Re: LDAP/AD Problems Related to WAN?
- From: "Erik Cheizoo" <echeizoo.XenD.nl@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 6 Feb 2007 09:52:11 +0100
You can use the ping utility to find the end-to-end MTU size:
ping.exe <dest> -f -l <size>
The -f switch prevents fragmentation of packets, the -l switch determines the packet size. If a packet size larger then the MTU is sent, no responses will be received (or an error is returned if it is enabled on the routers). The following article explains in more detail: http://support.microsoft.com/kb/314825
--
Kind regards,
Erik Cheizoo
eXcellence & Difference - we keep your business running
============================================
Always test in a non-production environment before implementing
Guidelines for posting: http://support.microsoft.com/?id=555375
============================================
"Andrew Hayes" <AndrewHayes@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:687A1273-D9EF-4DC6-8F1D-EF233CE4A219@xxxxxxxxxxxxxxxx
Hello again Paul. Thanks for the reply.
As you guessed, yes this WAN is a VPN between 2 Yamaha RTX1000 routers.
Don't have a great deal of information about them though as they are not our
equipment, but I would think that if the PMTU size was the issue it would
affect all communications between here and there. That is not the case. We
have other domain controllers for different forests at the remote location,
and the member servers for those domains that we have here don't have any
difficulties.
But, for future reference, how would I determine the PMTU size if I cannot
access the router configuration?
Moving on. NETDIAG is version 5.2.3790.1830 (srv03_sp1_rtm.050324-1447),
installed from a W2K3 with SP1 DVD, so I don't think that is the problem.
What I have done though is installed a new DC locally (in case the latency on
the WAN was causing problems), but that highlighted a different issue which
may be a cause or symptom of the problem I'm having with the member servers.
It seems that the second DC at the remote site cannot communicate over the
WAN either. That is, the new (third) DC is getting replication errors for the
second DC at the remote site, but not the first DC (the PDC) at the remote
site.
Starting to sound like an episode of "House", and I'm beginning to feel like
a dog chasing its tail. :-(
I've increased the size of the RPC Replication Timeout as per KB830746, and
while I was in the registry I also upped the Diagnostics levels to 5 for RPC
Client, Replication, Internal Processing, LDAP, Name Resolution and KCC. What
I'm seeing is that the RPC call from DC3 to DC2 is failing, and that is
having a domino effect on the whole of the replication process.
Next step for me is to determine the reason for the RPC failure. To that end
I'll be performing network traces on both DC's, and RPCpinging. Will let you
know what I find.
Cheers.
.
- Prev by Date: Re: Computers left in AD after taken off network?
- Next by Date: Re: Password Expire
- Previous by thread: Re: Force user logoff's in GPO
- Next by thread: Re: LDAP/AD Problems Related to WAN?
- Index(es):
Relevant Pages
|
