PDC Is not replicating !!

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi there,
I have been trying to sort out this issue since last week.

Here is my scenerio. After I have ghosted my PDC and BDC server and load it
in to my new server. After rebooted my new server the replication is not
running at all.

I wil not able to browse the server host name but Im able to browse the PDC
Via IPaddress
Error: \\server01 is not accessible
Logon Failure: The targer account name is incorrect


I have issue command repadmin / showrep

Error:

C:\WINNT\Profiles\Administrator>repadmin /showreps
Redbus\SERVER01
DSA Options : IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL
objectGuid : b8897f54-1bf0-479e-97e0-a6cb7ec1e107
invocationID: b8897f54-1bf0-479e-97e0-a6cb7ec1e107

==== INBOUND NEIGHBORS ======================================

CN=Schema,CN=Configuration,DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
Last attempt @ 2005-09-07 13:48.44 failed, result 8457:
Can't retrieve message string 8457 (0x2109), error 1815.
Last success @ 2005-08-30 07:49.17.
86 consecutive failure(s).

CN=Configuration,DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
Last attempt @ 2005-09-07 13:48.44 failed, result 8457:
Can't retrieve message string 8457 (0x2109), error 1815.
Last success @ 2005-08-30 08:02.15.
189 consecutive failure(s).

DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
Last attempt @ 2005-09-07 13:48.44 failed, result 8457:
Can't retrieve message string 8457 (0x2109), error 1815.
Last success @ 2005-08-30 07:58.02.
123 consecutive failure(s).

==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============

CN=Schema,CN=Configuration,DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624

CN=Configuration,DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624

DC=server,DC=dr
Redbus\SERVER02 via RPC
objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
--------------------------------------------------------------------------------------
Event Log on SERVER01:

---------------------
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 07/09/2005
Time: 11:52:09
User: N/A
Computer:SERVER01
Description:
The File Replication Service is having trouble enabling replication from
SERVER02 to SERVER01 for c:\winnt\sysvol\domain using the DNS name
server02.server.dr. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name server02.server.dr from this
computer.
[2] FRS is not running on server02.server.dr.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.

---------------------------------------------------------------------------------------
Was this post helpful to you?

Why should I rate a post?
8 answers Last reply
More about replicating
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    In news:23F6CAF1-58E1-4DE4-B72F-9B6E52AAC917@microsoft.com,
    Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    commented about below:
    > Hi there,
    > I have been trying to sort out this issue since last week.
    >
    > Here is my scenerio. After I have ghosted my PDC and BDC server and
    > load it in to my new server. After rebooted my new server the
    > replication is not running at all.
    >
    > I wil not able to browse the server host name but Im able to browse
    > the PDC Via IPaddress
    > Error: \\server01 is not accessible
    > Logon Failure: The targer account name is incorrect
    <snip>
    > ---------------------------------------------------------------------------------------
    > Was this post helpful to you?
    >
    > Why should I rate a post?

    Ghosting can be tricky unless done correctly. Let me understand what you are
    saying, Did you ghost two Windows 2000 domain controllers and stored the
    image somewhere and then put those images on those two new servers? Or did
    you Ghost one of them over?

    If so, are these two new servers on the same network as the original domain
    controllers? If so, are all four up and running on the same network? If so,
    did you change the IP addresses of the servers you ghosted over too?

    Or are they in a separate test or lab network? Or are they replacement
    servers? If replacement servers, did you take the original ones offline?

    If both servers have been ghosted over, then I am to assume at least one of
    them is running DNS. If on a test network away from the production network,
    make sure you are pointing to the domain controller that has DNS installed
    on it for it's DNS IP address in the network card properties.

    Browsing is based on NetBIOS functionality and not DNS. Curious, can you
    ping the servers by their FQDN (server01.server.dr and server02.server.dr)?


    --
    Regards,
    Ace

    If this post is viewed at a non-Microsoft community website, and you were to
    respond to it through that community's website, I may not see your reply.
    Therefore, please direct all replies ONLY to the Microsoft public newsgroup
    this thread originated in so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services
    Infinite Diversities in Infinite Combinations.
    =================================
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Hi Ace,

    I think I have fix the replicating issue.
    somehow I have another error in the event log.

