Re: Receiving a File Replication Service error on 2 DC's.

answer the questions I asked

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Eric Guzman" <EricGuzman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:19037ACA-173F-4F9D-95CC-A95472E8B7AF@xxxxxxxxxxxxxxxx
O.K. so should I first detect and recover from a USN rollback and if that
doesn't resolve my issue then perform a non-authoritative restore of my
sysvol on all the domain controllers? Will this cause any downtime?


"Paul Bergson [MVP-DS]" wrote:

I must have missed something Jorge, I couldn't find anything although it
does make sense that this is what happened.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx> wrote in message
news:ugiF3xAkIHA.4196@xxxxxxxxxxxxxxxxxxxxxxx
> USN rollback occur both in AD and the SYSVOL when restoring images of
> DCs...
>
> see:
> http://blogs.dirteam.com/blogs/jorge/archive/2006/03/08/597.aspx
>
> -- >
> Cheers,
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>
> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
> ------------------------------------------------------------------------------------------
> * How to ask a question --> http://support.microsoft.com/?id=555375
> ------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no
> rights!
> * Always test before implementing!
> ------------------------------------------------------------------------------------------
> #################################################
> #################################################
> ------------------------------------------------------------------------------------------
> "Eric Guzman" <EricGuzman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:256396F4-AF66-4AF3-8DEE-94E88D8276A2@xxxxxxxxxxxxxxxx
>>I will actually be building 2 new domain controllers and moving all >>FMSO
>> roles, DNS, WINS, and DHCP off all the current domain controllers and
>> eventually decomission them and only having the 2 new Domain >> Controllers.
>> Do
>> you think this will resolve my issues?
>>
>> "Paul Bergson [MVP-DS]" wrote:
>>
>>> I'm going to guess this occurred from doing a clone of your dc's, >>> this
>>> is
>>> not supported and can create issues with replication (NTDS), which is
>>> what
>>> it sounds like you are experiencing (There are ways to make this work
>>> but
>>> you have to shut off replication). Odd thing is I have only heard of
>>> this
>>> happening against NTDS not NTFRS, so I can't tell you this is what
>>> caused
>>> the issue, never the less read the following article on the fallout >>> from
>>> such an approach.
>>> http://support.microsoft.com/?id=875495
>>>
>>> I would recommend by starting with a non-authoritative restore of >>> your
>>> sysvol. I would start by making sure the DC you perform this on is
>>> treated
>>> as the authoritative one and set the burflg setting to D4.
>>>
>>> See:
>>> http://support.microsoft.com/kb/315457/
>>>
>>>
>>>
>>> -- >>> Paul Bergson
>>> MVP - Directory Services
>>> MCT, MCSE, MCSA, Security+, BS CSci
>>> 2008, 2003, 2000 (Early Achiever), NT4
>>>
>>> http://www.pbbergs.com
>>>
>>> Please no e-mails, any questions should be posted in the NewsGroup
>>> This posting is provided "AS IS" with no warranties, and confers no
>>> rights.
>>>
>>> "Eric Guzman" <Eric Guzman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in >>> message
>>> news:75CD313D-F26A-487F-9879-39A5872C7ED0@xxxxxxxxxxxxxxxx
>>> > The 2 domain controllers receive Event ID's 13555 and 13552 every >>> > day
>>> > a
>>> > couple of times. Restarting the services did not fix the issue. >>> > All
>>> > domain
>>> > controllers are running Windows 2003 Standard sp1. These servers >>> > were
>>> > cloned
>>> > about 5 months ago on new hardware and that's when the problem
>>> > started.
>>> > We
>>> > will be applying service pack 2 later today in hopes of fixing the
>>> > issue.
>>> > I
>>> > would like other alternatives to try and remedy the problem instead >>> > of
>>> > what
>>> > the logs say.
>>> >
>>> > Event ID 13555
>>> >
>>> > The File Replication Service is in an error state. Files will not
>>> > replicate
>>> > to or from one or all of the replica sets on this computer until >>> > the
>>> > following recovery steps are performed:
>>> >
>>> > Recovery Steps:
>>> >
>>> > [1] The error state may clear itself if you stop and restart the >>> > FRS
>>> > service. This can be done by performing the following in a command
>>> > window:
>>> >
>>> > net stop ntfrs
>>> > net start ntfrs
>>> >
>>> > If this fails to clear up the problem then proceed as follows.
>>> >
>>> > [2] For Active Directory Domain Controllers that DO NOT host any >>> > DFS
>>> > alternates or other replica sets with replication enabled:
>>> >
>>> > If there is at least one other Domain Controller in this domain >>> > then
>>> > restore
>>> > the "system state" of this DC from backup (using ntbackup or other
>>> > backup-restore utility) and make it non-authoritative.
>>> >
>>> > If there are NO other Domain Controllers in this domain then >>> > restore
>>> > the
>>> > "system state" of this DC from backup (using ntbackup or other
>>> > backup-restore
>>> > utility) and choose the Advanced option which marks the sysvols as
>>> > primary.
>>> >
>>> > If there are other Domain Controllers in this domain but ALL of >>> > them
>>> > have
>>> > this event log message then restore one of them as primary (data >>> > files
>>> > from
>>> > primary will replicate everywhere) and the others as
>>> > non-authoritative.
>>> >
>>> >
>>> > [3] For Active Directory Domain Controllers that host DFS >>> > alternates
>>> > or
>>> > other replica sets with replication enabled:
>>> >
>>> > (3-a) If the Dfs alternates on this DC do not have any other
>>> > replication
>>> > partners then copy the data under that Dfs share to a safe >>> > location.
>>> > (3-b) If this server is the only Active Directory Domain Controller
>>> > for
>>> > this domain then, before going to (3-c), make sure this server >>> > does
>>> > not
>>> > have
>>> > any inbound or outbound connections to other servers that were
>>> > formerly
>>> > Domain Controllers for this domain but are now off the net (and >>> > will
>>> > never
>>> > be
>>> > coming back online) or have been fresh installed without being
>>> > demoted. To
>>> > delete connections use the Sites and Services snapin and look for
>>> > Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS
>>> > Settings->CONNECTIONS.
>>> > (3-c) Restore the "system state" of this DC from backup (using
>>> > ntbackup or
>>> > other backup-restore utility) and make it non-authoritative.
>>> > (3-d) Copy the data from step (3-a) above to the original location
>>> > after
>>> > the sysvol share is published.
>>> >
>>> >
>>> > [4] For other Windows servers:
>>> >
>>> > (4-a) If any of the DFS alternates or other replica sets hosted by
>>> > this
>>> > server do not have any other replication partners then copy the >>> > data
>>> > under
>>> > its share or replica tree root to a safe location.
>>> > (4-b) net stop ntfrs
>>> > (4-c) rd /s /q c:\windows\ntfrs\jet
>>> > (4-d) net start ntfrs
>>> > (4-e) Copy the data from step (4-a) above to the original location
>>> > after
>>> > the service has initialized (5 minutes is a safe waiting time).
>>> >
>>> > Note: If this error message is in the eventlog of all the members >>> > of a
>>> > particular replica set then perform steps (4-a) and (4-e) above on
>>> > only
>>> > one
>>> > of the members.
>>> >
>>> > For more information, see Help and Support Center at
>>> > http://go.microsoft.com/fwlink/events.asp.
>>> >
>>> >
>>> > Event ID: 13552
>>> >
>>> > The File Replication Service is unable to add this computer to the
>>> > following
>>> > replica set:
>>> > "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
>>> >
>>> > This could be caused by a number of problems such as:
>>> > -- an invalid root path,
>>> > -- a missing directory,
>>> > -- a missing disk volume,
>>> > -- a file system on the volume that does not support NTFS 5.0
>>> >
>>> > The information below may help to resolve the problem:
>>> > Computer DNS name is "mcgcpdc.co.mchenry.il.us"
>>> > Replica set member name is "MCGCPDC"
>>> > Replica set root path is "c:\windows\sysvol\domain"
>>> > Replica staging directory path is >>> > "c:\windows\sysvol\staging\domain"
>>> > Replica working directory path is "c:\windows\ntfrs\jet"
>>> > Windows error status code is
>>> > FRS error status code is FrsErrorMismatchedJournalId
>>> >
>>> > Other event log messages may also help determine the problem. >>> > Correct
>>> > the
>>> > problem and the service will attempt to restart replication
>>> > automatically
>>> > at
>>> > a later time.
>>> >
>>> > For more information, see Help and Support Center at
>>>
>>>
>>>
>




