NTDS replication problems...

Hi!

I have a site where 2 of three domain controllers are frequently having
troubles replicating user accounts objects updates between them.

We first get:

Type de l'événement : Avertissement
Source de l'événement : NTDS Replication
Catégorie de l'événement : Replication
ID de l'événement : 1083
Date : 2006-10-03
Heure : 14:00:13
Utilisateur : NT AUTHORITY\ANONYMOUS LOGON
Ordinateur : DC01
Description :
Active Directory could not update the following object with changes received
from the domain controller at the following network address because Active
Directory was busy processing information.

Object:
CN=xyz,OU=users,DC=cie,DC=com
Network address:
1eea42c-d8e-ffb-e3d-2b433014266f._msdcs.cie.com

This operation will be tried again later.

And just after this message, we get:

Type de l'événement : Informations
Source de l'événement : NTDS Replication
Catégorie de l'événement : Replication
ID de l'événement : 1955
Date : 2006-10-03
Heure : 14:00:13
Utilisateur : NT AUTHORITY\ANONYMOUS LOGON
Ordinateur : DC01
Description :
Active Directory encountered a write conflict when applying replicated
changes to the following object.

Object:
CN=xyz,OU=users,DC=cie,DC=com
Time in seconds:
0

Event log entries preceding this entry will indicate whether or not the
update was accepted.

A write conflict can be caused by simultaneous changes to the same object or
simultaneous changes to other objects that have attributes referencing this
object. This commonly occurs when the object represents a large group with
many members, and the functional level of the forest is set to Windows 2000.
This conflict triggered additional retries of the update. If the system
appears slow, it could be because replication of these changes is occurring.

User Action
Use smaller groups for this operation or raise the functional level to
Windows Server 2003.

Since this is always related to users objects, I don't think raising the
forest level to Server 2003 will help. Those 3 servers are relatively new
(idle almost all the times), and they are configured with the /3GB switch.

What is strange, this is always occuring betwen those 2 servers (GC), the
third one seem to works perfectly (not GC)...

This is happening 4-5 times a day...

I tried to reset sites NTDS connections, and now, I was thinking of demoting
and re-promoting one of the problematics server.

Nothing else to check?

Claude Lachapelle
Systems Administrator, MCSE
.

Relevant Pages

  • RE: Intersite authentication problem
    ... Have you checked to make sure that your domain controllers are replicating ... its corresponding _msdcs zone information. ... > System Manager failed to retrieve queues for the SMTP Virtual Server ...
    (microsoft.public.windows.server.general)
  • Re: primary DC down, secondary no global catalog server
    ... The PAS is built by replicating the objects and necessary attributes from other domain controllers in other domains. ... Also, if that machine was running DNS, ensure the clients are able to point to another DNS server and that that server holds a copy of the necessary zones. ...
    (microsoft.public.windows.server.active_directory)
  • Demoting Domain Controller
    ... fourth Windows 2000 Server. ... three domain controllers running Windows 2003 Server Edition but with Forest ... and Domain Functional Level at Windows 2000????? ...
    (microsoft.public.windows.server.general)
  • Re: DCs will not replicate
    ... and what has occurred before it stopped replicating? ... MVP Windows Server - Directory Services ... > one of my domain controllers will not replicate with my pdc emulator. ... > controller %Server name% The naming context is in the process of being ...
    (microsoft.public.windows.server.active_directory)
  • adprep command to promot new domain controller
    ... domain controllers running Win 2003 ... I added another Win 2003 server and tried to promote it to a domain ... I don't know how we got two Win2003 domain controllers without adprep ever ... I am not quite ready to raise the domain functional level - I'm not sure ...
    (microsoft.public.windows.server.migration)