Re: "domainreplica" parameter in LDAP

Hello again,
the problem is that the server that "died" is not listed in the server list
(matadata cleanup).

"Paul Bergson [MVP-DS]" wrote:

You will have to clean up your metadata. Follow the steps below.

http://support.microsoft.com/?id=216498

This should clean things up for you.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7C0E4909-9B03-4A85-B035-B68C64EA665D@xxxxxxxxxxxxxxxx
NO the dc is not active. It "passed away" actually!
If I create a new dc with the same name, do you thing that I can fool AD?
I know that the SID will be different but...

"Paul Bergson [MVP-DS]" wrote:

Is the dc defined a currently active dc? If so go to a command prompt on
this dc and run

netdiag /fix
ipconfig /registerdns

Also check the following
http://support.microsoft.com/kb/241515/EN-US/

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:87709C11-56C4-4296-BD90-D446E0E5A798@xxxxxxxxxxxxxxxx
You are right. I got the following error:

Repadmin experienced the following error trying to resolve the DC_NAME:
dc*

Error: An error occured:

Win32 Error 8419(0x20e3): The DSA object could not be found.



"Paul Bergson [MVP-DS]" wrote:

I don't think that is an issue.

Lets look at your replication to see if there are any issues

repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:026445D4-EFCE-47DA-A4EB-77B8DBEE7FF3@xxxxxxxxxxxxxxxx
I found that too:

* Replications Check
DC=ForestDnsZones,DC=abc,DC=def,DC=com has 4 cursors.
DC=DomainDnsZones,DC=abc,DC=def,DC=com has 4 cursors.
CN=Schema,CN=Configuration,DC=abc,DC=def,DC=com has 5
cursors.
CN=Configuration,DC=abc,DC=def,DC=com has 5 cursors.
DC=abc,DC=def,DC=com has 5 cursors.
* Replication Latency Check
DC=ForestDnsZones,DC=abc,DC=def,DC=com
Latency information for 1 entries in the vector were
ignored.
1 were retired Invocations. 0 were either:
read-only
replicas and are not verifiably latent, or dc's no longer
replicating
this
nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=abc,DC=def,DC=com
Latency information for 1 entries in the vector were
ignored.
1 were retired Invocations. 0 were either:
read-only
replicas and are not verifiably latent, or dc's no longer
replicating
this
nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=abc,DC=def,DC=com

From where can I delete that cursor?


"Eleonora" wrote:

I can find only the following:

Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:51:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:51:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:02
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:02
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:16
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:16
(Event String could not be retrieved)
......................... DC_1 failed test systemlog

Nothing else. No errors no warnings no nothing! Any ideas? ( I have
alreay
checked against microsoft's database for the error)
Any ideas?

"Paul Bergson [MVP-DS]" wrote:

I don't have an answer for this. This is the only error you see?
How
about
in the Event Logs?

How about a dcdiag?


Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from
your
server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite >
c:\repl.txt

**Note: Using the /E switch in dcdiag will run diagnostics
against
ALL
dc's
in the forest. If you have significant numbers of DC's this test
could
generate significant detail and take a long time. You also want
to
take
into account slow links to dc's will also add to the testing
time.

When complete search for fail, error and warning messages.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and confers
no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1D197CB2-BEBC-4598-A8EF-49A88C368C10@xxxxxxxxxxxxxxxx
I have already done that and everything else is clean except
that.


"Paul Bergson [MVP-DS]" wrote:

Once you lose a dc and don't properly recover it, such as
seizing
the
roles,
you need to purge your metadata of old information from this
dead
dc.