    Event Type: Warning
    Event Source: NtFrs
    Event Category: None
    Event ID: 13508
    Date: 07/09/2005
    Time: 17:45:06
    User: N/A
    Computer: HEDGECONNECT01
    Description:
    The File Replication Service is having trouble enabling replication from
    SERVER02 to SERVERT01 for c:\winnt\sysvol\domain using the DNS name
    server02.server.dr. FRS will keep retrying.
    Following are some of the reasons you would see this warning.

    [1] FRS can not correctly resolve the DNS name server02.server.dr from this
    computer.
    [2] FRS is not running on server02.server.dr.
    [3] The topology information in the Active Directory for this replica has
    not yet replicated to all the Domain Controllers.

    This event log message will appear once per connection, After the problem
    is fixed you will see another event log message indicating that the
    connection has been established.
    Data:
    0000: 00 00 00 00 ....


    "Ace Fekay [MVP]" wrote:

    > In news:23F6CAF1-58E1-4DE4-B72F-9B6E52AAC917@microsoft.com,
    > Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    > commented about below:
    > > Hi there,
    > > I have been trying to sort out this issue since last week.
    > >
    > > Here is my scenerio. After I have ghosted my PDC and BDC server and
    > > load it in to my new server. After rebooted my new server the
    > > replication is not running at all.
    > >
    > > I wil not able to browse the server host name but Im able to browse
    > > the PDC Via IPaddress
    > > Error: \\server01 is not accessible
    > > Logon Failure: The targer account name is incorrect
    > <snip>
    > > ---------------------------------------------------------------------------------------
    > > Was this post helpful to you?
    > >
    > > Why should I rate a post?
    >
    > Ghosting can be tricky unless done correctly. Let me understand what you are
    > saying, Did you ghost two Windows 2000 domain controllers and stored the
    > image somewhere and then put those images on those two new servers? Or did
    > you Ghost one of them over?
    >
    > If so, are these two new servers on the same network as the original domain
    > controllers? If so, are all four up and running on the same network? If so,
    > did you change the IP addresses of the servers you ghosted over too?
    >
    > Or are they in a separate test or lab network? Or are they replacement
    > servers? If replacement servers, did you take the original ones offline?
    >
    > If both servers have been ghosted over, then I am to assume at least one of
    > them is running DNS. If on a test network away from the production network,
    > make sure you are pointing to the domain controller that has DNS installed
    > on it for it's DNS IP address in the network card properties.
    >
    > Browsing is based on NetBIOS functionality and not DNS. Curious, can you
    > ping the servers by their FQDN (server01.server.dr and server02.server.dr)?
    >
    >
    > --
    > Regards,
    > Ace
    >
    > If this post is viewed at a non-Microsoft community website, and you were to
    > respond to it through that community's website, I may not see your reply.
    > Therefore, please direct all replies ONLY to the Microsoft public newsgroup
    > this thread originated in so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees and
    > confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    > Infinite Diversities in Infinite Combinations.
    > =================================
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    In news:7F85F448-735F-4D19-A043-F1874DFA65FB@microsoft.com,
    Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    commented about below:
    > Hi Ace,
    >
    > I think I have fix the replicating issue.
    > somehow I have another error in the event log.
    >
    > Event Type: Warning
    > Event Source: NtFrs
    > Event Category: None
    > Event ID: 13508
    > Date: 07/09/2005
    > Time: 17:45:06
    > User: N/A
    > Computer: HEDGECONNECT01
    > Description:
    > The File Replication Service is having trouble enabling replication
    > from SERVER02 to SERVERT01 for c:\winnt\sysvol\domain using the DNS
    > name server02.server.dr. FRS will keep retrying.
    > Following are some of the reasons you would see this warning.
    >
    > [1] FRS can not correctly resolve the DNS name server02.server.dr
    > from this computer.
    > [2] FRS is not running on server02.server.dr.
    > [3] The topology information in the Active Directory for this replica
    > has not yet replicated to all the Domain Controllers.
    >
    > This event log message will appear once per connection, After the
    > problem is fixed you will see another event log message indicating
    > that the connection has been established.
    > Data:
    > 0000: 00 00 00 00 ....

    I'm glad you believe you fixed the issue, but the above error is evident
    that the problem still exists.

    Can you answer my previous questions so I can understand exactly what you
    did?

    Can you also provide an unedited ipconfig /all from both machines please?

    Thanks

    Ace
  4. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Hi Ace,
    Do you have a messenger on?

    Here are the step I have done.

