Remote Branch DC wont Replicate With Corporate DC
- From: "Jwolfer" <Jwolfer@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 6 Apr 2005 13:11:03 -0700
SITUATION
-------------
We have 2 sites. A corporate site, and a small branch site. Our corporate
site is a Windows 2003 server (PDC) and a windows 2000 server (BDC). At our
branch site, I have a windows 2000 server (BDC) running, in case of a network
down issue between the 2 offices. For the most part, it seems to work
flawlessly. If the link goes down, the users there can still access that
server, and keep working.
I have noticed one problem though. If the link goes down, then the only
system those clients can see is the server, they cannot access any shares on
any of the client PC's... namely shared printers.
It seems to me that this is a DNS issue, so upon further review, I found
this on my Win2K3 server.
Davinci is our win2k3 PDC
CSServer is our backup DC at branch office
=========================================================
Source: NTDS Replication
Category: DS RPC Client
Event ID: 2087
Type: Error
User: NT Authority\Anonymous Logon
Computer: Davinci
Active Directory could not resolve the following DNS host name of the source
domain controller to an IP address. This error prevents additions, deletions
and changes in Active Directory from replicating between one or more domain
controllers in the forest. Security groups, group policy, users and computers
and their passwords will be inconsistent between domain controllers until
this error is resolved, potentially affecting logon authentication and access
to network resources.
Source domain controller:
csserver
Failing DNS host name:
ff200f98-b8f3-4bc8-8d74-b99535374248._msdcs.noelkerhull.com
NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour
period, even if more than 10 failures occur. To log all individual failure
events, set the following diagnostics registry value to 1:
Registry Path:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client
User Action:
1) If the source domain controller is no longer functioning or its
operating system has been reinstalled with a different computer name or
NTDSDSA object GUID, remove the source domain controller's metadata with
ntdsutil.exe, using the steps outlined in MSKB article 216498.
2) Confirm that the source domain controller is running Active directory
and is accessible on the network by typing "net view \\<source DC name>" or
"ping <source DC name>".
3) Verify that the source domain controller is using a valid DNS server for
DNS services, and that the source domain controller's host record and CNAME
record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE
available on http://www.microsoft.com/dns
dcdiag /test:dns
4) Verify that that this destination domain controller is using a valid DNS
server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE
command on the console of the destination domain controller, as follows:
dcdiag /test:dns
5) For further analysis of DNS error failures see KB 824449:
http://support.microsoft.com/?kbid=824449
Additional Data
Error value:
11004 The requested name is valid, but no data of the requested type was
found.
====================================================
When I run dcdiag on remote server, I get:
C:\Documents and Settings\Administrator.NOELKERHULL>dcdiag
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\CSSERVER
Starting test: Connectivity
......................... CSSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CSSERVER
Starting test: Replications
[Replications Check,CSSERVER] A recent replication attempt failed:
From FTPSERVER to CSSERVER
Naming Context: CN=Schema,CN=Configuration,DC=noelkerhull,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2005-04-06 15:54.26.
The last success occurred at 2005-03-21 07:58.50.
285 failures have occurred since the last success.
[FTPSERVER] DsBind() failed with error 1722,
The RPC server is unavailable..
The source remains down. Please check the machine.
[Replications Check,CSSERVER] A recent replication attempt failed:
From FTPSERVER to CSSERVER
Naming Context: CN=Configuration,DC=noelkerhull,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2005-04-06 15:54.03.
The last success occurred at 2005-03-21 08:03.53.
285 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,CSSERVER] A recent replication attempt failed:
From FTPSERVER to CSSERVER
Naming Context: DC=noelkerhull,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2005-04-06 15:53.40.
The last success occurred at 2005-03-21 08:07.42.
285 failures have occurred since the last success.
The source remains down. Please check the machine.
