cybercrusader2000 Posted March 18, 2005 Share Posted March 18, 2005 Hi guys,I am facing this problem with Active Directory not replicating between the DC and the ADC in my Domain. The domain name is a single-label domain name with no extensions ("."). The following are the errors from Event Log.===========SysLog :-NETLOGONWarningNone5781N/ADC01Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.w32timeWarningNone64N/ADC01"Because of repeated network problems, the time service has not been able to find a domain controller to synchronize with for a long time. To reduce network traffic, the time service will wait 960 minutes before trying again. No synchronization will take place during this interval, even if network connectivity is restored. Accumulated time errors may cause certain network operations to fail. To tell the time service that network connectivity has been restored and that it should resynchronize, execute ""w32tm /s"" from the command line. "w32timeErrorNone62N/ADC01This Machine is a PDC of the domain at the root of the forest. Configure to sync from External time source using the net command, 'net time /setsntp:<server name>'.MRxSmbErrorNone8003N/ADC01The master browser has received a server announcement from the computer COMPUTER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{15676B6E-58D3. The master browser is stopping or an election is being forced.File Replication Log :-NtFrsWarningNone13562N/ADC01Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller dc01.domain for FRS replica set configuration information. The nTDSConnection object cn=dc01,cn=ntds settings,cn=dc02,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain is conflicting with cn=\<automatically generated\>,cn=ntds settings,cn=dc02,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain. Using cn=dc01,cn=ntds settings,cn=dc02,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domainThe nTDSConnection object cn=dc02,cn=ntds settings,cn=dc01,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain is conflicting with cn=8aa06a8d-c60a-4ccf-8240-99808ebcd538,cn=ntds settings,cn=dc01,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domain. Using cn=dc02,cn=ntds settings,cn=dc01,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=domainDirectory Service Log :-NTDS KCCWarning(1)1265N/ADC01The attempt to establish a replication link with parameters Partition: CN=Schema,CN=Configuration,DC=domain Source DSA DN: CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain Source DSA Address: 26bffa7d-fba6-456b-bd2c-ad5cafc67545._msdcs.domain Inter-site Transport (if any): failed with the following status: The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried.=================The SysVol and NetLogon folders on DC02 are blank, that shows that there is no replication. If compared, DC01 & DC02, under Active Directory Sites and Services, DC02 seems to be somewhat missing parameters. I can successfully ping DC01 from DC02 and vise-versa using IP , NetBIOS & DNS name. Forward and reverse DNS seem to work while communicating between the 2 DCs. But, AD zones under the Forward Lookup Zones in the AD-integrated DNS ( the dns residing on DC01 , there is no DNS/DHCP on DC02 , DC01 has DHCP running too ) for example _msdc , _sites , _tcp , _udp , etc. are missing. DHCP is integrated with DNS but DNS records don't get updated in Forward Lookup Zone. However, they get updated in Reverser Lookup Zone. I wonder how they get created when there is no Forward Lookup entry created ( host A record ) for the PTR record in Reverse DNS. I ran Netdiag /fix and i get a dns lookup error. DcDiag gives an error. "DC01 failed test kccevent". Connectivity test results via DcDiag test gave the following error :DcDiag Test :- Testing server: Default-First-Site-Name\DC01 Starting test: Connectivity 14067e65-e6e5-45a9-bbc0-e8c781409a0a._msdcs.domain's server GUID DNS name could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (14067e65-e6e5-45a9-bbc0-e8c781409a0a._msdcs.domain) couldn't be resolved, the server name (dc01.domain) resolved to the IP address (192.168.0.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... DC01 failed test Connectivity=================Thats all I can remember as of now.I have followed a few articles :http://support.microsoft.com/default.aspx?...kb;en-us;300684http://support.microsoft.com/?kbid=193888 ( tried this but the reg entry showed invalid charectors after modification, so I reset it back )I understand that all this seems to be due to a invalid/corrupt dns server running. I have thought of demoting DC02, rectifying DNS on DC01 and the promoting DC02 back to the domain ( after freshly installing the OS and updating it on DC02 ). As for the changes described on MS KB 300684 , I need to know, do we make the changes in the workstations only or also in the server ( as I have done, after testing the changes in the client ) , and what other changes have to be made in the client / server incase of a single-label domain name based domain to function properly ?Any / all suggestions are welcomed. Link to comment Share on other sites More sharing options...
valter Posted March 18, 2005 Share Posted March 18, 2005 Before we go deeper into this, just a single question. Is your server multihomed? What I mean is, how many network cards do you have on the server that has replication issue? Link to comment Share on other sites More sharing options...
cybercrusader2000 Posted March 18, 2005 Author Share Posted March 18, 2005 DC01 = Single Adapter ( Single IP - Internal IP )DC02 = 4 Adapters ( 1 Active , 3 Disabled , Single IP - Internal IP ) Link to comment Share on other sites More sharing options...
valter Posted March 18, 2005 Share Posted March 18, 2005 Are you sure those 3 NICs are actually disabled because 90% of replication errors comes from multihomed DCs ... and you have 8003 that points to more than one master browser on the network ... Link to comment Share on other sites More sharing options...
cybercrusader2000 Posted March 18, 2005 Author Share Posted March 18, 2005 Yeah, I am sure that the rest of the 3 network adapters are in disabled state. The Master Browser errors are due to the presence of Windows XP clients having the Computer Browser service running. Those can be disabled whenever required. Also, I don't think this is related to the replication failure error. Link to comment Share on other sites More sharing options...
valter Posted March 18, 2005 Share Posted March 18, 2005 I really doubt that XP's Computer Browser service causes that error. All my XPs have Computer Browser service running but that error is never logged. I've seen that error only when there is a problem with replication, including all other errors. Anyway, I would advise you, to remove those 3 NICs and see what happens. I believe that as soon as those 3 NICs are removed, replication should start again. Otherwise you could install support tools and use replmon.exe to monitor replication and locate the problem ... Link to comment Share on other sites More sharing options...
cybercrusader2000 Posted March 18, 2005 Author Share Posted March 18, 2005 Ok. I will check that as well and revert back. Link to comment Share on other sites More sharing options...
cybercrusader2000 Posted March 21, 2005 Author Share Posted March 21, 2005 Ummm, I made some changes to the connection strings in Active Directory Sites and Services and now replication is taking place. Also, AD Replication Monitor states that last replication attempt was successfull. But, I am still facing some errors in the event log. I will list them in a while. Untill then, take care guys. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now