    1. Ghosted 2 domain controller from HP DL320 G2 to G3 Server.
    2. Manage to change the Driver issue to boot the server.
    3. IP address all remain the same.
    4. Istall rollup service pack 1
    5. I manage to ping each other with IP address and hostname.
    6 Issue DCDIAG on PDC
    C:\WINNT\Profiles\Administrator>dcdiag

    Domain Controller Diagnosis

    Performing initial setup:
    Done gathering initial info.

    Doing initial required tests

    Testing server: Redbus\SERVER01
    Starting test: Connectivity
    ......................... SERVER01 passed test Connectivity

    Doing primary tests

    Testing server: Redbus\SERVER01
    Starting test: Replications
    ......................... SERVER01 passed test Replications
    Starting test: NCSecDesc
    ......................... SERVER01 passed test NCSecDesc
    Starting test: NetLogons
    ......................... SERVER01 passed test NetLogons
    Starting test: Advertising
    ......................... SERVER01 passed test Advertising
    Starting test: KnowsOfRoleHolders
    ......................... SERVER01 passed test KnowsOfRoleHolders
    Starting test: RidManager
    ......................... SERVER01 passed test RidManager
    Starting test: MachineAccount
    ......................... SERVER01 passed test MachineAccount
    Starting test: Services
    IsmServ Service is stopped on [SERVER01]
    ......................... SERVER01 failed test Services
    Starting test: ObjectsReplicated
    ......................... SERVER01 passed test ObjectsReplicated
    Starting test: frssysvol
    There are errors after the SYSVOL has been shared.
    The SYSVOL can prevent the AD from starting.
    ......................... SERVER01 passed test frssysvol
    Starting test: kccevent
    ......................... SERVER01 passed test kccevent
    Starting test: systemlog
    ......................... SERVER01 passed test systemlog

    Running enterprise tests on : server.dr
    Starting test: Intersite
    ......................... server.dr passed test Intersite
    Starting test: FsmoCheck
    ......................... server.dr passed test FsmoCheck

    7. DCDIAG on BDC

    C:\>dcdiag

    Domain Controller Diagnosis

    Performing initial setup:
    Done gathering initial info.

    Doing initial required tests

    Testing server: Redbus\SERVER02
    Starting test: Connectivity
    ......................... SERVER02 passed test Connectivity

    Doing primary tests

    Testing server: Redbus\SERVER02
    Starting test: Replications
    [SERVER01] DsBind() failed with error -2146893022,
    Win32 Error -2146893022.
    ......................... SERVER02 passed test Replications
    Starting test: NCSecDesc
    ......................... SERVER02 passed test NCSecDesc
    Starting test: NetLogons
    ......................... SERVER02 passed test NetLogons
    Starting test: Advertising
    Warning: SERVER02 is not advertising as a time server.
    ......................... SERVER02 failed test Advertising
    Starting test: KnowsOfRoleHolders
    Warning: SERVER01 is the Schema Owner, but is not responding to DS
    RPC Bind.
    [SERVER01] LDAP bind failed with error 31,
    Win32 Error 31.
    Warning: SERVER01 is the Schema Owner, but is not responding to
    LDAP Bind.
    Warning: SERVER01 is the Domain Owner, but is not responding to DS
    RPC Bind.
    Warning: SERVER01 is the Domain Owner, but is not responding to
    LDAP Bind.
    Warning: SERVER01 is the PDC Owner, but is not responding to DS RPC
    Bind.
    Warning: SERVER01 is the PDC Owner, but is not responding to LDAP
    Bind.
    Warning: SERVER01 is the Rid Owner, but is not responding to DS RPC
    Bind.
    Warning: SERVER01 is the Rid Owner, but is not responding to LDAP
    Bind.
    Warning: SERVER01 is the Infrastructure Update Owner, but is not
    responding to DS RPC Bind.
    Warning: SERVER01 is the Infrastructure Update Owner, but is not
    responding to LDAP Bind.
    ......................... SERVER02 failed test KnowsOfRoleHolders
    Starting test: RidManager
    [SERVER02] DsBindWithCred() failed with error -2146893022. Win32
    Error -2146893022
    ......................... SERVER02 failed test RidManager
    Starting test: MachineAccount
    ......................... SERVER02 passed test MachineAccount
    Starting test: Services
    w32time Service is stopped on [SERVER02]
    ......................... SERVER02 failed test Services
    Starting test: ObjectsReplicated
    ......................... SERVER02 passed test ObjectsReplicated
    Starting test: frssysvol
    There are errors after the SYSVOL has been shared.
    The SYSVOL can prevent the AD from starting.
    ......................... SERVER02 passed test frssysvol
    Starting test: kccevent
    ......................... SERVER02 passed test kccevent
    Starting test: systemlog
    ......................... SERVER02 passed test systemlog

