Announcement

Collapse
No announcement yet.

AD Replication Issues

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Replication Issues

    I have been getting the below error (excerpt from dcdiag /c) somewhat randomly on various servers throughout the week during the last month. A dc reboot clears this up, but it;s starting to get really annoying. This error is resulting in replication issues that if left unchecked can seriously wreak havoc on our domain.


    Code:
    Directory Server Diagnosis
    
    
    Performing initial setup:
    
       Trying to find home server...
    
       Home Server = ServerA
    
       [ServerA] Directory Binding Error 1722:
    
       The RPC server is unavailable.
       This may limit some of the tests that can be performed.
    
       * Identified AD Forest. 
       Done gathering initial info.
    
    
    Doing initial required tests
    
       
       Testing server: SiteA\ServerA
    
          Starting test: Connectivity
    
             [ServerA] DsBindWithSpnEx() failed with error 1722,
    
             The RPC server is unavailable..
             Got error while checking LDAP and RPC connectivity. Please check your
    
             firewall settings.
    
             ......................... ServerA failed test Connectivity

  • #2
    Re: AD Replication Issues

    Looks like the DC either has a service stopping or is otherwise not responding. When you say 'on various servers', are these servers all DCs, or are they member servers who can't talk to a particular DC? Is is always just one DC that's restarted? If so, what do the event logs look like for that box?
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment


    • #3
      Re: AD Replication Issues

      All of the "servers" referenced are DC's. It will happen on one DC, then we'll reboot that DC and the issue will subside. 3 days later, same error, different DC. If left unchecked it starts to cause serious replication issues within the domain.

      I have exhausted the tips found at the below link:

      http://support.microsoft.com/kb/2102154

      Comment


      • #4
        Re: AD Replication Issues

        Have you got a reverse lookup zone configured for your domain, and are the contents correct and present for each DC? With fixed IPs on your DCs you may be losing entries in the reverse lookup zones. Have a troll through your DNS zones for missing or incorrect entries, and check that zone scavenging settings are the same on all the DNS servers. I've seen it where a DNS entry issue can cause the RPC failure, because of inconsistent lookup results. The RPC can't be found, that's why it can't be contacted.
        *RicklesP*
        MSCA (2003/XP), Security+, CCNA

        ** Remember: credit where credit is due, and reputation points as appropriate **

        Comment


        • #5
          Re: AD Replication Issues

          Turns out this is a weird wmi call pushing up the file handles on our DC's. Upgrading the network firmware and net drivers has fixed this

          Comment


          • #6
            Re: AD Replication Issues

            Ultimately this turned out to a gpo with item-level targeting causing tcp port exhaustion, unlinking the gpo and bouncing the DC's fixed the issue. There is a hotfix that resolves this so the GPO's will work.

            http://support.microsoft.com/kb/2867625

            Comment

            Working...
            X