......................... CSSERVER passed test Replications
Starting test: NCSecDesc
......................... CSSERVER passed test NCSecDesc
Starting test: NetLogons
......................... CSSERVER passed test NetLogons
Starting test: Advertising
......................... CSSERVER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... CSSERVER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... CSSERVER passed test RidManager
Starting test: MachineAccount
......................... CSSERVER passed test MachineAccount
Starting test: Services
......................... CSSERVER passed test Services
Starting test: ObjectsReplicated
......................... CSSERVER passed test ObjectsReplicated
Starting test: frssysvol
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... CSSERVER passed test frssysvol
Starting test: kccevent
......................... CSSERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000041B
Time Generated: 04/06/2005 15:50:22
Event String: The DHCP/BINL service has determined that it is
......................... CSSERVER failed test systemlog
Running enterprise tests on : noelkerhull.com
Starting test: Intersite
......................... noelkerhull.com passed test Intersite
Starting test: FsmoCheck
......................... noelkerhull.com passed test FsmoCheck
C:\Documents and Settings\Administrator.NOELKERHULL>Event Type: Error
'Event' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Event Source: NTDS
Replication
'Event' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Event Category: DS
RPC Client
'Event' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Event ID: 2087
'Event' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Date:
4/5/2005
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy) Time: 8:55:23 PM
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy) User: NT AUTHORITY\ANONYMOUS LOGON
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy) Computer: DAVINCI
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy) Description:
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy) Active Directory could not resolve the
following DNS host n
ame of the source domain controller to an IP address. This error prevents
additions, delet
ions and changes in Active Directory from replicating between one or more
domain controlle
rs in the forest. S
The system cannot accept the date entered.
Enter the new date: (mm-dd-yy)
C:\Documents and Settings\Administrator.NOELKERHULL>Source domain controller:
'Source' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL> csserver
'csserver' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Failing DNS host name:
'Failing' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
ff200f98-b8f3-4bc8-8d74-b99535374248.
_msdcs.noelkerhull.com
'ff200f98-b8f3-4bc8-8d74-b99535374248._msdcs.noelkerhull.com' is not
recognized as an inte
rnal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL>NOTE: By default, only
up to 10 DNS fa
ilures are shown for any given 12 hour period, even if more than 10 failures
occur. To lo
g all individual failure events, set the following diagnostics registry
value to 1:
'NOTE:' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL>Registry Path:
'Registry' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and
Settings\Administrator.NOELKERHULL>HKLM\System\CurrentControlSet\Services
\NTDS\Diagnostics\22 DS RPC Client
The system cannot find the path specified.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL>User Action:
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> 1) If the source domain
controller is
no longer functioning or its operating system has been reinstalled with a
different compu
ter name or NTDSDSA object GUID, remove the source domain controller's
metadata with ntdsu
til.exe, using the steps outlined in MSKB article 216498.
'1)' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> 2) Confirm that the
source domain con
troller is running Active directory and is accessible on the network by
typing "net view \
\<source DC name>" or "ping <source DC name>".
'2)' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> 3) Verify that the
source domain cont
roller is using a valid DNS server for DNS services, and that the source
domain controller
's host record and CNAME record are correctly registered, using the DNS
Enhanced version o
f DCDIAG.EXE available on http://www.microsoft.com/dns
'3)' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> dcdiag /test:dns
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\CSSERVER
Starting test: Connectivity
......................... CSSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CSSERVER
Running enterprise tests on : noelkerhull.com
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> 4) Verify that that
this destination
domain controller is using a valid DNS server for DNS services, by running
the DNS Enhance
d version of DCDIAG.EXE command on the console of the destination domain
controller, as fo
llows:
'4)' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> dcdiag /test:dns
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\CSSERVER
Starting test: Connectivity
......................... CSSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CSSERVER
Running enterprise tests on : noelkerhull.com
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL> 5) For further analysis
of DNS error
failures see KB 824449:
'5)' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
http://support.microsoft.com/?kbid=
824449
'http:' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>
C:\Documents and Settings\Administrator.NOELKERHULL>Additional Data
'Additional' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>Error value:
'Error' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL> 11004 The requested
name is valid, bu
t no data of the requested type was found.
'11004' is not recognized as an internal or external command,
operable program or batch file.
C:\Documents and Settings\Administrator.NOELKERHULL>For more information,
see Help and Sup
port Center at http://go.microsoft.com/fwlink/events.asp.
more was unexpected at this time.
C:\Documents and Settings\Administrator.NOELKERHULL>
===========================================================
Any ideas what is going on?
.
- Follow-Ups:
- Re: Remote Branch DC wont Replicate With Corporate DC
- From: Ace Fekay [MVP]
- Re: Remote Branch DC wont Replicate With Corporate DC
- Prev by Date: DNS Time outs
- Next by Date: Re: Issue with DNS server ?
- Previous by thread: DNS Time outs
- Next by thread: Re: Remote Branch DC wont Replicate With Corporate DC
- Index(es):
Relevant Pages
|
