Announcement

Collapse
No announcement yet.

Help with AD/FRS problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help with AD/FRS problem

    Hello All,

    After a restart of our 2 DC's I have noticed that upon logon to windows, the scripts that should be running were not, and scripts that were on the old GPO were trying to run. I checked all the usual GPO related things and nothing looked out of place there.
    Then looking over the events viewer, turns out I have been receiving the same error in my FRS log on one of my DC's.

    Event Type: Warning
    Event Source: NtFrs
    Event Category: None
    Event ID: 13562
    Date: 12/10/2008
    Time: 2:25:54 PM
    User: N/A
    Computer: TERVER
    Description:
    Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller terver.byng.local for FRS replica set configuration information.




    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    After looking around on google, it turns out to be most likely a missing FRS object. The MS KB article (http://support.microsoft.com/kb/312862/?sd=RMVP&fr=1) on it helps a bit, but not enough in my case, it said to run "ntfrsutl ds" and here is it's output:

    NTFRS CONFIGURATION IN THE DS
    SUBSTITUTE DCINFO FOR DC
    FRS DomainControllerName: (null)
    Computer Name : TERVER
    Computer DNS Name : terver.byng.local

    BINDING TO THE DS:
    ldap_connect : terver.byng.local
    DsBind : terver.byng.local

    NAMING CONTEXTS:
    SitesDn : CN=Sites,cn=configuration,dc=byng,dc=local
    ServicesDn : CN=Services,cn=configuration,dc=byng,dc=local
    DefaultNcDn: DC=byng,DC=local
    ComputersDn: CN=Computers,DC=byng,DC=local
    DomainCtlDn: OU=Domain Controllers,DC=byng,DC=local
    Fqdn : CN=TERVER,OU=Domain Controllers,DC=byng,DC=local
    Searching : Fqdn

    COMPUTER: TERVER
    DN : cn=terver,ou=domain controllers,dc=byng,dc=local
    Guid : af459106-2c55-49ab-abfa90a896a1df09
    UAC : 0x00082000
    Server BL : CN=TERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=byng,DC=local
    Settings : cn=ntds settings,cn=terver,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=byng,dc=local
    DNS Name : terver.byng.local
    WhenCreated : 9/5/2008 22:42:52 Eastern Standard Time Eastern Daylight Time [300]
    WhenChanged : 12/6/2008 23:54:18 Eastern Standard Time Eastern Daylight Time [300]

    SUBSCRIPTION: NTFRS SUBSCRIPTIONS
    DN : cn=ntfrs subscriptions,cn=terver,ou=domain controllers,dc=byng,dc=local
    Guid : 05f0e6a6-9583-4c98-a05c499a5e5a9770
    Working : c:\windows\ntfrs
    Actual Working: c:\windows\ntfrs
    WhenCreated : 9/12/2008 20:12:29 Eastern Standard Time Eastern Daylight Time [300]
    WhenChanged : 9/12/2008 20:12:29 Eastern Standard Time Eastern Daylight Time [300]

    SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
    DN : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn=terver,ou=domain controllers,dc=byng,dc=local
    Guid : c898143c-b12d-4a8c-9c1ea640254822f3
    Member Ref: (null)
    Root : c:\windows\sysvol\domain
    Stage : c:\windows\sysvol\staging\domain
    WhenCreated : 9/12/2008 20:12:30 Eastern Standard Time Eastern Daylight Time [300]
    WhenChanged : 9/12/2008 20:12:30 Eastern Standard Time Eastern Daylight Time [300]
    TERVER IS NOT A MEMBER OF ANY SET!

    In ADSIedit,
    DC1 & DC2 have NTFRS Subscriptions showing
    DC1 & DC2 have - CN=JONASSERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=byng,DC=local

    Neither have a - CN=TERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=byng,DC=local
    , which I think is the problem but not sure.

    My DC2 works fine and does not have those errors and "ntfrsutl ds" runs without errors.

    Any help with this issue is appreciated!
    Thanks,
    Last edited by achiarotto; 10th December 2008, 21:13.

  • #2
    Re: Help with AD/FRS problem

    FRS event ID 13562 is logged when a domain controller becomes unreachable.
    This problem occurs because FRS polls Active Directory at regular intervals to read FRS configuration information. During the polling, an operation is performed to resolve the Security Identifier (SID) of the FRS replication partner. The binding handle might become invalid if the bound domain controller becomes unreachable over the network or restarts in a single polling interval (defualt 5 min').

    To resolve this issue, restart FRS on the computer/DC logging the error message.

    Comment


    • #3
      Re: Help with AD/FRS problem

      it makes sence, since you rebooted both DCs (probably without enough time interval betwwen them both) and you got that log error since DC1 could not connect to DC2 replica set.
      I think.

      Comment


      • #4
        Re: Help with AD/FRS problem

        Alright, I'll try a "net stop ntfrs && net start ntfrs" and let you know how it goes.
        Thanks for the input!

        Comment


        • #5
          Re: Help with AD/FRS problem

          So that didn't do the trick, same errors in event log & while using "NTFRSUTL DS".

          My DNS settings shouldn't have anything to do with this problem right?
          e.g. My DC1 has its preferred DNS pointed at DC2, and itself as secondary.
          DC2 has its preferred DNS pointed at DC1, and itself as secondary.
          Should this be the other way around???
          Last edited by achiarotto; 11th December 2008, 21:09.

          Comment


          • #6
            Re: Help with AD/FRS problem

            Typically your servers would look at themselves for DNS resolution, if they run DNS that is
            Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

            Comment


            • #7
              Re: Help with AD/FRS problem

              Originally posted by achiarotto View Post
              So that didn't do the trick, same errors in event log & while using "NTFRSUTL DS".

              My DNS settings shouldn't have anything to do with this problem right?
              e.g. My DC1 has its preferred DNS pointed at DC2, and itself as secondary.
              DC2 has its preferred DNS pointed at DC1, and itself as secondary.
              Should this be the other way around???
              that is fine, no problems with your DNS configuration.

              There is no single, correct way to configure where DCs point for DNS. As long as name resolution is fast, correct, and uses as little network bandwidth as possible, the solution is a good one. What You should focus on is developing and implementing a consistent methodology. Following are the most common methodologies chosen:

              DC points to another DC (often in its site, if available), then to itself, and then potentially to a third server.

              DC points to itself, then to another (often in its site, if available), and then potentially to a third server. One potential negative to this is that false errors will often be generated during a shutdown or startup because of race conditions while services are stopping or starting.

              All DCs point to a single centralized server, then to themselves, and then potentially to a third server. This option allows all DCs to typically have a consistent view of the environment from a DNS perspective. It can also make it easier to troubleshoot certain issues.

              Comment

              Working...
              X