Re: Intersite Replication problem

Thanks, I followed Antony's DNS advise and I seens to be working. I think the
problem was the DNS.

Regarding the RPC ports and timeouts, since I'm using MS VPN servers to
connect from both locations and then initiate the replication I shouln't have
a problem since the VPN encapsulates all trafic, or not????

This is what I'm doing:
1. I've modified the default-site-link to replicate at 01:00 p.m every day.
2. To perform the replication I've schedule a task on the W3K server to dial
the VPN connection to the Root W2K server at 11:45p every day.

The W3K server has a AD integrated zone for its own
domain=manufacturing.domain.local and a secudary zone for the root
domain.local. I've also configure both DNS servers as forwarders to each
other and the internet.

Please let me know if you have any advise for this procedure
Thanks in advance







"Jorge Silva" wrote:

Hi

Make sure that the DNS is working correctly, restart netlogon service,
remove any old (outdated) entries in each DNS, restart nelogon service, run
netdiag /fix, check event log for errors and run dcdiag and netdiag commands
and check for output errors.
As for RPC The default value for the RPC Replication Timeout (mins) registry
setting on Windows 2000-based computers is 45 minutes. The default value for
the RPC Replication Timeout (mins) registry setting on Windows Server
2003-based computers is 5 minutes. When you upgrade the operating system
from Windows 2000 to Windows Server 2003, the value for the RPC Replication
Timeout (mins) registry setting is changed from 45 minutes to 5 minutes. If
a destination domain controller that is performing RPC-based replication
does not receive the requested replication package within the time that the
RPC Replication Timeout (mins) registry setting specifies, the destination
domain controller ends the RPC connection with the non-responsive source
domain controller and logs a Warning event.
- Remote Procedure Call (RPC) dynamic port allocation is used by remote
administration applications such as Dynamic Host Configuration Protocol
(DHCP) Manager, Windows Internet Name Service (WINS) Manager, and so on. RPC
dynamic port allocation will instruct the RPC program to use a particular
random port above 1024.

- By default, RPC dynamically allocates ports in the range of 1024 to 5000
for endpoints that do not specify a port on which to listen.

Active Directory changes do not replicate in Windows Server 2003

http://support.microsoft.com/?kbid=830746

How to configure RPC dynamic port allocation to work with firewalls

http://support.microsoft.com/?kbid=154596

How to configure RPC to use certain ports and how to help secure those ports
by using IPSec

http://support.microsoft.com/kb/908472

How to troubleshoot RPC Endpoint Mapper errors

http://support.microsoft.com/kb/839880/en-us

Relocate and reduce the RPC dynamic port range by using RPCCfg.exe

To relocate and reduce the RPC dynamic port range by using RPCCfg.exe,
follow these steps:

1 - Copy RPCCfg.exe to the server that is to be configured

2 - At the command prompt, type rpccfg.exe -pe 5001-5021 -d 0.
Note This port range is recommended for use by RPC endpoints because ports
in this range are not likely to be allocated for use by other applications.
By default, RPC uses the port range of 1024 to 5000 for allocating ports for
endpoints. However, ports in this range are also dynamically allocated for
use by the Windows operating system for all Windows sockets applications and
can be exhausted on heavily used servers such as terminal servers and
middle-tier servers that make many outgoing calls to remote systems.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Alvaro Soto" <AlvaroSoto@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:22E6E41D-418F-4604-A9ED-482441094615@xxxxxxxxxxxxxxxx
Issue: can't replicate a child domain with its root domain through a VPN
connection. The error "The following error occurred during the attempt to
contact the DC "xxx" the RPC Server is unavailable" appears when the
replication is manually started from the Dssite.msc

We have two physical locations HQ and Manufacturing. Both locations use
private IP addresses and have no direct Wan-link connection between them.
HQ
has the W2K root DC "domain.local" with an IP range 192.168.1.0.
Manufacturing is functioning as a workgroup with the IP range 192.168.0.0.
Each location has a dedicated ADSL connection to the Internet.

Recently a new W3K server was configured at HQ as a child domain
"manufacturing.domain.local" to function as a new DC for the Manufacturing
office. After the successful dcpromo a new DNS delegation record was
created
for the manufacturing.domain.local at the domain.local DNS server and a
new
forward lookup zone for manufacturing.domain.local was created on the W3K
server now a DC for the manufacturing.domain.local.
At HQ the IP address for the W3K was change from 192.168.1.99 to
192.168.0.1
the DNS delegation record was edited to reflect the change. Then on the
W2K
root DC Dssite.msc the W3K server was configure as a GC and a new Site,
Subnet and Site link was configure for its location as follows:
Site=manufacturing
Subnet=192.168.0.1/24
Site Links= Defaul-Site-Link ; RCP-IP that connects HQ with Manufacturing
with an after hours schedule.

The W3K server was then relocated to the manufacturing location and a VPN
server was configured on it to connect with HQ and allow the active
directory
replication. From HQ after connecting through the VPN to Manufacturing
Dssite.msc is used to manually start the replication, after couple of
minutes
the message "The RCP server couldn't be contacted appears".

Also when I try to create users on the W3K for the manufacturing domain
and
the error "Windows cannot verify that the user name is unique because the
following error occurred while contacting the global catalog: The server
is
not operational". I've configured the W3K server to be a GC using
Dssite.msc
but there are no GC records on the W3K DNS server.

What can I do to fix these issues?
Thanks in advance



.

Relevant Pages

  • Re: Intersite Replication problem
    ... As for RPC The default value for the RPC Replication Timeout registry ... from Windows 2000 to Windows Server 2003, the value for the RPC Replication ... Remote Procedure Call dynamic port allocation is used by remote ...
    (microsoft.public.windows.server.active_directory)
  • Re: Active Directory Replication Problem...
    ... Better you can use a forwarder on the DNS server properties in the DNS management console. ... So you have internally all clients using the internal DNS servers and the server 4 is the only DNS forwarding to the internet over your Broadband connection default gateway. ... The RPC server is unavailable. ... The last success occurred at 2008-05-03 14:43.11. ...
    (microsoft.public.win2000.active_directory)
  • Re: Forest Root DC Single Label host name
    ... Connecting to directory service on server directory. ... Check the DNS server, DHCP, server name, etc ... Last attempt @ 2008-03-03 11:52.23 was successful. ... Default-First-Site-Name\DIRECTORY via RPC ...
    (microsoft.public.win2000.active_directory)
  • Re: Cant access web on local network server
    ... Yes my Windows 2003 R2 Standard Server is a DC domain controller. ... How do I open DNS for the outside? ... What port should I give access to? ...
    (microsoft.public.windows.server.general)
  • Re: RPC Traffic causing Domain Controller Synchronization issues
    ... Except for the server in SiteB that isn't ... primary DNS server. ... What action am I performing when RPC fails? ...
    (microsoft.public.windows.server.active_directory)