    Running enterprise tests on : SERVER.dr
    Starting test: Intersite
    ......................... SERVER.dr passed test Intersite
    Starting test: FsmoCheck
    ......................... SERVER.dr passed test FsmoCheck


    Hope It helps you to solve my issue..
    Many Thanks.


    Basically I have check all ipconfig /all. Everything is normal. However
    when my BDC try to browse the PDC via hostname. It come out error message.

    "Ace Fekay [MVP]" wrote:

    > In news:7F85F448-735F-4D19-A043-F1874DFA65FB@microsoft.com,
    > Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    > commented about below:
    > > Hi Ace,
    > >
    > > I think I have fix the replicating issue.
    > > somehow I have another error in the event log.
    > >
    > > Event Type: Warning
    > > Event Source: NtFrs
    > > Event Category: None
    > > Event ID: 13508
    > > Date: 07/09/2005
    > > Time: 17:45:06
    > > User: N/A
    > > Computer: HEDGECONNECT01
    > > Description:
    > > The File Replication Service is having trouble enabling replication
    > > from SERVER02 to SERVERT01 for c:\winnt\sysvol\domain using the DNS
    > > name server02.server.dr. FRS will keep retrying.
    > > Following are some of the reasons you would see this warning.
    > >
    > > [1] FRS can not correctly resolve the DNS name server02.server.dr
    > > from this computer.
    > > [2] FRS is not running on server02.server.dr.
    > > [3] The topology information in the Active Directory for this replica
    > > has not yet replicated to all the Domain Controllers.
    > >
    > > This event log message will appear once per connection, After the
    > > problem is fixed you will see another event log message indicating
    > > that the connection has been established.
    > > Data:
    > > 0000: 00 00 00 00 ....
    >
    > I'm glad you believe you fixed the issue, but the above error is evident
    > that the problem still exists.
    >
    > Can you answer my previous questions so I can understand exactly what you
    > did?
    >
    > Can you also provide an unedited ipconfig /all from both machines please?
    >
    > Thanks
    >
    > Ace
    >
    >
    >
  5. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "" wrote:
    > Hi there,
    > I have been trying to sort out this issue since last week.
    >
    > Here is my scenerio. After I have ghosted my PDC and BDC
    > server and load it
    > in to my new server. After rebooted my new server the
    > replication is not
    > running at all.
    >
    > I wil not able to browse the server host name but Im able to
    > browse the PDC
    > Via IPaddress
    > Error: \server01 is not accessible
    > Logon Failure: The targer account name is incorrect
    >
    >
    > I have issue command repadmin / showrep
    >
    > Error:
    >
    > C:WINNTProfilesAdministrator>repadmin /showreps
    > RedbusSERVER01
    > DSA Options : IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL
    > objectGuid : b8897f54-1bf0-479e-97e0-a6cb7ec1e107
    > invocationID: b8897f54-1bf0-479e-97e0-a6cb7ec1e107
    >
    > ==== INBOUND NEIGHBORS ======================================
    >
    > CN=Schema,CN=Configuration,DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > Last attempt @ 2005-09-07 13:48.44 failed, result
    > 8457:
    > Can't retrieve message string 8457 (0x2109), error
    > 1815.
    > Last success @ 2005-08-30 07:49.17.
    > 86 consecutive failure(s).
    >
    > CN=Configuration,DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > Last attempt @ 2005-09-07 13:48.44 failed, result
    > 8457:
    > Can't retrieve message string 8457 (0x2109), error
    > 1815.
    > Last success @ 2005-08-30 08:02.15.
    > 189 consecutive failure(s).
    >
    > DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > Last attempt @ 2005-09-07 13:48.44 failed, result
    > 8457:
    > Can't retrieve message string 8457 (0x2109), error
    > 1815.
    > Last success @ 2005-08-30 07:58.02.
    > 123 consecutive failure(s).
    >
    > ==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============
    >
    > CN=Schema,CN=Configuration,DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    >
    > CN=Configuration,DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    >
    > DC=server,DC=dr
    > RedbusSERVER02 via RPC
    > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > --------------------------------------------------------------
    > ------------------------
    > Event Log on SERVER01:
    >
    > ---------------------
    > Event Type: Warning
    > Event Source: NtFrs
    > Event Category: None
    > Event ID: 13508
    > Date: 07/09/2005
    > Time: 11:52:09
    > User: N/A
    > Computer:SERVER01
    > Description:
    > The File Replication Service is having trouble enabling
    > replication from
    > SERVER02 to SERVER01 for c:winntsysvoldomain using the DNS
    > name
    > server02.server.dr. FRS will keep retrying.
    > Following are some of the reasons you would see this warning.
    >
    >
    > [1] FRS can not correctly resolve the DNS name
    > server02.server.dr from this
    > computer.
    > [2] FRS is not running on server02.server.dr.
    > [3] The topology information in the Active Directory for this
    > replica has
    > not yet replicated to all the Domain Controllers.
    >
    > This event log message will appear once per connection, After
    > the problem
    > is fixed you will see another event log message indicating
    > that the
    > connection has been established.
    >
    > --------------------------------------------------------------
    > -------------------------
    > Was this post helpful to you?
    >
    > Why should I rate a post?

