Announcement

Collapse
No announcement yet.

Win 2003 can't replica 2-way

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Win 2003 can't replica 2-way

    Hello all member

    in company have 2 Domain Controller ,use server 2003 STD r2 sp2

    Now if i create user or computer on AD1 can replicate to AD2(additional)
    but if i create user or computer on AD2 can't replicate to AD1(Main)

    I have Picture error

    Please advise me sir
    Attached Files

  • #2
    Re: Win 2003 can't replica 2-way

    Can you run a dcdiag and post the results.

    Comment


    • #3
      Re: Win 2003 can't replica 2-way

      your first image says the tombstone life has passed - this means that the directory hasn't been able to contact that server for over 180 days !

      dcdiag /fix might, but probably won't, fix this.
      might need to force-demote, metadata cleanup, and then promote again/


      On a side note, who has been doing consistency checks on your domain ?
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment


      • #4
        Re: Win 2003 can't replica 2-way

        DCDIAG on AD1

        C:\Documents and Settings\Administrator>dcdiag
        Domain Controller Diagnosis
        Performing initial setup:
        Done gathering initial info.
        Doing initial required tests
        Testing server: Default-First-Site-Name\PS24
        Starting test: Connectivity
        ......................... PS24 passed test Connectivity
        Doing primary tests
        Testing server: Default-First-Site-Name\PS24
        Starting test: Replications
        [Replications Check,PS24] A recent replication attempt failed:
        From PS26 to PS24
        Naming Context: DC=ForestDnsZones,DC=,DC=talgroup
        The replication generated an error (8524):
        The DSA operation is unable to proceed because of a DNS lookup failu
        re.
        The failure occurred at 2011-07-07 14:30:00.
        The last success occurred at 2011-03-09 15:50:19.
        3274 failures have occurred since the last success.
        The guid-based DNS name 9eb993f1-444b-40ca-917f-dffe80bca917._msdcs.
        .talgroup
        is not registered on one or more DNS servers.
        [Replications Check, PS24] A recent replication attempt failed:
        From PS26 to PS24
        Naming Context: DC=DomainDnsZones,DC= ,DC=talgroup
        The replication generated an error (8524):
        The DSA operation is unable to proceed because of a DNS lookup failu
        re.
        The failure occurred at 2011-07-07 14:29:58.
        The last success occurred at 2011-03-09 15:50:19.
        4171 failures have occurred since the last success.
        The guid-based DNS name 9eb993f1-444b-40ca-917f-dffe80bca917._msdcs.
        .talgroup
        is not registered on one or more DNS servers.
        [Replications Check, PS24] A recent replication attempt failed:
        From PS26 to PS24
        Naming Context: CN=Schema,CN=Configuration,DC= ,DC=talgroup
        The replication generated an error (8524):
        The DSA operation is unable to proceed because of a DNS lookup failu
        re.
        The failure occurred at 2011-07-07 14:29:56.
        The last success occurred at 2011-03-09 15:50:19.
        3225 failures have occurred since the last success.
        The guid-based DNS name 9eb993f1-444b-40ca-917f-dffe80bca917._msdcs.
        .talgroup
        is not registered on one or more DNS servers.
        [Replications Check, PS24] A recent replication attempt failed:
        From PS26 to PS24
        Naming Context: CN=Configuration,DC= ,DC=talgroup
        The replication generated an error (8614):
        The Active Directory cannot replicate with this server because the t
        ime since the last replication with this server has exceeded the tombstone lifet
        ime.
        The failure occurred at 2011-07-07 14:34:49.
        The last success occurred at 2011-03-09 15:50:19.
        7580 failures have occurred since the last success.
        [Replications Check, PS24] A recent replication attempt failed:
        From PS26 to PS24
        Naming Context: DC= ,DC=talgroup
        The replication generated an error (8614):
        The Active Directory cannot replicate with this server because the t
        ime since the last replication with this server has exceeded the tombstone lifet
        ime.
        The failure occurred at 2011-07-07 14:47:53.
        The last success occurred at 2011-03-09 15:50:19.
        46400 failures have occurred since the last success.
        REPLICATION-RECEIVED LATENCY WARNING
        PS24: Current time is 2011-07-07 14:48:04.
        DC=ForestDnsZones,DC= ,DC=talgroup
        Last replication recieved from PS26 at 2011-03-09 15:50:23.
        WARNING: This latency is over the Tombstone Lifetime of 60 days!
        DC=DomainDnsZones,DC= ,DC=talgroup
        Last replication recieved from PS26 at 2011-03-09 15:50:23.
        WARNING: This latency is over the Tombstone Lifetime of 60 days!
