DHCP servers deauthorizing daily

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I am having a very weird problem. I have 7 DHCP servers at 7 different sites,
all in the same domain. For the past year they have all worked near
flawlessly, but suddenly they are all deauthorizing at the same time. Going
to the DHCP snap-in shows the red down arrow. Rightclick, authorize and
nothing happens. Wait a sec and refresh, still shows its down. Very
occasionaly this will work and reauthorize the server, but the next day it is
down again. I have also used the netsh dhcp add server command to manually
add all the servers/ips to the AD. here is the error i am getting from my
largest DHCP server,
1051:
The DHCP/BINL service has determined that it is not authorized to service
clients on this network for the Windows domain: tonkin.com.

I am also getting some KCC errors (some is an understatement). #'s 1311 and
1312 which are Not enough connectivity specified in SItes and Services and
RPC server unavailable, respectivly.

I have verifyed that all my servers are in the correct sites with sitelinks
setup. I also have "bridge all site links" checked in Intersite Transport.
For the record most of these servers are at different locations connected via
T1's. 2 of the servers are in child-domains, which i thihnk is where the root
of my problem lies. The 2 child domains, chevy.tonkin.com and
acura.tonkin.com have had replication issues from the start. They were
initially setup before budget was cut to 1 server per location, and havn't
been migrated back to the root domain. I have always had issues replicating
site topology to these 2 DCs, but never has it affected anything.


Could someone please help? I think i need a guiding hand in setting up my
Sites and Services. Would be willing to contract solution via VPN.

Thank you so much,
Justin Allen
jallen@tonkin.com

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

check if the replication is working properly between DCs with replmon or
Replication Monitor from support tools.


--
Andrei Ungureanu
www.eventid.net
Free Windows event logs reports
http://www.altairtech.ca/evlog/

"Justin Allen" <JustinAllen@discussions.microsoft.com> wrote in message
news:C19A1CA6-F34C-40AA-9932-77AD1912BF83@microsoft.com...
>I am having a very weird problem. I have 7 DHCP servers at 7 different
>sites,
> all in the same domain. For the past year they have all worked near
> flawlessly, but suddenly they are all deauthorizing at the same time.
> Going
> to the DHCP snap-in shows the red down arrow. Rightclick, authorize and
> nothing happens. Wait a sec and refresh, still shows its down. Very
> occasionaly this will work and reauthorize the server, but the next day it
> is
> down again. I have also used the netsh dhcp add server command to manually
> add all the servers/ips to the AD. here is the error i am getting from my
> largest DHCP server,
> 1051:
> The DHCP/BINL service has determined that it is not authorized to service
> clients on this network for the Windows domain: tonkin.com.
>
> I am also getting some KCC errors (some is an understatement). #'s 1311
> and
> 1312 which are Not enough connectivity specified in SItes and Services and
> RPC server unavailable, respectivly.
>
> I have verifyed that all my servers are in the correct sites with
> sitelinks
> setup. I also have "bridge all site links" checked in Intersite Transport.
> For the record most of these servers are at different locations connected
> via
> T1's. 2 of the servers are in child-domains, which i thihnk is where the
> root
> of my problem lies. The 2 child domains, chevy.tonkin.com and
> acura.tonkin.com have had replication issues from the start. They were
> initially setup before budget was cut to 1 server per location, and havn't
> been migrated back to the root domain. I have always had issues
> replicating
> site topology to these 2 DCs, but never has it affected anything.
>
>
> Could someone please help? I think i need a guiding hand in setting up my
> Sites and Services. Would be willing to contract solution via VPN.
>
> Thank you so much,
> Justin Allen
> jallen@tonkin.com

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Andrei,

Thank you for taking the time to reply. I have done what you suggested and
came up with an interesting result. The FSMO role holder (
rtpc_server.tonkin.com ) is the server that I do the vast majority of AD
changes/maintainance from. I ran REPLMON from rtpc_server and it came back
with no problems, other than the 2 child domains not replicating properly.
This, however, has been going on since day one and never had a problem. I
then decided to connect to one of the site DCs and try it from there, with
some interesting results.

My site DCs cannot access the directory. THis is the best I can determine.
When trying to launch AD Users and Computers from another DC i get the
following error:
Naming information could not be found for the following reasons:
The serach failed to retreive attributes from the database.

Running netsh dhcp show server from any DC other than RTPC_SERVER results in
0 DHCP servers found in DS. However, if i run it from RTPC_SERVER all looks
fine. Now it is definatly looking like a replication issue. Any further
suggestions or KB's that i could find helpful? I'm dying here!

Thanks,
Justin

"Andrei Ungureanu" wrote:

> check if the replication is working properly between DCs with replmon or
> Replication Monitor from support tools.
>
>
> --
> Andrei Ungureanu
> www.eventid.net
> Free Windows event logs reports
> http://www.altairtech.ca/evlog/
>
> "Justin Allen" <JustinAllen@discussions.microsoft.com> wrote in message
> news:C19A1CA6-F34C-40AA-9932-77AD1912BF83@microsoft.com...
> >I am having a very weird problem. I have 7 DHCP servers at 7 different
> >sites,
> > all in the same domain. For the past year they have all worked near
> > flawlessly, but suddenly they are all deauthorizing at the same time.
> > Going
> > to the DHCP snap-in shows the red down arrow. Rightclick, authorize and
> > nothing happens. Wait a sec and refresh, still shows its down. Very
> > occasionaly this will work and reauthorize the server, but the next day it
> > is
> > down again. I have also used the netsh dhcp add server command to manually
> > add all the servers/ips to the AD. here is the error i am getting from my
> > largest DHCP server,
> > 1051:
> > The DHCP/BINL service has determined that it is not authorized to service
> > clients on this network for the Windows domain: tonkin.com.
> >
> > I am also getting some KCC errors (some is an understatement). #'s 1311
> > and
> > 1312 which are Not enough connectivity specified in SItes and Services and
> > RPC server unavailable, respectivly.
> >
> > I have verifyed that all my servers are in the correct sites with
> > sitelinks
> > setup. I also have "bridge all site links" checked in Intersite Transport.
> > For the record most of these servers are at different locations connected
> > via
> > T1's. 2 of the servers are in child-domains, which i thihnk is where the
> > root
> > of my problem lies. The 2 child domains, chevy.tonkin.com and
> > acura.tonkin.com have had replication issues from the start. They were
> > initially setup before budget was cut to 1 server per location, and havn't
> > been migrated back to the root domain. I have always had issues
> > replicating
> > site topology to these 2 DCs, but never has it affected anything.
> >
> >
> > Could someone please help? I think i need a guiding hand in setting up my
> > Sites and Services. Would be willing to contract solution via VPN.
> >
> > Thank you so much,
> > Justin Allen
> > jallen@tonkin.com
>
>
>