Announcement

Collapse
No announcement yet.

AD Replication issues - KCC errors - 1865, 1311, 1566

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Replication issues - KCC errors - 1865, 1311, 1566

    Hi



    We have a Single Forest, with a Domain as the Forest Root and a number of other Domains which are created as New Domain Tree’s (not Child Domains)

    Each Domain has a DC which is a GC with the Domain FSMO roles
    OS is Server 2003 SP2

    Each DC has its own DNS Zone and using a Forwarder to the Forest root for any DNS queries outside of its zone

    I have got quite a few issues with AD replication:

    Errors in the EVENT logs are 1865, 1311, 1566 – these are relating to KCC unable to form spanning tree of network and insufficient site connectivity
    I have two copies of this infrastrucuture – both in a Physical and Virtual environment. In both cases they are currently in the same room and so therefore there are no Physical connectivity problems
    The Virtual environment has been converted using VMWare converter and brought into ESX

    I can Ping the GUID from each Domain Controller successfully
    There are times when Replication becomes “explicilty disabled” – an event shown in DCDIAG – I re-enable via:
    REPADMIN /OPTIONS <SERVERNAME> -DISABLE_OUTBOUND_REPL (and INBOUND)
    This will then disable itself again sometimes – also the NTELOGON Service seems to pause

    In Sites and Services I have let KCC work out the topology but I get some errors about security when doing a “check replication topology”

    I cant post the DCDIAG so I will try to sumerise:
    LDAP Bind erros 8341
    KCC detected problems with the following directory partition: Directory Partition
    Failed Test: KCCEVENT
    Skipping Tests because the server *** is not responding to directory service requests
    Checking for Down Bridgeheads: Warning remote bridgeheads *** is not elidgable as a bridgehead due to too many failures
    The current ISTG is down in site ***

    Has any body seen this before or got any ideas what is causing this?
    Thanks

  • #2
    Re: AD Replication issues - KCC errors - 1865, 1311, 1566

    Hi,

    Can you provide the events discription [copy paste from event logs] and if possible netdiag, dcdaig, repadmin /syncall report
    Thanks & Regards
    v-2nas

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect
    Blog: http://www.exchadtech.blogspot.com

    Show your appreciation for my help by giving reputation points

    Comment


    • #3
      Re: AD Replication issues - KCC errors - 1865, 1311, 1566

      Hi - unfortunately i cannot post these details but the event log errors are:

      1865 KCC unable to form Spanning tree
      1311 KCC has detected problems with the following directory partition

      CN=configuration, CN=(domain details)

      1566 All DC in the following site that can replicate directory partition are currently available

      DCDIAG run and "brief" details are in the orginal post
      NETDIAG ran and tests passed

      I appreciate i am not providing detailed logs but i am unable to do so
      Thanks

      Comment


      • #4
        Re: AD Replication issues - KCC errors - 1865, 1311, 1566

        Originally posted by Jenkers View Post
        I have two copies of this infrastrucuture – both in a Physical and Virtual environment. In both cases they are currently in the same room and so therefore there are no Physical connectivity problems
        The Virtual environment has been converted using VMWare converter and brought into ESX

        So you have created a virtual env of physical both are running but no physical connectivity . is there any sys which are not in virtual env but shud have been there.

        Just trying to understand your active directory + dns + replication structure.

        Also check Active directory sites and services and check replication topology. The DNS registration for your DCs. Try to recreate link b.w dc but this should be after thoro checking of you connecitivty b.w dcs.
        Last edited by v-2nas; 1st November 2010, 19:35.
        Thanks & Regards
        v-2nas

        MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
        Sr. Wintel Eng. (Investment Bank)
        Independent IT Consultant and Architect
        Blog: http://www.exchadtech.blogspot.com

        Show your appreciation for my help by giving reputation points

        Comment

        Working...
        X