No announcement yet.

KCC Errors in event log

  • Filter
  • Time
  • Show
Clear All
new posts

  • KCC Errors in event log

    Hi guys,

    This is my first post so please be gentle!

    I have a single AD domain lets call it mydomain.local. This domain has 3 physical locations (Head Office, Regional 1 and Regional 2).

    It seems that I am getting errors in the event log of Regional 2s DC ( Error 1311 and 1566 both referring to replication issues with the DC in regional office 2). The events are suggesting that Regional 1 is having an issue replicating with Regional 2.

    I have setup in AD Sites and Services 3 sites (HeadOffice, Regional1 and Regional2) with their respective subnets. Also I have setup IP Inter-Site Transports for HeadOffice to Regional1 and HeadOffice to Regional2. Also, I have unticked Bridge all Sitelinks.

    The physical topology is attached basically the 3 offices are connected via VPN but Regional1 and Regional2 cannot see eachother (want to keep it like that). Now if I do a Repadmin /showreps on Regional2s DC then it says its outbound neighbours are Regional1????

    Basically all I want to do is have replication occur between the regional offices and the head office but not have replication occur amongst the 2 regional offices together.

    Ive attached a picture with the basic topology.

    Could someone help me carry on diagnosing or is there a way that I can see why Regional2 is trying to replicate wiht regional1. I am happy with ADSAS setup as far as which servers SHOULD be replicating with what but I want to know why the event log is generating these errors.

    I have checked replmon on each server and there is no trace of the DC in regional1 replicating with the DC in regional2.

    I would appreciate some help

  • #2
    Re: KCC Errors in event log

    Is HeadOffice Domain Controller is a GC and a DNS server?
    in your site configuration you should make sure that the Head office is also a GC and a DNS Configuration
    or the other regional DCs would not be able to replicate that NC and won't be updated.

    By default, BASL is enabled. It can typically be left enabled as long as the physical network is fully routable and all DCs can communicate with each other. If any DC cannot communicate with every other DC, because of routing restrictions, firewalls, VPN tunnels, and so forth, then BASL should be disabled. Otherwise, errors will result as the KCC warns that it cannot contact DCs in non-adjacent sites.

    Disabling BASL has the following repercussions:
    Site links must be created between any sites that may need to replicate between each other. Even more care must be taken to ensure that all NCs can find inter-site replication partners across the defined site links. Isolating DCs becomes much easier with BASL disabled.
    DFS site costing and automatic site coverage in non-adjacent sites will no longer work unless manual site link bridges are created.

    * Make sure Time is correctly Sync between all DCs
    * Delete all the manual Partners connection in the NTDS settings (all DCs) in Site & services, then run "repadmin /kcc" on all your DCs
    * Create two site links
    1) Head -> Reg1 - attach HeadOffice and Regional 1
    2) Head ->Reg2 - - attach HeadOffice and Regional 2
    Last edited by Akila; 30th October 2008, 16:31.


    • #3
      Re: KCC Errors in event log

      All servers are GCs and all have a single AD integrated zone. Can you tell me what will happen if I delete the manual partners please?


      • #4
        Re: KCC Errors in event log

        If you delete those manually created Partners (which I recommend doing), KCC would automatically generate new connections "<automatically Generated>" based on the site links and costs every 15 min' by default.
        If you don't want to wait for those 15 min' you could manually run the KCC by using the "repadmin /kcc"
        let KCC do it's job, that is why he is there, and he does it good.

        As far as Event 1311 you get , could you please List Partitions that is unable to Replicate from this site???? (it should show up in the Event body)

        A common issue with windows 2000 is a event 1311 from the KCC indicating that there is not enough published connectivity to create a spanning tree.In essence, an error condition exists (either configuration or replication), which prevents the successful end-to-point replication of all partners.The 1311 event message gives insufficient detail to troubleshoot the Issue.

        Windows 2003 Server includes a number of Enhancements to the 1311 well as number of new messages that clearly define the issue and provides the required detail to properly troubleshoot these problems.
        b/c it is the job of the KCC on the Inter-Site topology generator to look for and report these conditions, the new event message are exposed as soon as Windows server 2003 domain controller is added to a site, and assumes the ISTG role.

        The KCC like all subsystems in active Directory, has a variable event logging level. By default, only the most important events are logged. you could increase the level of detail in the even log by modifying the value in the Replication Events entry in the following key.

        HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagno stics

        Increase the level of detail can be used for better understanding the behavior of the KCC in different situations. However, a logging level value grater then "2" generally results in excessive logging that degrades the performance of the server/Domain Controller component. Increasing the logging level could be useful for troubleshooting your problem, but it is not recommended for normal operational.
        Consider increasing the level of logging and when your done fixing the problem, revert it back to it's original setting.
        Last edited by Akila; 30th October 2008, 17:01.


        • #5
          Re: KCC Errors in event log

          Should I delete the automatically generated aswell then?


          • #6
            Re: KCC Errors in event log

            delete them all, no harm could be caused by doing so.


            • #7
              Re: KCC Errors in event log

              It appears to be the configuration partition as stated in my event log.


              • #8
                Re: KCC Errors in event log

                Could you please post the entire message body of the event 1311 you get?


                • #9
                  Re: KCC Errors in event log

                  The Directory Service consistency checker has determined that either (a) there is not enough physical connectivity published via the Active Directory Sites and Services Manager to create a spanning tree connecting all the sites containing the Partition CN=Configuration,DC=mydomain,DC=local, or (b) replication cannot be performed with one or more critical servers in order for changes to propagate across all sites (most often due to the servers being unreachable).
                  For (a), please use the Active Directory Sites and Services Manager to do one of the following:
                  1. Publish sufficient site connectivity information such that the system can infer a route by which this Partition can reach this site. This option is preferred.
                  2. Add an ntdsConnection object to a Domain Controller that contains the Partition CN=Configuration,DC=mydomain,DC=local in this site from a Domain Controller that contains the same Partition in another site.
                  For (b), please see previous events logged by the NTDS KCC source that identify the servers that could not be contacted.


                  • #10
                    Re: KCC Errors in event log

                    I have had no errors in my event log for over 15 minutes now. Could this mean it is fixed and all that was required was deleting all NTDC replication partners and allowing the KCC to automatically discover partners by my ADSAS design?


                    • #11
                      Re: KCC Errors in event log

                      Sorry spoke too soon thee erros are back!!

                      Thanks for all your help so far BTW!! It is appreciated!


                      • #12
                        Re: KCC Errors in event log

                        Any further ideas guys? The network seems fine but I would like to know why this is happening on the one server. Incidently regional2 is a Windows 2000 Server SP4 .


                        • #13
                          Re: KCC Errors in event log

                          Do you have by any chance multiple domains or only one domain?
                          Last edited by Akila; 30th October 2008, 20:45.


                          • #14
                            Re: KCC Errors in event log

                            Single domain. The thing confusing me is why is regional1 not having these errors?


                            • #15
                              Re: KCC Errors in event log

                              OK, 1st of all we know it is the Configuration partition with the problem?
                              could you go over all your 1311 events and confirm that there are no other replication errors other then
                              I want you to check on all of your DCs for this event 1311 if there is.
                              Last edited by Akila; 30th October 2008, 20:50.