    you have been caught by the USN rollback problem!

    Read more at:
    MS-KBQ875495_How to detect and recover from a USN rollback in Windows
    Server 2003

    MS-KBQ885875_How to detect and recover from a USN rollback in Windows
    2000 Server

    Windows 2000/2003 DCs should NEVER, NEVER, NEVER be imaged for
    backup/restore purposes! Imaging is NOT AD aware backup/restore
    solution and thus not MS approoved!
    A W2K3 pre-SP1 hotfix, a W2K post-SP4 hotfix and W2K3 SP1 will stop
    DCs replicating by disabling replication when USN rollback is
    detected. As I know the detection is not guaranteed, but when it
    detects it does that to prevent further damage.

    I assume you first shutdown one DC, images that one, brought it up
    again, shutdown the other DC, imaged that one and brought it up again.
    And afterwards you restored the images. Is that correct?

    The kb articles contain the solution and in your case (if you have 2
    DCs) it means demoting one of the DCs, cleaning up metadata and
    promoting it again to a DC. At least if this is your production
    environment!

    If you used imaging to copy your production environment into a lab
    environment follow the following procedure. Be aware to use this at
    your own risk, do not use it in a production environment as a
    backup/restore procedure:
    * Shutdown ALL the DCs at the same time in the production environment
    * Image ALL the DCs
    * Start ALL the DCs after all imaging has been done
    * Copy the images of the DCs to the lab network
    * Restore the images of the DCs on the lab network to its
    corresponding hardware
    * Do NOT connect the lab network with the production network
    * Be aware that SID issues might occur is old images are used for the
    DCs (meaning that a certain does not yet exist in the domain while it
    has already been used in some ACL on another server)

    AGAIN:
    * be carefull with what you do and use this at your own risk!!!
    * DO NOT USE THIS FOR YOUR PRODUCTION ENVIRONMENT AS A BACKUP AND
    RESTORE PROCEDURE!!!

