Re: Active directory replication problems
- From: "Harj" <cisqokid@xxxxxxxxx>
- Date: 24 Aug 2006 11:22:39 -0700
Hi,
Have you checked to make sure the secure channel between these machines
is still intact?
Nltest Overview
http://technet2.microsoft.com/WindowsServer/en/library/ea7f8494-ee1e-4d99-b28f-8f2fd8a72df21033.mspx?mfr=true
Harj Singh
Power Your Active Directory Investment
www.specopssoft.com
J wrote:
I can initiate replication from Server1 to Server2 but I cannot initiate
replication from server2 to server1
J
"Harj" <cisqokid@xxxxxxxxx> wrote in message
news:1156280010.760097.26500@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
Internal event: Active Directory could not synchronize the following
directory partition with the domain controller at the following network
address.
Directory partition:
DC=mbiri,DC=com
Network address:
d8055eba-fec9-4050-b114-38f977a2022e._msdcs.<domain>.com
There should be something else there such as why it cannot replicate
included with the RPC server is unavailable.
RPC errors are usually, well at least with my experience either an
issue with DNS or ports.
How to troubleshoot RPC Endpoint Mapper errors
http://support.microsoft.com/?id=839880
To get DNS out of the picture I would do the following
I would first point the W2K DC to the W2K3 SBS server for primary DNS.
I would delete the automatic connection objects within sites and
services (hoping they are there in the first place)
From the W2K command prompt type in ipconfig /flushdns & ipconfig/registerdns & net stop netlogon & net start netlogon.
Wait for the connection objects to be recreated by the KCC and the stop
and start the NTFRS service on both machines and then see what kind of
errors you are getting.
You mention that you can telnet on port 135, well that is good but how
about the following ports?
Port/protocol
RPC endpoint mapper
135/tcp, 135/udp
Network basic input/output system (NetBIOS) name service
137/tcp, 137/udp
NetBIOS datagram service
138/udp
NetBIOS session service
139/tcp
RPC dynamic assignment
1024-65535/tcp
Server message block (SMB) over IP (Microsoft-DS)
445/tcp, 445/udp
Lightweight Directory Access Protocol (LDAP)
389/tcp
LDAP ping
389/udp
LDAP over SSL
636/tcp
Global catalog LDAP
3268/tcp
Global catalog LDAP over SSL
3269/tcp
Kerberos
88/tcp, 88/udp
Domain Name Service (DNS)
53/tcp1, 53/udp
Active Directory Replication over Firewalls
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx
I would try first what I mentioned above in regards to DNS.
Just because you can ping a machine with FQDN does not tell me that DNS
is working fine. Pinging by name resolution is great but how about
service records?
Harj Singh
Power Your Active Directory Investment
www.specopssoft.com
J wrote:
Hi,
I'm sorry for posting this in seperate locations. I just subscribed
to
this newsgroup. I have SBS 2003 as the PDC and 2000 as a domain
controller
in another site. I've been having AD replication problems. I checked
DNS
and it seems to be configured properly. I used DNSLint and didn't find
any
problems with name resolution. Is there a way can repair AD without
havin
to reinstall SBS 2003? Is there a utility that I can run to do more
troublshooting.
In the event log, there are some entries...
1722 The RPC server is unavailable - I can telnet on port 135...I can do
a
net view \\<servername> successfully
Internal event: Active Directory could not synchronize the following
directory partition with the domain controller at the following network
address.
Directory partition:
DC=mbiri,DC=com
Network address:
d8055eba-fec9-4050-b114-38f977a2022e._msdcs.<domain>.com
Any ideas will be great
Thanks in advance
J
.
- References:
- Prev by Date: Re: Question regarding restoring DCs of FSMO role holders ...
- Next by Date: Re: Workstation only sees 1 network share
- Previous by thread: Re: Active directory replication problems
- Next by thread: Re: ADFS and SSL Certificates
- Index(es):
Relevant Pages
|
Loading
