No announcement yet.

2003 & 2000 DC's AD repl. issue

  • Filter
  • Time
  • Show
Clear All
new posts

  • 2003 & 2000 DC's AD repl. issue

    Hello everybody, and thanks in advance!
    ok, here goes:
    X2 DC's
    1. 2003 R2 Std. (PDC/DHCP/DNS/All FSMO roles)
    2. 2000 SP4 Std. ("BDC"/sDNS)
    up until a few days ago all was working well, no issues what so ever.
    suddenly, and for no apprent reason,
    there "seems" to be repl problems between the 2 DC's,
    on the 2003DC there are no issues, no problems as far as its concerened all is well
    there was one event (warning) saying that schema FSMO could not do somthing but i think that was because of a power failure... although u never know.
    the 2000DC cannot access via UNC or by IP the RUN \\ to the 2003DC server nor can it \\"domain-name"
    it pops up a "wrong password/user" and gives an option to put user creds no matter what i put in the box nothing works,

    in the MMC it shows me the DNS (of the 2003DC) as unavailable (-) BUT will get updates from the 2003DC it has no issues with any kind of replications!!! no problems as far as site-to-site
    ran repadmin /replicate (on the 2003DC) and /syncall (on the 2000DC) no problems,
    ran DCDIAG, REPADMIN, NETDIAG... and such and all passed!

    as it cant "connect" the the SYSVOL of the 2003DC it shows me the event id 1000 (userenv) for each policy obviasly, in the log of the 2000DC,

    both machines ping each other (by name), and aside from the \\ thing and the event 1000 errors there doesnt seem to be any other issues (yet),

    all 14-15 servers and 100+ clients are not affected at all, both DC's are functioning as DC's for the domain and both CAN be accessed from each client (including via the domain admin account from a diffrent PC)

    ran NETDOM thought maybe a reset of the machine pass would solve it, i get "access is denied" same if i try a simple NET TIME \\"DC2003" = access denied yet again.

    no updates automatic or manual were done on either server,
    both are logged in with the domain admin user
    both replicate the SYSVOL/NETLOGON with no issues!!!!!
    but the 2000DC cannot access the 2003DC by UNC nor by IP,

    2 options came to mind:
    1. to upgrade the 2000DC to 2003 R2 (which was the plan for the next couple of weeks)
    2. dcpromo the 2000DC, upgrade/reinstall to 2003 R2, then rejoin/join the domain and DCPROMO.
    am wary of doing that now as i'd rather upgrade/dcpromo a healthy server and not one that has AD issues
    plus i want to understand what the problem is
    tried anything that comes to mind, and would appriciate if anyone has any ideas,
    am trying to figure out if the issue is that 2003DC is preventing the 2000DC, or is there somthing that was messed up on the 2000DC as things were working very very well up until a few days ago.

    am sure in the end.. it will be a tick here.. and reboot there..
    thanks in advance!!

  • #2
    Re: 2003 & 2000 DC's AD repl. issue

    Have you ran NETDIAG and DCDIAG??


    • #3
      Re: 2003 & 2000 DC's AD repl. issue

      yes, as stated in the original msg, ran DCDIAG, NETDIAG, REPADMIN, and all tests pass, hence not getting any "pointer" towards the problem.....
      repadmin /replicate and /syncall (2003 & 2000 respectivly) both stated that all is well, both too and from each server (i always do it twice each in diffrent directions.... force of habit).


      • #4
        Re: 2003 & 2000 DC's AD repl. issue

        Whoops sorry i missed that bit.

        Probably checked these

        I can remember seeing these but i can't remember what i did to fix them.

        As a side note you did update the schema when you done the R2 update didn't you.


        • #5
          Re: 2003 & 2000 DC's AD repl. issue

          read those articles as well...
          i dont think its a "sharing issue" and really am trying not to touch the SYSVOL permissions
          as a test (i should have mentioned it before) i added a simple folder and shared it (EVERYONE/FULL CONTROL) a folder with some nonsense files,

          all servers/clients can reach it.. but this 2000DC refuses!!
          as far as its concerend the 2003DC as \\ does not exist... which is wierd as it will replicate files in SYSVOL with the 2003DC with no issues.

          to ur question: prior to adding the R2 DC the schema was updated, all worked well up until now.