Re: Issue with DC
- From: Jack T. <JackT@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 1 Feb 2007 18:21:01 -0800
I did that but still got the the following error:
The following error occurred during the attempt to synchronize naming
context TD.com from domain controller TD1 to domain controller TD2:
"the active directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime"
This operation will not continue.
I checked the event viewer and event ID 2042 (NTDS replication) showed up.
"Jorge Silva" wrote:
this is alittle confused.....
Assuming that TD1 has the proper DNS infrastruture, try the following:
- Make Sure that TD1 point to itself under NIC Preferred DNS.
- Go to
- Make Sure that All other Servers point to TD1 under NIC Preferred DNS.
- Make Sure that DNS Zone on TD1 is Active Directory integrated and allow
Dynamic updates.
- Go to TD2 and under NIC Preferred DNS point it to TD1 ipaddress.
- run ipconfig /registerdns on both servers.
- Restart netlogon service in both servers.
- Force replication.
Also check
http://support.microsoft.com/?id=241515
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE
"Jack T." <JackT@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6107541C-306C-432C-B087-D3606675C5CF@xxxxxxxxxxxxxxxx
also, it's Active Directory integrated. TD1 is the primary server.
"Jack T." wrote:
I have 2 DCs (TD1 and TD2). TD1 has FMSO roles (operations masters - RID,
PDC, Infrastructure).
If I log on to TD1, I can access both DNS servers (TD1 and TD2). If I log
on
to TD2, I can only access DNS on TD2. When I try to access DNS on TD1, I
got
this error message: "you do not have permission to access this DNS
server. To
retru the connection, either press F%, or on the Action menu, click
Refresh."
I checked the event logs and got this error:
"A zone transfer request for the secondary zone TD.COM was refused by the
master DNS server at 192.168.1.6. Check the zone at the master server
192.168.1.6 to verify that zone transfer is enabled to this server. To
do
so, use the DNS console, and select master server 192.168.1.6 as the
applicable server, then in secondary zone TD.COM Properties, view the
settings on the Zone Transfers tab. Based on the settings you choose,
make
any configuration adjustments there (or possibly in the Name Servers tab)
so
that a zone transfer can be made to this server."
Jack T.
"Jorge Silva" wrote:
Can you explain how DCs/DNS are configured?
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE
"Jack T." <JackT@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:01E43B85-A5CA-43D5-8B47-CDD3B56D2445@xxxxxxxxxxxxxxxx
Thank you for your quick response.
1. No. I have no FW between these 2 DCs.
2. I did that and got the following error:
"The following error occurred during the attempt to synchronize
naming
context TD.com from domain controller TD1 to domain controller TD2:
the
target principal is incorrect. This operation will not continue."
When I forced the replication from TD2 to TD1, I got the following:
"Active Directory has replicated the connections".
Jack T.
"Jorge Silva" wrote:
Hi
Do you have any FW between these DCs?
If yes Check
Active Directory in Networks Segmented by Firewalls
http://www.microsoft.com/downloads/details.aspx?FamilyID=c2ef3846-43f0-4caf-9767-a9166368434e&DisplayLang=en
How to configure Windows Server 2003 SP1 firewall for a Domain
Controller
http://support.microsoft.com/kb/555381
Restart Netlogon service, and make sure that you can force
replication
between the 2 DCs
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE
"Jack T." <Jack T.@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:52095FBA-ABF9-4A7B-9513-F7D44F43A498@xxxxxxxxxxxxxxxx
Hi all,
I have 2 DCs. DC1 was infected with virus and malware, so I took
it
offline
for a while. When I brought DC1 back online, I ran dcdiag on DC2
and
got
this
error message:
Testing server: Default-First-Site-Name\td02
Starting test: Connectivity
The host
d6894b62-f43c-45b2-9647-6981c09cbc2c._msdcs.TD.COM
could
not be resolved to an IP address. Check the DNS server, DHCP,
server
name,
etc
Although the Guid DNS name
(d6894b62-f43c-45b2-9647-6981c09cbc2c._msdcs.TD.COM) couldn't be
resolved,
the server name (td02.TD.COM) resolved to the IP address
(192.168.1.5)
and
was pingable. Check that the IP address is registered correctly
with
the
DNS
server.......................... td02 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\TD02
Skipping all tests, because server TD02 is not responding to
directory
service requests
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed,
error
1355
A Global Catalog Server could not be located - All GC's
are
down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... TD.COM failed test FsmoCheck
I ran dcdiag on DC1 and got the following:
Testing server: Default-First-Site-Name\TD01
Starting test: Replications
[TD02] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
How do I fix this issue? Please help.
Thanks in advance,
Jack T.
- Follow-Ups:
- Re: Issue with DC
- From: Jorge Silva
- Re: Issue with DC
- References:
- Re: Issue with DC
- From: Jorge Silva
- Re: Issue with DC
- From: Jack T.
- Re: Issue with DC
- From: Jorge Silva
- Re: Issue with DC
- From: Jack T.
- Re: Issue with DC
- From: Jack T.
- Re: Issue with DC
- From: Jorge Silva
- Re: Issue with DC
- Prev by Date: Re: DNS not updating
- Next by Date: Re: Duplicate UPNs and "default UPN"
- Previous by thread: Re: Issue with DC
- Next by thread: Re: Issue with DC
- Index(es):
Relevant Pages
|
