Tom's Hardware: Topic Windows 2003 AD & Replication Issues
Tom's Hardware > Forum > General Networking > Network General Discussions > Windows 2003 AD & Replication Issues
Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions.
Sign up now! Its free!
Dear AD Experts,
I got a network migration scheduled in under 2 weeks time and I’m panicking because i'm having NTDS replication errors in event viewer, alongside some LsaSrv "Can't find any logon servers" as well as a User... error complaining about not being able to access a GPO when it blatantly can.
Anyway, I ran a netdiag /fix and then ran dcdiag /test
ns and it reports that there are no dns errors. When I run repadmin /syncall it says replication completed without any errors.... so i'm so confused and very frustrated as it is a new domain, so far I have two dc's one mail server which is a member server and i got an ISA server to getup and running and time is running out.
In fact I think everything was working fine until I introduced ISA and installed the ISA F/W client on the DC's but then I was having some issues so I uninstalled the ISA F/W client and have turned off the ISA server and just want to get AD Replication working, or the error messages to go away at least.
Any help would be so greatly appreciated.
Thanks in advanced.
More info, i get this error in event viewer:-
Event Type: Warning
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 2088
Date: 10/19/2006
Time: 9:34:36 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.
Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
Alternate server name:
dc2
Failing DNS host name:
faf8f717-8b18-472a-9145-1ef7e0293030._msdcs.dottedeyes.local
NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur. To log all individual failure events, set the following diagnostics registry value to 1:
Registry Path:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client
User Action:
1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID, remove the source domain controller's metadata with ntdsutil.exe, using the steps outlined in MSKB article 216498.
2) Confirm that the source domain controller is running Active directory and is accessible on the network by typing "net view \\<source DC name>" or "ping <source DC name>".
3) Verify that the source domain controller is using a valid DNS server for DNS services, and that the source domain controller's host record and CNAME record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns
dcdiag /testns
4) Verify that that this destination domain controller is using a valid DNS server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller, as follows:
dcdiag /testns
5) For further analysis of DNS error failures see KB 824449:
http://support.microsoft.com/?kbid=824449
Additional Data
Error value:
11004 The requested name is valid, but no data of the requested type was found.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
As well as:-
Event Type: Error
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 1960
Date: 10/19/2006
Time: 9:34:36 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Internal event: The following domain controller received an exception from a remote procedure call (RPC) connection. The operation may have failed.
Process ID:
588
Reported error information:
Error value:
Could not find the domain controller for this domain. (1908)
Domain controller:
faf8f717-8b18-472a-9145-1ef7e0293030._msdcs.dottedeyes.local
Extended error information:
Error value:
No authority could be contacted for authentication. (2148074257)
Domain controller:
dc1
Additional Data
Internal ID:
5000bab
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
when i rund cddiag /testns i get:-
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : domainname
Running enterprise tests on : domainname.local
Starting test: DNS
......................... domainname.local passed test DNS
I don't understand, when i run repadmin /syncall i get:-
C:\Documents and Settings\Administrator>repadmin /syncall
CALLBACK MESSAGE: The following replication is in progress:
From: faf8f717-8b18-472a-9145-1ef7e0293030._msdcs.dottedeyes.local
To : 796a6a00-1252-4585-a246-137de36d40c3._msdcs.dottedeyes.local
CALLBACK MESSAGE: The following replication completed successfully:
From: faf8f717-8b18-472a-9145-1ef7e0293030._msdcs.dottedeyes.local
To : 796a6a00-1252-4585-a246-137de36d40c3._msdcs.dottedeyes.local
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
All though i noticed the path for dos says Administrator (even though i renames the admin acount but i'm sure that wouldn't be causing these issues)
please help someone 
Thanks for your post, yep I tried repadmin /syncall and it didn't show any replication errors, I also did a number of tests like dcdiag /testns as well as changing the syntax to test each part like, basicdns, dynamicdns, srv records (although the first command i believe tests all of these) and even thoough the tests all said successful, i was still getting NTDS errors.
I took ISA out of the equation, but now it is back in the equation and I need to work out how to configure it securely for my network, so if anyone likes to help out on ISA would be greatly appreciated (ISA2006)
Please mind
You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.
Sponsored links
Ad
Related Topics
- Nortel Firewall (Contivity) & Port Forwarding- How to ?
- WTF? Shut off Windows Firewall?
- networking issues via a hub (setting up an Fserv)
- DSL Connection issues
- Windows 98 crashes Linksys router
- GPMC Windows server 2003
- Bittorent Over Router Issues
- NAS - windows embedded or not?
- Urgent help required please Cisco Pix506e & ISA2004
They won a badge
Join us in greeting them
- 01:00 frazamatazzle won the Freshman badge
- 20:11 ominous prime won the Sophmore badge
- 01:00 torbee won the Freshman badge
- 01:00 dba won the Uniformed badge
- 01:00 LoveMyslf won the Uniformed badge
- 01:00 survdirt won the Uniformed badge
- 01:00 vgigolo won the Uniformed badge
- 01:00 alex3003 won the Uniformed badge
- 01:00 dindarloo won the Uniformed badge
- 01:00 Akash Nain won the Uniformed badge