Active Directory Replication
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.active_directory (More info?)
I have several Domain controller in which everything was working fine
including replication, etc. Since than I have changed IP address of one of my
DC's (DC1) and moved it behind a firewall. However, we have configured the
firewall so that DC1 is able to talk to DC2 (DC1's replication partner). When
we add a user to DC2 the change shows up on DC1. However when we make a
change (add user) to DC1 it does not show up on DC2 or any of our other DC's.
I like to know what is the missing part here. Because I can ping and connect
to DC2 from my DC1 server. Any help is appreciated.
I have several Domain controller in which everything was working fine
including replication, etc. Since than I have changed IP address of one of my
DC's (DC1) and moved it behind a firewall. However, we have configured the
firewall so that DC1 is able to talk to DC2 (DC1's replication partner). When
we add a user to DC2 the change shows up on DC1. However when we make a
change (add user) to DC1 it does not show up on DC2 or any of our other DC's.
I like to know what is the missing part here. Because I can ping and connect
to DC2 from my DC1 server. Any help is appreciated.
More about : active directory replication
Archived from groups: microsoft.public.win2000.active_directory (More info?)
You may want to verify that you have the direction on the firewall rule to
be ANY. The rule may be set to inbound and not outbound.
HTH
Ozone
"Jay" <Jay@discussions.microsoft.com> wrote in message
news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
>I have several Domain controller in which everything was working fine
> including replication, etc. Since than I have changed IP address of one of
> my
> DC's (DC1) and moved it behind a firewall. However, we have configured the
> firewall so that DC1 is able to talk to DC2 (DC1's replication partner).
> When
> we add a user to DC2 the change shows up on DC1. However when we make a
> change (add user) to DC1 it does not show up on DC2 or any of our other
> DC's.
>
> I like to know what is the missing part here. Because I can ping and
> connect
> to DC2 from my DC1 server. Any help is appreciated.
You may want to verify that you have the direction on the firewall rule to
be ANY. The rule may be set to inbound and not outbound.
HTH
Ozone
"Jay" <Jay@discussions.microsoft.com> wrote in message
news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
>I have several Domain controller in which everything was working fine
> including replication, etc. Since than I have changed IP address of one of
> my
> DC's (DC1) and moved it behind a firewall. However, we have configured the
> firewall so that DC1 is able to talk to DC2 (DC1's replication partner).
> When
> we add a user to DC2 the change shows up on DC1. However when we make a
> change (add user) to DC1 it does not show up on DC2 or any of our other
> DC's.
>
> I like to know what is the missing part here. Because I can ping and
> connect
> to DC2 from my DC1 server. Any help is appreciated.
Archived from groups: microsoft.public.win2000.active_directory (More info?)
Firewall is open both ways.... I can get to the DC2 from DC1 without any
problems. I can see users and computers and other things for DC2 from DC1,
however replication doesn't work from DC1 to DC2. It works fine from DC2 to
DC1. So just wondering what else am I missing.
thanks,
Jay
"Ozone" wrote:
> You may want to verify that you have the direction on the firewall rule to
> be ANY. The rule may be set to inbound and not outbound.
>
> HTH
> Ozone
> "Jay" <Jay@discussions.microsoft.com> wrote in message
> news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
> >I have several Domain controller in which everything was working fine
> > including replication, etc. Since than I have changed IP address of one of
> > my
> > DC's (DC1) and moved it behind a firewall. However, we have configured the
> > firewall so that DC1 is able to talk to DC2 (DC1's replication partner).
> > When
> > we add a user to DC2 the change shows up on DC1. However when we make a
> > change (add user) to DC1 it does not show up on DC2 or any of our other
> > DC's.
> >
> > I like to know what is the missing part here. Because I can ping and
> > connect
> > to DC2 from my DC1 server. Any help is appreciated.
>
>
>
Firewall is open both ways.... I can get to the DC2 from DC1 without any
problems. I can see users and computers and other things for DC2 from DC1,
however replication doesn't work from DC1 to DC2. It works fine from DC2 to
DC1. So just wondering what else am I missing.
thanks,
Jay
"Ozone" wrote:
> You may want to verify that you have the direction on the firewall rule to
> be ANY. The rule may be set to inbound and not outbound.
>
> HTH
> Ozone
> "Jay" <Jay@discussions.microsoft.com> wrote in message
> news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
> >I have several Domain controller in which everything was working fine
> > including replication, etc. Since than I have changed IP address of one of
> > my
> > DC's (DC1) and moved it behind a firewall. However, we have configured the
> > firewall so that DC1 is able to talk to DC2 (DC1's replication partner).
> > When
> > we add a user to DC2 the change shows up on DC1. However when we make a
> > change (add user) to DC1 it does not show up on DC2 or any of our other
> > DC's.
> >
> > I like to know what is the missing part here. Because I can ping and
> > connect
> > to DC2 from my DC1 server. Any help is appreciated.
>
>
>
Archived from groups: microsoft.public.win2000.active_directory (More info?)
