Announcement

Collapse
No announcement yet.

Ghost GUIDs causing replication errors every 2 minutes

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ghost GUIDs causing replication errors every 2 minutes

    I spent today hacking around my active directory, running dcpromo and the like trying to fix the problem I posted about previously. Now I have more AD errors:

    Event Type: Error
    Event Source: NTDS Replication
    Event Category: DS RPC Client
    Event ID: 1411
    Date: 8/7/2006
    Time: 11:34:31 PM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: KFL2
    Description:
    Active Directory failed to construct a mutual authentication service principal name (SPN) for the following domain controller.

    Domain controller:
    e47c6884-92e7-4b2f-8832-c5f2cd26c278._msdcs.kailing.local

    The call was denied. Communication with this domain controller might be affected.

    Additional Data
    Error value:
    8589 The DS cannot derive a service principal name (SPN) with which to mutually authenticate the target server because the corresponding server object in the local DS database has no serverReference attribute.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    Event Type: Error
    Event Source: NTDS Replication
    Event Category: DS RPC Client
    Event ID: 1411
    Date: 8/7/2006
    Time: 11:34:34 PM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: KFL2
    Description:
    Active Directory failed to construct a mutual authentication service principal name (SPN) for the following domain controller.

    Domain controller:
    53086a6f-ae4f-41da-9a24-9de7bce869d8._msdcs.kailing.local

    The call was denied. Communication with this domain controller might be affected.

    Additional Data
    Error value:
    8589 The DS cannot derive a service principal name (SPN) with which to mutually authenticate the target server because the corresponding server object in the local DS database has no serverReference attribute.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    Which show up every 2 minutes and 8 seconds. I mean neither of these GUIDs are even the correct GUIDs of kfl1. Hacking around in ASDIedit doesn't find these values, pinging them resulst in no response, and I have no idea where they are comming from. Replmon and repadmin both come up roses saying nothing is wrong, as does dcdiag, and kfl1 is showing no errors at all in terms of replication. But I am now getting a bunch of browser errors on all clients and the non FSMO server:

    Event Type: Warning
    Event Source: BROWSER
    Event Category: None
    Event ID: 8021
    Date: 8/7/2006
    Time: 8:25:39 PM
    User: N/A
    Computer: KFL1
    Description:
    The browser service was unable to retrieve a list of servers from the browser master \\KFL2 on the network \Device\NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}.

    Browser master: \\KFL2
    Network: \Device\NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}

    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 00000040

    Event Type: Error
    Event Source: BROWSER
    Event Category: None
    Event ID: 8032
    Date: 8/7/2006
    Time: 8:26:40 PM
    User: N/A
    Computer: KFL1
    Description:
    The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}. The backup browser is stopping.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 00000040

    Which have to be related, I think since they showed up at the same time. But I am not sure how the browser service has anything to do with ghost GUIDs. Any help would be most appreciated!

  • #2
    Re: Ghost GUIDs causing replication errors every 2 minutes

    Ok, I think I know what caused this problem. I checked the logs today and it was after I had demoted KFL1 and removed it from the domain and deleted it from AD (DNS, the computer accounts and references) and then rejoined the domain and dcpromoed it, that the errors started appearing on kfl2. So, my guess is these ghost GUIDs correspond to the old GUID of the computer account of kfl1. Now, today I installed DNS and my prior problem is fixed (I updated that thread) but this new problem remains.

    So, where do I look to find these ghost GUIDs that are registered for replication? Here is what I found today, there was a reference in my registry under autoenrollment for one of these GUIDs and I deleted it. In ADSIedit, I found both GUIDs in CN=System, CN=MicrosoftDNS, DC=kailing.local. Its funny it showed up there but not in the DNS console. Anyway, I deleted both references but the problem still persiists. Where else can I look for these GUIDs? Where does replication check GUIDs from? Thank you!

    Oh, BTW, I fixed my brower problems by making KFL2 ismaster=true. I thought I had already done that but it seems something I did yesterday changed that reg key. Anyway that problem is fixed.
    Last edited by silkshadow; 8th August 2006, 08:27.

    Comment


    • #3
      Re: Ghost GUIDs causing replication errors every 2 minutes

      As per the rules, I report back on this. Like my other problem its now fixed! This time it was a big thanks to a large Windows 2003 forum (don't want to violate the strict rules here by "advertising"). Anyway, it required triggering KCC to disable the invalid GUIDs as there is no way to do this manually. My mistake was beating my self over the head trying to find a way to remove these GUIDs manually and, it turns out, this is not possible. This was quickly pointed out to me on that other forum today right after I posted. I could've saved mysefl two frustrating days if I had just known that. Anyway thanks for, I guess, reading about my problems at least!

      Peace for the world!
      Last edited by silkshadow; 8th August 2006, 15:27.

      Comment


      • #4
        Re: Ghost GUIDs causing replication errors every 2 minutes

        Thanks letting us know what the fix was Silkshadow and well done on getting it sorted out.
        1 1 was a racehorse.
        2 2 was 1 2.
        1 1 1 1 race 1 day,
        2 2 1 1 2

        Comment

        Working...
        X