    --
    Posted using the http://www.windowsforumz.com interface, at author's request
    Articles individually checked for conformance to usenet standards
    Topic URL: http://www.windowsforumz.com/Active-Directory-PDC-replicating-ftopict418400.html
    Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1398237
  6. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    In news:12C06D4B-2620-4F44-B6D6-180CC3EA5ECA@microsoft.com,
    Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    commented about below:
    > Hi Ace,
    > Do you have a messenger on?
    >
    > Here are the step I have done.
    >
    > 1. Ghosted 2 domain controller from HP DL320 G2 to G3 Server.
    > 2. Manage to change the Driver issue to boot the server.
    > 3. IP address all remain the same.
    > 4. Istall rollup service pack 1
    > 5. I manage to ping each other with IP address and hostname.
    > 6 Issue DCDIAG on PDC
    > C:\WINNT\Profiles\Administrator>dcdiag
    >
    > Domain Controller Diagnosis
    >
    > Performing initial setup:
    > Done gathering initial info.
    >
    > Doing initial required tests
    >
    > Testing server: Redbus\SERVER01
    > Starting test: Connectivity
    > ......................... SERVER01 passed test Connectivity
    >
    > Doing primary tests
    >
    > Testing server: Redbus\SERVER01
    > Starting test: Replications
    > ......................... SERVER01 passed test Replications
    > Starting test: NCSecDesc
    > ......................... SERVER01 passed test NCSecDesc
    > Starting test: NetLogons
    > ......................... SERVER01 passed test NetLogons
    > Starting test: Advertising
    > ......................... SERVER01 passed test Advertising
    > Starting test: KnowsOfRoleHolders
    > ......................... SERVER01 passed test
    > KnowsOfRoleHolders Starting test: RidManager
    > ......................... SERVER01 passed test RidManager
    > Starting test: MachineAccount
    > ......................... SERVER01 passed test MachineAccount
    > Starting test: Services
    > IsmServ Service is stopped on [SERVER01]
    > ......................... SERVER01 failed test Services
    > Starting test: ObjectsReplicated
    > ......................... SERVER01 passed test
    > ObjectsReplicated Starting test: frssysvol
    > There are errors after the SYSVOL has been shared.
    > The SYSVOL can prevent the AD from starting.
    > ......................... SERVER01 passed test frssysvol
    > Starting test: kccevent
    > ......................... SERVER01 passed test kccevent
    > Starting test: systemlog
    > ......................... SERVER01 passed test systemlog
    >
    > Running enterprise tests on : server.dr
    > Starting test: Intersite
    > ......................... server.dr passed test Intersite
    > Starting test: FsmoCheck
    > ......................... server.dr passed test FsmoCheck
    >
    > 7. DCDIAG on BDC
    >
    > C:\>dcdiag
    >
    > Domain Controller Diagnosis
    >
    > Performing initial setup:
    > Done gathering initial info.
    >
    > Doing initial required tests
    >
    > Testing server: Redbus\SERVER02
    > Starting test: Connectivity
    > ......................... SERVER02 passed test Connectivity
    >
    > Doing primary tests
    >
    > Testing server: Redbus\SERVER02
    > Starting test: Replications
    > [SERVER01] DsBind() failed with error -2146893022,
    > Win32 Error -2146893022.
    > ......................... SERVER02 passed test Replications
    > Starting test: NCSecDesc
    > ......................... SERVER02 passed test NCSecDesc
    > Starting test: NetLogons
    > ......................... SERVER02 passed test NetLogons
    > Starting test: Advertising
    > Warning: SERVER02 is not advertising as a time server.
    > ......................... SERVER02 failed test Advertising
    > Starting test: KnowsOfRoleHolders
    > Warning: SERVER01 is the Schema Owner, but is not responding
    > to DS RPC Bind.
    > [SERVER01] LDAP bind failed with error 31,
    > Win32 Error 31.
    > Warning: SERVER01 is the Schema Owner, but is not responding
    > to LDAP Bind.
    > Warning: SERVER01 is the Domain Owner, but is not responding
    > to DS RPC Bind.
    > Warning: SERVER01 is the Domain Owner, but is not responding
    > to LDAP Bind.
    > Warning: SERVER01 is the PDC Owner, but is not responding to
    > DS RPC Bind.
    > Warning: SERVER01 is the PDC Owner, but is not responding to
    > LDAP Bind.
    > Warning: SERVER01 is the Rid Owner, but is not responding to
    > DS RPC Bind.
    > Warning: SERVER01 is the Rid Owner, but is not responding to
    > LDAP Bind.
    > Warning: SERVER01 is the Infrastructure Update Owner, but is
    > not responding to DS RPC Bind.
    > Warning: SERVER01 is the Infrastructure Update Owner, but is
    > not responding to LDAP Bind.
    > ......................... SERVER02 failed test
    > KnowsOfRoleHolders Starting test: RidManager
    > [SERVER02] DsBindWithCred() failed with error -2146893022.
    > Win32 Error -2146893022
    > ......................... SERVER02 failed test RidManager
    > Starting test: MachineAccount
    > ......................... SERVER02 passed test MachineAccount
    > Starting test: Services
    > w32time Service is stopped on [SERVER02]
    > ......................... SERVER02 failed test Services
    > Starting test: ObjectsReplicated
    > ......................... SERVER02 passed test
    > ObjectsReplicated Starting test: frssysvol
    > There are errors after the SYSVOL has been shared.
    > The SYSVOL can prevent the AD from starting.
    > ......................... SERVER02 passed test frssysvol
    > Starting test: kccevent
    > ......................... SERVER02 passed test kccevent
    > Starting test: systemlog
    > ......................... SERVER02 passed test systemlog
    >
    > Running enterprise tests on : SERVER.dr
    > Starting test: Intersite
    > ......................... SERVER.dr passed test Intersite
    > Starting test: FsmoCheck
    > ......................... SERVER.dr passed test FsmoCheck
    >
    >
    > Hope It helps you to solve my issue..
    > Many Thanks.
    >
    >
    >
    >
    > Basically I have check all ipconfig /all. Everything is normal.
    > However when my BDC try to browse the PDC via hostname. It come out
    > error message.