.

Relevant Pages

  • Re: Receiving a File Replication Service error on 2 DCs.
    ... To migrate a domain controller, reboot the server, press F8 ... boot to Directory Services Restore Mode, and launch the SMP - P2P ... migration of domain controllers, see your HP account manager for the ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD does not start
    ... member server ... "Directory Services Restore Mode (Windows 2000 domain controllers only)" ... Master Operation roles (FSMO and the File Replication service). ...
    (microsoft.public.windows.server.active_directory)
  • Re: NTDS Replication
    ... The replication generated an error: ... The RPC server is unavailable.. ... Starting test: CrossRefValidation ... Domain controllers that do not replicate in a timely manner may ...
    (microsoft.public.windows.server.active_directory)
  • Re: Clients (random ones) unable to login to domain, reboot, then can?
    ... replication failure, and then repromote the sever back to being a DC. ... This network has 2 domain controllers, but 1 has been out of sync for ... Remote Desktop to the server, no problems, log out, and yet STILL ... Windows boots up like normal, prompts for name, pass, domain. ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows 2003 Server function level could not be raised
    ... which DNS servers the DCs point toward ... Event Source: NTDS Replication ... information from a number of domain controllers. ... This server is the owner of the following FSMO role, ...
    (microsoft.public.windows.server.setup)