Re: NTDS Replication Event ID 1083/1955
- From: Meinolf Weber [MVP-DS] <meiweb(nospam)@gmx.de>
- Date: Tue, 3 Feb 2009 14:10:10 +0000 (UTC)
Hello Dudley,
The output's are this big because the complete domain is checked once including all DC's. You can also run the commands only as e.g. dcdiag /v on the DC's one by one.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Meinolf and Paul,
I compiled the information you requested, but it is 240 pages long. Is
there a limit to the size one post can be? Also, for security reasons
I may need to rename sites, DCs, and domains in the post. I'm don't
want to complicate things but I have security concerns about posting
that amount of information about our internal network on an open
forum.
To answer Meinolf's question about resotred DCs or VM snapshots, there
haven't been any restored DCs in the time that I have been the AD guy
here. We did have a DC that was "misplaced" last summer during a move.
That DC has been recovered, but it was forcible removed from AD prior
to it being found. There was a FSMO role that was seized from that DC.
The DC was not reconnected to the network. That DC was in subdomain2,
the same domain that now has the RID pool issue. The DC that is
reporting the issue is not the RID manager, but is one of the other
DCs in subdomain2.
Paul,
We have two DNS servers one that is a DC in the forest root domain and
a second that is not a DC in subdomain1. On the non-DC DNS server
there was single instance of an error in the DNS server event log:
Type: Error
Event: 6525
Date Time: 1/27/2009 8:29:25 AM
Source: DNS
ComputerName: W1
Category: None
User: N/A
Description: A zone transfer request for the secondary zone
domain.local
was refused by the master DNS server at 10.96.1.41. Check the zone at
the
master server 10.96.1.41 to verify that zone transfer is enabled to
this
server. To do so, use the DNS console, and select master server
10.96.1.41
as the applicable server, then in secondary zone domain.local
Properties,
view the settings on the Zone Transfers tab. Based on the settings
you
choose, make any configuration adjustments there (or possibly in the
Name
Servers tab) so that a zone transfer can be made to this server.
Any help is appreciated.
Thanks
"Paul Bergson [MVP-DS]" wrote:
From one of the dc's in the child domain (Unless you did this
already) re-run dcdiag and netdiag
Are there any messages in the dns event log in the child domain?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Dudley" <Dudley@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:74DC10ED-43A1-4575-A50B-AF6E6F4EAD4E@xxxxxxxxxxxxxxxx
Thanks for the help.
Dcdiag revealed this in one of the child domains:
* Warning :There is less than 13% available RIDs in the current pool
and this for DNS:
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not
secure domain.local
Netdiag gave these warnings on all DCs (forest-wide):
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
NetBT name test. . . . . . . . . . : Passed
No NetBT scope defined
[WARNING] You don't have a single interface with the <00>
'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.
DNSLint found all DCs and resolved IPs correctly.
Replmon looked fine on all DCs.
--
Dudley
MCP, MCDST
"Paul Bergson [MVP-DS]" wrote:
Run diagnostics against your Active Directory domain.
If you don't have the support tools installed, install them from
your
server
install disk.
d:\support\tools\setup.exe
Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite >
c:\repl.txt
-> dnslint /ad /s "ip address of your dc"
**Note: Using the /E switch in dcdiag will run diagnostics against
ALL
dc's
in the forest. If you have significant numbers of DC's this test
could
generate significant detail and take a long time. You also want to
take
into
account slow links to dc's will also add to the testing time.
If you download a gui script I wrote it should be simple to set and
run
(DCDiag and NetDiag). It also has the option to run individual
tests
without
having to learn all the switch options. The details will be output
in
notepad text files that pop up automagically.
The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm
Just select both dcdiag and netdiag make sure verbose is set.
(Leave the default settings for dcdiag as set when selected)
When complete search for fail, error and warning messages.
Description and download for dnslint
http://support.microsoft.com/kb/321045
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Dudley" <Dudley@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FFEF3642-61A6-4DC9-8A01-02FD7B5BA820@xxxxxxxxxxxxxxxx
I have a parent domain with 2 child domains. Several older DCs in
the
child
domains have two events in the system log and I'm not sure if they
are
cause
for alarm or not. The first event is:
Type: Warning
Event: 1083
Date Time: 1/22/2009 12:33:02 PM
Source: NTDS Replication
ComputerName: DC1
Category: Replication
User: NT AUTHORITY\ANONYMOUS LOGON
Description: Active Directory could not update the following
object
with
changes received from the domain controller at the following
network
address
because Active Directory was busy processing information.
Object:
CN=JDoe,OU=employees,DC=subdomain1,DC=domain,DC=local Network
address:
cd5156a4-ac24-4933-aa26-bfcb778383dc._msdcs.domain.local This
operation
will be tried again later.
The second event:
Type: Information
Event: 1955
Date Time: 1/22/2009 12:33:02 PM
Source: NTDS Replication
ComputerName: DC1
Category: Replication
User: NT AUTHORITY\ANONYMOUS LOGON
Description: Active Directory encountered a write conflict when
applying
replicated changes to the following object. Object:
CN=JDoe,OU=employees,DC=subdomain1,DC=domain,DC=local Time in
seconds:
0
Event log entries preceding this entry will indicate whether or
not the
update was accepted. A write conflict can be caused by
simultaneous
changes to the same object or simultaneous changes to other
objects
that
have
attributes referencing this object. This commonly occurs when the
object
represents a large group with many members, and the functional
level of
the
forest is set to Windows 2000. This conflict triggered additional
retries
of
the update. If the system appears slow, it could be because
replication
of
these changes is occurring. User Action Use smaller groups for
this
operation or raise the functional level to Windows Server 2003.
The details say raise the level to Windows Server 2003, but it has
already
been raised to that. In ever instance of this event that i have
checked
1083
is followed by 1955 and the time on both events is the same. The
events
only
seem to appear on the old domain controllers (Pentium III's) that
were
upgraded from Windows 2000 several years ago. Any advice would be
appreciated.
Thanks
--
Dudley
MCP, MCDST
.
- Follow-Ups:
- Re: NTDS Replication Event ID 1083/1955
- From: Dudley
- Re: NTDS Replication Event ID 1083/1955
- References:
- Re: NTDS Replication Event ID 1083/1955
- From: Dudley
- Re: NTDS Replication Event ID 1083/1955
- Prev by Date: Re: Windows 2008 Limitlogin
- Next by Date: Re: List directories access (ACL) of a group or user
- Previous by thread: Re: NTDS Replication Event ID 1083/1955
- Next by thread: Re: NTDS Replication Event ID 1083/1955
- Index(es):
Relevant Pages
|
