3268] me11server.nrgos.com
_udp
Name=_kpasswd, Type=SRV, Data=[0][100][464] me11server.nrgos.com (
as well as all the other servers)
Name=_kerberos, Type=SRV, Data=[0][100][88] me11server.nrgos.com (
as well as all the other servers)
DomainDnsZones
_sites
ME11(Sitename)(all other sites appear here as well)
_tcp(folder)
Name=_ldap, type=SRV, Data=[0][100][389]
me11server.nrgos.com
_tcp
Name=_ldap, Type=SRV, Data=[0][100][389] me11server.nrgos.com ( as
well as all the other servers)
ForestDnsZones
_sites
ME11(Sitename)(all other sites appear here as well)
_tcp(folder)
Name=_ldap, type=SRV, Data=[0][100][389]
me11server.nrgos.com
_tcp
Name=_ldap, Type=SRV, Data=[0][100][389] me11server.nrgos.com ( as
well as all the other servers)
"msteinhoff" <msteinhoff@xxxxxxxxxxxxxxxxx> wrote in message
news:eUZ2g3%23KGHA.3100@xxxxxxxxxxxxxxxxxxxxxxx
Each Server points to itself for Primary DNS, and the FSMO master as
Secondary DNS. I will look into the SUV records being registered.
"pankaj_EPS_Support_Prof.."
<pankaj_EPS_Support_Prof..@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2772C49-94CF-40E8-A3A8-1470756DBAE5@xxxxxxxxxxxxxxxx
Hello,
It Looks like your DNS Configuration on ME11Server is not correct. Make
sure
you are pointing to internal DNS if you are poiting to ISP in Alternate ,
Stop doing that rather use DNS Forwader.
Another thing i suspect is SRV records in DNS - Make sure SRV's are
registered..
pankaj
"msteinhoff" wrote:
Hello all,
I have been struggling with replication errors for some time now.
Background: I have 11 servers in remote locations, all set up as sites
using
IP as the transfer protocol. I have a bridgehead server setup at the
corporate location, but only one remote server is able to replicate. I
have
compared the one good server to the bad servers, and cannot find any
differences(other than ISP).
I run DCDIAG /test:connectivity and I receive the following errors(on
all
servers but one):
Testing server: ME11\ME11SERVER
Starting test: Connectivity
[ME11SERVER] LDAP bind failed with error 1053,
The service did not respond to the start or control request in
a
timely fashion..
......................... ME11SERVER failed test Connectivity
I did some research and did some testing using the ldp tool. I was able
to
connect to the remote server, but enable to bind LDAP the out follows:
ld = ldap_open("me11server", 389);
Established connection to me11server.
Retrieving base DSA information...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
1> currentTime: 02/06/2006 13:31:05 Eastern Standard Time EasternDn:
Daylight
Time;
1> subschemaSubentry:
CN=Aggregate,CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
1> dsServiceName: CN=NTDS
Settings,CN=ME11SERVER,CN=Servers,CN=ME11,CN=Sites,CN=Configuration,DC=NRGOS,DC=COM;
5> namingContexts: DC=NRGOS,DC=COM; CN=Configuration,DC=NRGOS,DC=COM;
CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
DC=DomainDnsZones,DC=NRGOS,DC=COM; DC=ForestDnsZones,DC=NRGOS,DC=COM;
1> defaultNamingContext: DC=NRGOS,DC=COM;
1> schemaNamingContext: CN=Schema,CN=Configuration,DC=NRGOS,DC=COM;
1> configurationNamingContext: CN=Configuration,DC=NRGOS,DC=COM;
1> rootDomainNamingContext: DC=NRGOS,DC=COM;
22> supportedControl: 1.2.840.113556.1.4.319; 1.2.840.113556.1.4.801;
1.2.840.113556.1.4.473; 1.2.840.113556.1.4.528; 1.2.840.113556.1.4.417;
1.2.840.113556.1.4.619; 1.2.840.113556.1.4.841; 1.2.840.113556.1.4.529;
1.2.840.113556.1.4.805; 1.2.840.113556.1.4.521; 1.2.840.113556.1.4.970;
1.2.840.113556.1.4.1338; 1.2.840.113556.1.4.474;
1.2.840.113556.1.4.1339;
1.2.840.113556.1.4.1340; 1.2.840.113556.1.4.1413;
2.16.840.1.113730.3.4.9;
2.16.840.1.113730.3.4.10; 1.2.840.113556.1.4.1504;
1.2.840.113556.1.4.1852;
1.2.840.113556.1.4.802; 1.2.840.113556.1.4.1907;
2> supportedLDAPVersion: 3; 2;
12> supportedLDAPPolicies: MaxPoolThreads; MaxDatagramRecv;
MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime;
MaxPageSize; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize;
MaxNotificationPerConn; MaxValRange;
1> highestCommittedUSN: 74076;
4> supportedSASLMechanisms: GSSAPI; GSS-SPNEGO; EXTERNAL; DIGEST-MD5;
1> dnsHostName: ME11SERVER.NRGOS.COM;
1> ldapServiceName: NRGOS.COM:me11server$@NRGOS.COM;
1> serverName:
CN=ME11SERVER,CN=Servers,CN=ME11,CN=Sites,CN=Configuration,DC=NRGOS,DC=COM;
3> supportedCapabilities: 1.2.840.113556.1.4.800;
1.2.840.113556.1.4.1670;
1.2.840.113556.1.4.1791;
1> isSynchronized: TRUE;
1> isGlobalCatalogReady: TRUE;
1> domainFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
1> forestFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
1> domainControllerFunctionality: 2 = ( DS_BEHAVIOR_WIN2003 );
-----------
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, 1158); // v.3
{NtAuthIdentity: User=<unavailable>; Pwd= <unavailable>; domain =
'nrgos.com'.}
Error <85>: ldap_bind_s() failed: Timeout.
Server error: <empty>
I really need help in discerning why LDAP won't bind. I do not konw
where
to go from here.
.
- Follow-Ups:
- Re: Replication errors/ LDAP won't bind
- From: Paul Williams [MVP]
- Re: Replication errors/ LDAP won't bind
- References:
- Replication errors/ LDAP won't bind
- From: msteinhoff
- RE: Replication errors/ LDAP won't bind
- From: pankaj_EPS_Support_Prof..
- Re: Replication errors/ LDAP won't bind
- From: msteinhoff
- Replication errors/ LDAP won't bind
- Prev by Date: Re: Changing schema entries, issues with adprep /forestprep in upgrade to R2
- Next by Date: Re: multiple errors in Active Directory
- Previous by thread: Re: Replication errors/ LDAP won't bind
- Next by thread: Re: Replication errors/ LDAP won't bind
- Index(es):
Relevant Pages
|