    Check Jorge's post. I tend to agree with Jorge that it's a USN issue because
    of the way you probably ghosted it, and/or the new servers are on the same
    network as the original servers (which you can't do).

    Ace
  7. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    I'm Sorry, Im just getting a lil confuse.
    Currently I have 29 DC and 2 dc is the main DC for the rest of the DC to
    connect as trusted domain. Basically the 27 DC is trusted the 2 main DC which
    having some problem.

    I really have no idea how and what is the safe way to tackle the problem.
    I really need step by step advice. I cant afford to screw up either one
    server on the replication DC. I have ACE server installed.


    "Jorge_de_Almeida_Pinto" wrote:

    > "" wrote:
    > > Hi there,
    > > I have been trying to sort out this issue since last week.
    > >
    > > Here is my scenerio. After I have ghosted my PDC and BDC
    > > server and load it
    > > in to my new server. After rebooted my new server the
    > > replication is not
    > > running at all.
    > >
    > > I wil not able to browse the server host name but Im able to
    > > browse the PDC
    > > Via IPaddress
    > > Error: \server01 is not accessible
    > > Logon Failure: The targer account name is incorrect
    > >
    > >
    > > I have issue command repadmin / showrep
    > >
    > > Error:
    > >
    > > C:WINNTProfilesAdministrator>repadmin /showreps
    > > RedbusSERVER01
    > > DSA Options : IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL
    > > objectGuid : b8897f54-1bf0-479e-97e0-a6cb7ec1e107
    > > invocationID: b8897f54-1bf0-479e-97e0-a6cb7ec1e107
    > >
    > > ==== INBOUND NEIGHBORS ======================================
    > >
    > > CN=Schema,CN=Configuration,DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > > Last attempt @ 2005-09-07 13:48.44 failed, result
    > > 8457:
    > > Can't retrieve message string 8457 (0x2109), error
    > > 1815.
    > > Last success @ 2005-08-30 07:49.17.
    > > 86 consecutive failure(s).
    > >
    > > CN=Configuration,DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > > Last attempt @ 2005-09-07 13:48.44 failed, result
    > > 8457:
    > > Can't retrieve message string 8457 (0x2109), error
    > > 1815.
    > > Last success @ 2005-08-30 08:02.15.
    > > 189 consecutive failure(s).
    > >
    > > DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > > Last attempt @ 2005-09-07 13:48.44 failed, result
    > > 8457:
    > > Can't retrieve message string 8457 (0x2109), error
    > > 1815.
    > > Last success @ 2005-08-30 07:58.02.
    > > 123 consecutive failure(s).
    > >
    > > ==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============
    > >
    > > CN=Schema,CN=Configuration,DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > >
    > > CN=Configuration,DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > >
    > > DC=server,DC=dr
    > > RedbusSERVER02 via RPC
    > > objectGuid: d5d0d348-64d0-4789-890d-3a77e8bd5624
    > > --------------------------------------------------------------
    > > ------------------------
    > > Event Log on SERVER01:
    > >
    > > ---------------------
    > > Event Type: Warning
    > > Event Source: NtFrs
    > > Event Category: None
    > > Event ID: 13508
    > > Date: 07/09/2005
    > > Time: 11:52:09
    > > User: N/A
    > > Computer:SERVER01
    > > Description:
    > > The File Replication Service is having trouble enabling
    > > replication from
    > > SERVER02 to SERVER01 for c:winntsysvoldomain using the DNS
    > > name
    > > server02.server.dr. FRS will keep retrying.
    > > Following are some of the reasons you would see this warning.
    > >
    > >
    > > [1] FRS can not correctly resolve the DNS name
    > > server02.server.dr from this
    > > computer.
    > > [2] FRS is not running on server02.server.dr.
    > > [3] The topology information in the Active Directory for this
    > > replica has
    > > not yet replicated to all the Domain Controllers.
    > >
    > > This event log message will appear once per connection, After
    > > the problem
    > > is fixed you will see another event log message indicating
    > > that the
    > > connection has been established.
    > >
