Re: "domainreplica" parameter in LDAP

Hi,
I tried with servers located to the second site I have but I am getting the
same errors.
I found the DN of the parameter today ( the name had an - between ) and I
posted a question today....
Could you please check it?
I am getting some error in LDP .....
Thanks in Advance

"Paul Bergson [MVP-DS]" wrote:

I'm unsure what to tell you. It is obviously in metadata but I don't know
how you are going to get at it. If there is more than one dc, have you
attempted to bind to a different dc from a diffrent location?

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F188C65A-F969-496C-990C-69B4435FA8D4@xxxxxxxxxxxxxxxx
I followed the hole procedure from the begining and I also did the metadata
cleanup process and everything confirmed fine. But the "domainreplica"
value
did not changed. The value is wrong pointing to the "removed" server. Due
to
that I cannot update the Schema of the domain...

Is there something else that i am missing???

Thanks in Advance

"Eleonora" wrote:

The server is not in either sites. The documents you reffering.... I have
checked them all. But in all of them you have to see the server entry to
proceed.
In my case the only thing we can actually see is the "domainReplica
value".

The p[roblem is that in that particular domain I cannot extend the Shema
for
Exchange 2003 objects...
I did search all the articles in Micrososft with the error I am getting:

Either you do not have permission to update the Active Directory schema
or
Active Directory service is currently too busy. -- ID:62081 --
[14:49:16] The component "Microsoft Exchange Forest Preparation" cannot
be
assigned the action "ForestPrep" because:
- Either you do not have permission to update the Active Directory
schema
or Active Directory service is currently too busy.

After that reaserch I end up to the fact that a domain controller did not
demoted properly.
Any other ideas?

"Paul Bergson [MVP-DS]" wrote:

Did you check all the sites available in case you thought about it
being in
a site other than what was expected. This data should be in there and
you
have to get it cleaned up.

Go to the link below and see if you followed steps 26, 27 and 28

http://www.pbbergs.com/windows/articles/TestDomain.html

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BD6D7006-16D6-4C2B-AABB-BA9AD299A4A0@xxxxxxxxxxxxxxxx
Hello again,
the problem is that the server that "died" is not listed in the
server
list
(matadata cleanup).

"Paul Bergson [MVP-DS]" wrote:

You will have to clean up your metadata. Follow the steps below.

http://support.microsoft.com/?id=216498

This should clean things up for you.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7C0E4909-9B03-4A85-B035-B68C64EA665D@xxxxxxxxxxxxxxxx
NO the dc is not active. It "passed away" actually!
If I create a new dc with the same name, do you thing that I can
fool
AD?
I know that the SID will be different but...

"Paul Bergson [MVP-DS]" wrote:

Is the dc defined a currently active dc? If so go to a command
prompt
on
this dc and run

netdiag /fix
ipconfig /registerdns

Also check the following
http://support.microsoft.com/kb/241515/EN-US/

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and confers
no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:87709C11-56C4-4296-BD90-D446E0E5A798@xxxxxxxxxxxxxxxx
You are right. I got the following error:

Repadmin experienced the following error trying to resolve the
DC_NAME:
dc*

Error: An error occured:

Win32 Error 8419(0x20e3): The DSA object could not be found.



"Paul Bergson [MVP-DS]" wrote:

I don't think that is an issue.

Lets look at your replication to see if there are any issues

repadmin.exe /showrepl dc* /verbose /all /intersite >
c:\repl.txt

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and
confers no
rights.

"Eleonora" <Eleonora@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:026445D4-EFCE-47DA-A4EB-77B8DBEE7FF3@xxxxxxxxxxxxxxxx
I found that too:

* Replications Check
DC=ForestDnsZones,DC=abc,DC=def,DC=com has 4
cursors.
DC=DomainDnsZones,DC=abc,DC=def,DC=com has 4
cursors.
CN=Schema,CN=Configuration,DC=abc,DC=def,DC=com has
5
cursors.
CN=Configuration,DC=abc,DC=def,DC=com has 5 cursors.
DC=abc,DC=def,DC=com has 5 cursors.
* Replication Latency Check
DC=ForestDnsZones,DC=abc,DC=def,DC=com
Latency information for 1 entries in the
vector
were
ignored.
1 were retired Invocations. 0 were either:
read-only
replicas and are not verifiably latent, or dc's no longer
replicating
this
nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=abc,DC=def,DC=com
Latency information for 1 entries in the
vector
were
ignored.
1 were retired Invocations. 0 were either:
read-only
replicas and are not verifiably latent, or dc's no longer
replicating
this
nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=abc,DC=def,DC=com

From where can I delete that cursor?


"Eleonora" wrote:

I can find only the following:

Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:51:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:51:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:02
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:02
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:16
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/11/2007 09:52:16
(Event String could not be retrieved)
......................... DC_1 failed test
systemlog

Nothing else. No errors no warnings no nothing! Any ideas?
( I
have
alreay
checked against microsoft's database for the error)
Any ideas?

"Paul Bergson [MVP-DS]" wrote:

I don't have an answer for this. This is the only error
you
see?
How
about
in the Event Logs?

How about a dcdiag?


Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install
them
from
your
server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite >
c:\repl.txt

**Note: Using the /E switch in dcdiag will run
diagnostics
against
ALL
dc's
in the forest. If you have significant numbers of DC's
this
test
could
generate significant detail and take a long time. You
also
want
to
.

Relevant Pages

  • Re: Advice Needed on Migration
    ... For the new DC/DNS i would only use the existing DC/DNS 25.14.168.11 as preferred until AD/DNS replication is done complete, after that change the ip to itself as preferred and use the other DNS server as secondary. ... EventID: 0xC0001B78 ... (Event String could not be retrieved) ... Starting test: CrossRefValidation ...
    (microsoft.public.windows.server.migration)
  • Re: Secondary domain controller can not talk to SBS server
    ... I have an SBS server and another domain controller at a remote site. ... The replication generated an error: ... EventID: 0x8000061E ... Event String: All domain controllers in the following site ...
    (microsoft.public.windows.server.sbs)
  • Re: "domainreplica" parameter in LDAP
    ... The server is not in either sites. ... MVP - Directory Services ... EventID: 0x00000457 ... (Event String could not be retrieved) ...
    (microsoft.public.windows.server.active_directory)
  • Re: Replication Issues
    ... other dc or its dns server? ... What is your replication topology etc? ... EventID: 0x8000061E ... Event String: All domain controllers in the following site ...
    (microsoft.public.windows.server.active_directory)
  • Re: "domainreplica" parameter in LDAP
    ... MVP - Directory Services ... Lets look at your replication to see if there are any issues ... EventID: 0x00000457 ... (Event String could not be retrieved) ...
    (microsoft.public.windows.server.active_directory)