http://support.microsoft.com/?id=216498

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and
confers
no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:2FBBABE2-B3C1-4C2B-A445-3BBC59BF6249@xxxxxxxxxxxxxxxx
Deal All,
in the LDP util while selecting the root of the forest
dc=abc,dc=def,dc=com
the parameter "domainreplica" has wrong value!
The server which name is there crashed some weeks ago and I
had
to
seize
all
the roles from that to another server.
Now everything else seems to be correct exept this one. (
text
below )
......................................
2> repsFrom: dwVersion = 1, V1.cb: 279,
V1.cConsecutiveFailures: 0
V1.timeLastSuccess: 12831215896 V1.timeLastAttempt:
12831215896
V1.ulResultLastAttempt: 0x0 V1.cbOtherDraOffset: 216
V1.cbOtherDra: 63
V1.ulReplicaFlags: 0x70 V1.rtSchedule: <ldp:skipped>
V1.usnvec.usnHighObjUpdate: 2357556
V1.usnvec.usnHighPropUpdate:
2357556
V1.uuidDsaObj: 719c062e-ba8b-4bc4-8fed-c73efdd1587b
V1.uuidInvocId:
cd20352b-0df7-4c20-bd4c-d45cbb096342 V1.uuidTransportObj:
00000000-0000-0000-0000-000000000000 V1~mtx_address:
719c062e-ba8b-4bc4-8fed-c73efdd1587b._msdcs.abc.def.com
V1.cbPASDataOffset: 0
V1~PasData: version = -1, size = -1, flag = -1 ; dwVersion =
1,
V1.cb:
279,
V1.cConsecutiveFailures: 0 V1.timeLastSuccess: 12831213478
V1.timeLastAttempt: 12831213478 V1.ulResultLastAttempt: 0x0
V1.cbOtherDraOffset: 216 V1.cbOtherDra: 63
V1.ulReplicaFlags:
0x30000070
V1.rtSchedule: <ldp:skipped> V1.usnvec.usnHighObjUpdate:
107974
V1.usnvec.usnHighPropUpdate: 107974 V1.uuidDsaObj:
29fd1cd6-6f25-4274-8306-2e801344d052 V1.uuidInvocId:
e9855607-e11b-4357-b12b-64cbeb7547e4 V1.uuidTransportObj:
00000000-0000-0000-0000-000000000000 V1~mtx_address:
29fd1cd6-6f25-4274-8306-2e801344d052._msdcs.abc.def.com
V1.cbPASDataOffset: 0
V1~PasData: version = -1, size = -1, flag = -1 ;
1> uSNChanged: 5245468;
1> name: ths;
1> objectGUID: 4372abea-f4ba-49e3-8c33-bc1ee017ea0d;
1> replUpToDateVector: <ldp error: cannot process
UPDATE_VECTOR
v.2>;
1> creationTime: 02/18/1998 18:23:22 GTB Standard Time GTB
Daylight
Time;
1> forceLogoff: 0 (none);
1> lockoutDuration: 1800;
1> lockOutObservationWindow: 1800;
1> lockoutThreshold: 5;
1> maxPwdAge: 3456000;
1> minPwdAge: 0 (none);
1> minPwdLength: 8;
.

Relevant Pages

  • Re: Advice Needed on Migration
    ... For the new DC/DNS i would only use the existing DC/DNS 25.14.168.11 as preferred until AD/DNS replication is done complete, after that change the ip to itself as preferred and use the other DNS server as secondary. ... EventID: 0xC0001B78 ... (Event String could not be retrieved) ... Starting test: CrossRefValidation ...
    (microsoft.public.windows.server.migration)
  • Re: Secondary domain controller can not talk to SBS server
    ... I have an SBS server and another domain controller at a remote site. ... The replication generated an error: ... EventID: 0x8000061E ... Event String: All domain controllers in the following site ...
    (microsoft.public.windows.server.sbs)
  • Re: Replication Issues
    ... other dc or its dns server? ... What is your replication topology etc? ... EventID: 0x8000061E ... Event String: All domain controllers in the following site ...
    (microsoft.public.windows.server.active_directory)
  • Re: SA hungs on starting
    ... Testing server: Corporate\BBOEHMEI ... EventID: 0x00000457 ... Event String: The printer could not be installed. ... Microsoft Exchange System Attendant failed to start. ...
    (microsoft.public.exchange2000.admin)
  • Re: Windows Server 2008 w/Exchange 2007 Authentication on Active D
    ... EventID: 0x825A0011 ... Event String: Time Provider NtpClient: An error occurred during ... The DHCP service failed to see a directory server ...
    (microsoft.public.windows.server.general)