    > > --------------------------------------------------------------
    > > -------------------------
    > > Was this post helpful to you?
    > >
    > > Why should I rate a post?
    >
    > you have been caught by the USN rollback problem!
    >
    > Read more at:
    > MS-KBQ875495_How to detect and recover from a USN rollback in Windows
    > Server 2003
    >
    > MS-KBQ885875_How to detect and recover from a USN rollback in Windows
    > 2000 Server
    >
    > Windows 2000/2003 DCs should NEVER, NEVER, NEVER be imaged for
    > backup/restore purposes! Imaging is NOT AD aware backup/restore
    > solution and thus not MS approoved!
    > A W2K3 pre-SP1 hotfix, a W2K post-SP4 hotfix and W2K3 SP1 will stop
    > DCs replicating by disabling replication when USN rollback is
    > detected. As I know the detection is not guaranteed, but when it
    > detects it does that to prevent further damage.
    >
    > I assume you first shutdown one DC, images that one, brought it up
    > again, shutdown the other DC, imaged that one and brought it up again.
    > And afterwards you restored the images. Is that correct?
    >
    > The kb articles contain the solution and in your case (if you have 2
    > DCs) it means demoting one of the DCs, cleaning up metadata and
    > promoting it again to a DC. At least if this is your production
    > environment!
    >
    > If you used imaging to copy your production environment into a lab
    > environment follow the following procedure. Be aware to use this at
    > your own risk, do not use it in a production environment as a
    > backup/restore procedure:
    > * Shutdown ALL the DCs at the same time in the production environment
    > * Image ALL the DCs
    > * Start ALL the DCs after all imaging has been done
    > * Copy the images of the DCs to the lab network
    > * Restore the images of the DCs on the lab network to its
    > corresponding hardware
    > * Do NOT connect the lab network with the production network
    > * Be aware that SID issues might occur is old images are used for the
    > DCs (meaning that a certain does not yet exist in the domain while it
    > has already been used in some ACL on another server)
    >
    > AGAIN:
    > * be carefull with what you do and use this at your own risk!!!
    > * DO NOT USE THIS FOR YOUR PRODUCTION ENVIRONMENT AS A BACKUP AND
    > RESTORE PROCEDURE!!!
    >
    > --
    > Posted using the http://www.windowsforumz.com interface, at author's request
    > Articles individually checked for conformance to usenet standards
    > Topic URL: http://www.windowsforumz.com/Active-Directory-PDC-replicating-ftopict418400.html
    > Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1398237
    >
  8. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    In news:FE004EF4-7E69-4DE3-B604-9067FEAAF8E6@microsoft.com,
    Quefz <Quefz@discussions.microsoft.com> made this post, which I then
    commented about below:
    > I'm Sorry, Im just getting a lil confuse.
    > Currently I have 29 DC and 2 dc is the main DC for the rest of the DC
    > to connect as trusted domain. Basically the 27 DC is trusted the 2
    > main DC which having some problem.
    >
    > I really have no idea how and what is the safe way to tackle the
    > problem.
    > I really need step by step advice. I cant afford to screw up either
    > one server on the replication DC. I have ACE server installed.

    Interesting. You have a total of 29 DCs in your domain. If you are only
    ghosting two of them for a test/lab network (assuming totally off the
    production network), and you followed the steps the Jorge layed out to ghost
    them, then you have more work to do. You will need to also perform a
    metadata cleanup to remove the other 27 DCs that will NOT be on the test/lab
    network. AD will still have them referenced in the ghosted DCs to replicate
    to, because AD believes they still exist.

    Here's how to perform a metadata cleanup to remove the other 27 DCs from the
    test/lab DCs that you ghosted. You will need to delete them one at a time.

    216498 - HOW TO Remove Data in Active Directory After an Unsuccessful Domain
    Controller Demotion:
    http://support.microsoft.com/?id=216498

    Ace
Ask a new question

Read More

Servers Active Directory Windows