        CN=Schema,CN=Configuration,DC= ,DC=talgroup
        Last replication recieved from PS26 at 2011-03-09 15:50:23.
        WARNING: This latency is over the Tombstone Lifetime of 60 days!
        CN=Configuration,DC= ,DC=talgroup
        Last replication recieved from PS26 at 2011-03-09 15:50:23.
        WARNING: This latency is over the Tombstone Lifetime of 60 days!
        DC= ,DC=talgroup
        Last replication recieved from PS26 at 2011-03-09 15:50:23.
        WARNING: This latency is over the Tombstone Lifetime of 60 days!
        ......................... PS24 passed test Replications
        Starting test: NCSecDesc
        ......................... PS24 passed test NCSecDesc
        Starting test: NetLogons
        ......................... PS24 passed test NetLogons
        Starting test: Advertising
        ......................... PS24 passed test Advertising
        Starting test: KnowsOfRoleHolders
        ......................... PS24 passed test KnowsOfRoleHolders
        Starting test: RidManager
        ......................... PS24 passed test RidManager
        Starting test: MachineAccount
        ......................... PS24 passed test MachineAccount
        Starting test: Services
        ......................... PS24 passed test Services
        Starting test: ObjectsReplicated
        ......................... PS24 passed test ObjectsReplicated
        Starting test: frssysvol
        ......................... PS24 passed test frssysvol
        Starting test: frsevent
        ......................... PS24 passed test frsevent
        Starting test: kccevent
        An Warning Event occured. EventID: 0x8000051C
        Time Generated: 07/07/2011 14:34:19
        Event String: The Knowledge Consistency Checker (KCC) has
        An Error Event occured. EventID: 0xC00007FA
        Time Generated: 07/07/2011 14:34:49
        (Event String could not be retrieved)
        An Error Event occured. EventID: 0xC00007FA
        Time Generated: 07/07/2011 14:45:29
        (Event String could not be retrieved)
        ......................... PS24 failed test kccevent
        Starting test: systemlog
        An Error Event occured. EventID: 0xC00003EA
        Time Generated: 07/07/2011 14:27:23
        (Event String could not be retrieved)
        An Error Event occured. EventID: 0xC0001B58
        Time Generated: 07/07/2011 14:31:08
        (Event String could not be retrieved)
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:37:25
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:37:24
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:38:12
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:38:50
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:38:53
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:39:30
        Event String: A driver packet received from the I/O subsystem
        An Error Event occured. EventID: 0x80001774
        Time Generated: 07/07/2011 14:39:30
        Event String: A driver packet received from the I/O subsystem
        ......................... PS24 failed test systemlog
        Starting test: VerifyReferences
        ......................... PS24 passed test VerifyReferences
        Running partition tests on : ForestDnsZones
        Starting test: CrossRefValidation
        ......................... ForestDnsZones passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... ForestDnsZones passed test CheckSDRefDom
        Running partition tests on : DomainDnsZones
        Starting test: CrossRefValidation
        ......................... DomainDnsZones passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... DomainDnsZones passed test CheckSDRefDom
        Running partition tests on : Schema
        Starting test: CrossRefValidation
        ......................... Schema passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... Schema passed test CheckSDRefDom
        Running partition tests on : Configuration
        Starting test: CrossRefValidation
        ......................... Configuration passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... Configuration passed test CheckSDRefDom
        Running partition tests on :
        Starting test: CrossRefValidation
        ......................... passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... passed test CheckSDRefDom
        Running enterprise tests on : .talgroup
        Starting test: Intersite
        ......................... .talgroup passed test Intersite
        Starting test: FsmoCheck
        ......................... .talgroup passed test FsmoCheck
        C:\Documents and Settings\Administrator>

        Comment


        • #5
          Re: Win 2003 can't replica 2-way

          The DSA operation is unable to proceed because of a DNS lookup failu
          re.


          The guid-based DNS name 9eb993f1-444b-40ca-917f-dffe80bca917._msdcs.
          .talgroup
          is not registered on one or more DNS servers.