One thing that we could do is get a Netmon trace, and I can take a look at
it. In the trace, I should be able to see the replication traffic. Also,
there are some other tools that we can use, but we already know it is not
working... Here are some KB's that may help:
179442 How to configure a firewall for domains and trusts
http://support.microsoft.com/?id=179442
224196 Restricting Active Directory replication traffic to a specific port
http://support.microsoft.com/?id=224196
272294 Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/?id=272294
814821 Active Directory Replication and Knowledge Consistency Checker Fail
with
http://support.microsoft.com/?id=814821
830077 Replication errors occur when you use Active Directory Replication
http://support.microsoft.com/?id=830077
If you need help setting up the Netmon let me know...
Ozone
"Jay" <Jay@discussions.microsoft.com> wrote in message
news:013B8F52-A81B-4DBF-8FB3-AFA236CB034F@microsoft.com...
> Firewall is open both ways.... I can get to the DC2 from DC1 without any
> problems. I can see users and computers and other things for DC2 from DC1,
> however replication doesn't work from DC1 to DC2. It works fine from DC2
> to
> DC1. So just wondering what else am I missing.
>
> thanks,
>
> Jay
>
> "Ozone" wrote:
>
>> You may want to verify that you have the direction on the firewall rule
>> to
>> be ANY. The rule may be set to inbound and not outbound.
>>
>> HTH
>> Ozone
>> "Jay" <Jay@discussions.microsoft.com> wrote in message
>> news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
>> >I have several Domain controller in which everything was working fine
>> > including replication, etc. Since than I have changed IP address of one
>> > of
>> > my
>> > DC's (DC1) and moved it behind a firewall. However, we have configured
>> > the
>> > firewall so that DC1 is able to talk to DC2 (DC1's replication
>> > partner).
>> > When
>> > we add a user to DC2 the change shows up on DC1. However when we make a
>> > change (add user) to DC1 it does not show up on DC2 or any of our other
>> > DC's.
>> >
>> > I like to know what is the missing part here. Because I can ping and
>> > connect
>> > to DC2 from my DC1 server. Any help is appreciated.
>>
>>
>>
One thing that we could do is get a Netmon trace, and I can take a look at
it. In the trace, I should be able to see the replication traffic. Also,
there are some other tools that we can use, but we already know it is not
working... Here are some KB's that may help:
179442 How to configure a firewall for domains and trusts
http://support.microsoft.com/?id=179442
224196 Restricting Active Directory replication traffic to a specific port
http://support.microsoft.com/?id=224196
272294 Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/?id=272294
814821 Active Directory Replication and Knowledge Consistency Checker Fail
with
http://support.microsoft.com/?id=814821
830077 Replication errors occur when you use Active Directory Replication
http://support.microsoft.com/?id=830077
If you need help setting up the Netmon let me know...
Ozone
"Jay" <Jay@discussions.microsoft.com> wrote in message
news:013B8F52-A81B-4DBF-8FB3-AFA236CB034F@microsoft.com...
> Firewall is open both ways.... I can get to the DC2 from DC1 without any
> problems. I can see users and computers and other things for DC2 from DC1,
> however replication doesn't work from DC1 to DC2. It works fine from DC2
> to
> DC1. So just wondering what else am I missing.
>
> thanks,
>
> Jay
>
> "Ozone" wrote:
>
>> You may want to verify that you have the direction on the firewall rule
>> to
>> be ANY. The rule may be set to inbound and not outbound.
>>
>> HTH
>> Ozone
>> "Jay" <Jay@discussions.microsoft.com> wrote in message
>> news:F569CD99-93F8-4E10-9DDF-B3289D94E1B3@microsoft.com...
>> >I have several Domain controller in which everything was working fine
>> > including replication, etc. Since than I have changed IP address of one
>> > of
>> > my
>> > DC's (DC1) and moved it behind a firewall. However, we have configured
>> > the
>> > firewall so that DC1 is able to talk to DC2 (DC1's replication
>> > partner).
>> > When
>> > we add a user to DC2 the change shows up on DC1. However when we make a
>> > change (add user) to DC1 it does not show up on DC2 or any of our other
>> > DC's.
>> >
>> > I like to know what is the missing part here. Because I can ping and
>> > connect
>> > to DC2 from my DC1 server. Any help is appreciated.
>>
>>
>>
Related ressources:
- ForumActive Directory Replication Issue
- ForumActive Directory replication
- ForumActive Directory replication between sites
- ForumActive Directory Replication
- ForumActive Directory Replication - NAT Router
- ForumActive Directory Trusts-Bandwidth Usage
- ForumWin2003 Active Directory member server cannot find DC
- ForumActive Directory Import / Export
- ForumHELP! Active Directory Planning questions..
- ForumRemote Active Directory Installation Failed
- ForumActive directory corrupted on one domain controller
- ForumDNS and Active Directory
- ForumClient Machine cannot see Active Directory
- ForumActive Directory failure with code '0x80040e37'
- ForumParallel and com ports not appearing in device manager
- ForumRestoring Active Directory and DNS only
- Forumjoin domain/active directory
- ForumSlow Active Directory!!
- ForumCan't view "Entire Directory" when trying to add Power Use..
- ForumProbing the active directory
- More resources
!
