Re: AD Replication issues
- From: Meinolf Weber [MVP-DS] <meiweb(nospam)@gmx.de>
- Date: Tue, 2 Jun 2009 08:52:59 +0000 (UTC)
Hello Toni,
Please post an unedited ipconfig /all from the problem DC and also from another in the site. Please describe a bit more detailed the network setup.
Does something like a crash happen before or reinstall from backup etc.?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hi,
My client is having two different Active Directory replication issues
in same domain. At least I believe that these are two separete issues.
I just wanted to report these in same message because I'm not sure if
these problems have something to do with each other. Domain functional
level is Windows Server 2003 and all DC's are having operating system
Windows Server 2003 SP2 standard.
Please see output of AD Replication Monitor - Search Domain
Controllers For Replication Failures:
********************************************************
Active Directory Replication Domain Controller Replication Failure
Output
Printed at 1.6.2009 22:13:40
Below are the replication failures detected on Domain Controllers for
this domain:
Domain Controller Name: DC01
Directory Partition: DC=domain,DC=net
Replication Partner: SITE2\DC02
Failure Code: 1818
Failure Reason: The remote procedure call
was
cancelled.
Domain Controller Name: DC03
Directory Partition: DC=domain,DC=net
Replication Partner: SITE4\DC04
Failure Code: 1818
Failure Reason: The remote procedure call
was
cancelled.
********************************************************
PROBLEM 1: DC01-DC02
I can see following Warnings in DC01 computer's Event Viewer Directory
Service log:
********************************************************
Event Type: Warning
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 1232
Date: 1.6.2009
Time: 21:40:52
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC01
Description:
Active Directory attempted to perform a remote procedure call (RPC) to
the
following server. The call timed out and was cancelled.
Server:
ee15dc9e-173b-4a0d-b5c4-a823b5f6063a._msdcs.domain.net
Call Timeout (Mins):
45
Thread ID:
a78
Additional Data
Internal ID:
5001047
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
********************************************************
and
********************************************************
Event Type: Warning
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 1188
Date: 1.6.2009
Time: 21:40:52
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC01
Description:
A thread in Active Directory is waiting for the completion of a RPC
made to
the following domain controller.
Domain controller:
ee15dc9e-173b-4a0d-b5c4-a823b5f6063a._msdcs.domain.net
Operation:
get changes
Thread ID:
a78
Timeout period (minutes):
45
Active Directory has attempted to cancel the call and recover this
thread.
User Action If this condition continues, restart the domain
controller.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
********************************************************
Based on Knowledge Base article
(http://support.microsoft.com/kb/830746) I have tried to increase the
value of the RPC timeout for Active Directory replication from 5
minutes to 45 minutes. This didn't solved the issue.
Network bandwidth is quite slow between DC01 and DC02 (ping round trip
time about 400ms) but we have other sites having even slower
connection but AD replication working fine.
I have already troubleshooted this issue with network service provider
but they state that there is no network related errors between those
two computers.
PROBLEM 2: DC03-DC04
I can see following Warnings and Errors in DC03 computer's Event
Viewer Directory Service log:
********************************************************
Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1865
Date: 2.6.2009
Time: 1:33:01
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
The Knowledge Consistency Checker (KCC) was unable to form a complete
spanning tree network topology. As a result, the following list of
sites
cannot be reached from the local site.
Sites: CN=SITE4,CN=Sites,CN=Configuration,DC=domain,DC=net
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
********************************************************
and
********************************************************
Event Type: Error
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1311
Date: 2.6.2009
Time: 1:33:01
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
The Knowledge Consistency Checker (KCC) has detected problems with the
following directory partition.
Directory partition:
CN=Configuration,DC=domain,DC=net
There is insufficient site connectivity information in Active
Directory Sites and Services for the KCC to create a spanning tree
replication topology. Or, one or more domain controllers with this
directory partition are unable to replicate the directory partition
information. This is probably due to inaccessible domain controllers.
User Action Use Active Directory Sites and Services to perform one of
the following actions: - Publish sufficient site connectivity
information so that the KCC can determine a route by which this
directory partition can reach this site. This is the preferred option.
- Add a Connection object to a domain controller that contains the
directory partition in this site from a domain controller that
contains the same directory partition in another site.
If neither of the Active Directory Sites and Services tasks correct
this condition, see previous events logged by the KCC that identify
the inaccessible domain controllers.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
********************************************************
and
********************************************************
Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1865
Date: 2.6.2009
Time: 1:33:01
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
The Knowledge Consistency Checker (KCC) was unable to form a complete
spanning tree network topology. As a result, the following list of
sites
cannot be reached from the local site.
Sites: CN=SITE4,CN=Sites,CN=Configuration,DC=domain,DC=net
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
********************************************************
I have double-check my AD Sites and Services configurations and
everything should be ok there.
I would appreciate if you could help me solving these issues. Thanks
in advance.
Best regards,
Toni Rantanen
.
- References:
- AD Replication issues
- From: Toni Rantanen
- AD Replication issues
- Prev by Date: Active Directory Migration Tool
- Next by Date: Re: dcpromo a DC that does not know is a DC
- Previous by thread: Re: AD Replication issues
- Next by thread: Re: AD Replication issues
- Index(es):
Relevant Pages
|
Loading