          (ipconfig /registerdns might help with this)

          The Active Directory cannot replicate with this server because the t
          ime since the last replication with this server has exceeded the tombstone lifet
          ime.
          The failure occurred at 2011-07-07 14:47:53.
          The last success occurred at 2011-03-09 15:50:19

          (your server has been unreachable since March)

          WARNING: This latency is over the Tombstone Lifetime of 60 days!
          CN=Schema,CN=Configuration,DC= ,DC=talgroup

          you could try changing the schema configuration for tombstone lifetime
          http://www.petri.com/changing_the_to...windows_ad.htm

          go away and do a bit of research on tombstone objects, and you shoujld be able to find some answers, or at least some more questions to come back and ask
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Win 2003 can't replica 2-way

            I changed Tombstone LifeTime Aleady on AD2
            Attached Files

            Comment


            • #7
              Re: Win 2003 can't replica 2-way

              ok. so try dcdiag again
              or dcdiag /fix
              if that doens't work, force-demote, metadatacleanup, repromote
              Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

              Comment


              • #8
                Re: Win 2003 can't replica 2-way

                Both AD1 , AD2 have service syncronize with linux LDAP1 , LDAP2 and use certificate from LDAP. If i depromote AD2




                DCDIAG /FIX on AD2

                Now can't replicate from AD2 to AD1 but can replicate from AD1 to AD2

                Domain Controller Diagnosis
                Performing initial setup:
                Done gathering initial info.
                Doing initial required tests

                Testing server: Default-First-Site-Name\ PS26
                Starting test: Connectivity
                ......................... PS26 passed test Connectivity
                Doing primary tests

                Testing server: Default-First-Site-Name\ PS26
                Starting test: Replications
                [Replications Check, PS26] A recent replication attempt failed:
                From PS24 to PS26
                Naming Context: DC=DomainDnsZones,DC= ,DC=talgroup
                The replication generated an error (8606):
                Insufficient attributes were given to create an object. This object may not exist because it may have been deleted and already garbage collected.
                The failure occurred at 2011-07-08 08:15:46.
                The last success occurred at 2011-05-30 10:58:33.
                1818 failures have occurred since the last success.
                REPLICATION-RECEIVED LATENCY WARNING
                PS26: Current time is 2011-07-08 08:23:29.
                DC=DomainDnsZones,DC= ,DC=talgroup
                Last replication recieved from PS24 at 2011-05-30 10:58:34.
                ......................... PS26 passed test Replications
                Starting test: NCSecDesc
                ......................... PS26 passed test NCSecDesc
                Starting test: NetLogons
                ......................... PS26 passed test NetLogons
                Starting test: Advertising
                Warning: PS26 is not advertising as a time server.
                ......................... PS26 failed test Advertising
                Starting test: KnowsOfRoleHolders
                ......................... PS26 passed test KnowsOfRoleHolders
                Starting test: RidManager
                ......................... PS26 passed test RidManager
                Starting test: MachineAccount
                ......................... PS26 passed test MachineAccount
                Starting test: Services
                w32time Service is stopped on [ PS26]
                ......................... PS26 failed test Services
                Starting test: ObjectsReplicated
                ......................... PS26 passed test ObjectsReplicated
                Starting test: frssysvol
                ......................... PS26 passed test frssysvol
                Starting test: frsevent
                ......................... PS26 passed test frsevent
                Starting test: kccevent
                An Warning Event occured. EventID: 0x80000632
                Time Generated: 07/08/2011 08:18:50
                (Event String could not be retrieved)
                ......................... PS26 failed test kccevent
                Starting test: systemlog
                ......................... PS26 passed test systemlog
                Starting test: VerifyReferences
                ......................... PS26 passed test VerifyReferences

                Running partition tests on : ForestDnsZones
                Starting test: CrossRefValidation
                ......................... ForestDnsZones passed test CrossRefValidation
                Starting test: CheckSDRefDom
                ......................... ForestDnsZones passed test CheckSDRefDom

                Running partition tests on : DomainDnsZones
                Starting test: CrossRefValidation
                ......................... DomainDnsZones passed test CrossRefValidation
                Starting test: CheckSDRefDom
                ......................... DomainDnsZones passed test CheckSDRefDom

                Running partition tests on : Schema
                Starting test: CrossRefValidation
                ......................... Schema passed test CrossRefValidation
                Starting test: CheckSDRefDom
                ......................... Schema passed test CheckSDRefDom

                Running partition tests on : Configuration
                Starting test: CrossRefValidation
                ......................... Configuration passed test CrossRefValidation
                Starting test: CheckSDRefDom
                ......................... Configuration passed test CheckSDRefDom

                Running partition tests on :
                Starting test: CrossRefValidation
                ......................... passed test CrossRefValidation
                Starting test: CheckSDRefDom
                ......................... passed test CheckSDRefDom

                Running enterprise tests on : .talgroup
                Starting test: Intersite
                ......................... .talgroup passed test Intersite
                Starting test: FsmoCheck
                ......................... .talgroup passed test FsmoCheck

                Comment

                Working...
                X