Announcement

Collapse
No announcement yet.

Problem with AD replication and GPO applying on TS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problem with AD replication and GPO applying on TS

    Hello,

    A little info:

    I have two sites, A and B. On site B is a terminal server, which I log in to.
    The DC/AD master is on site A.
    A DC/AD server is also set up on site B

    However, there seems to be a problem with DNS lookups from
    site B to A. I can ping allright, but for instance a browse on file/shares
    terminates with error: "the network path specified is no longe available".

    But, all is ok if I browse going on the -IP- of the servers (from site A) it's
    just when I try to reach a resource on -name- lookup it fails.
    On the firewall there should not be any limitations on the IP traffic.


    Also, browsing resources from site A, the other way around, works ok.
    I am able to open up the AD on the AD-server on site B and make changes.

    So the problem appares to be only going from site B to A, not the other
    way around.


    But, this results in the two mentioned problems: AD replication and applying Group Policy. From site B, DCdiag etc. all tells of problems
    reaching the AD master on site A. More precicely DCdiag has this
    section:


    Doing primary tests

    Testing server: FAC\ASPxx01
    Starting test: Replications
    ......................... FAC\ASPxx01 passed test Replications
    Starting test: NCSecDesc
    ......................... FAC\ASPxx01 passed test NCSecDesc
    Starting test: NetLogons
    [ASPDB01] An net use or LsaPolicy operation failed with error -1073610729, Win32 Error -1073610729.
    ......................... ASPxx01 failed test NetLogons
    Starting test: Advertising
    Fatal ErrorsGetDcName (ASPxx01) call failed, error 1722
    The Locator could not find the server.
    ......................... ASPxx01 failed test Advertising
    Starting test: KnowsOfRoleHolders
    ......................... ASPxx01 passed test KnowsOfRoleHolders
    Starting test: RidManager
    ......................... ASPxx01 passed test RidManager
    Starting test: MachineAccount
    Could not open pipe with [ASPxx01]:failed with 64: Win32 Error 64
    Could not get NetBIOSDomainName
    Failed can not test for HOST SPN
    Failed can not test for HOST SPN
    * Missing SPN null)
    * Missing SPN null)
    ......................... ASPxx01 failed test MachineAccount
    Starting test: Services
    Could not open Remote ipc to [ASPxx01]:failed with 64: Win32 Error 64
    ......................... ASPxx01 failed test Services
    Starting test: ObjectsReplicated
    ......................... ASPxx01 passed test ObjectsReplicated
    Starting test: frssysvol
    [ASPDB01] An net use or LsaPolicy operation failed with error 64, Win32 Error 64.
    ......................... ASPxx01 failed test frssysvol
    Starting test: frsevent
    ......................... ASPxx01 failed test frsevent
    Starting test: kccevent
    Failed to enumerate event log records, error Win32 Error 64
    ......................... ASPxx01 failed test kccevent
    Starting test: systemlog
    Failed to enumerate event log records, error Win32 Error 64
    ......................... ASPxx01 failed test systemlog
    Starting test: VerifyReferences
    ......................... ASPxx01 passed test VerifyReferences


    So, if anyone has any ida n what's causing this, and/or a workaround
    getting the replication going from site A to B I would be forever greatful.
    Is it possible to do a one-way "push" from site A, for instance?

    As you probably can se, I am also quite new to this, so any thoughts
    are much appreciated.

    Thank's in advance.

  • #2
    AD

    Please check:

    1. Each DC=GC
    2. Each DC connect to the righ Active Directory site.
    3. Each DC point to it slef as DNS server + DNS server installed
    on each DC with correct DNS zones.
    4. Each client/server in each site point to the local DC/DNS server.
    5. Each site contain vaild license server.
    6. Each site contain uniqe license server for its local terminal server.
    7. Each terminal server configure to locate the right license terminal server.

    http://support.microsoft.com/default...b;en-us;257623

    http://support.microsoft.com/?kbid=839499
    Best Regards,

    Yuval Sinay

    LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

    Comment

    Working...
    X