Announcement

Collapse
No announcement yet.

Active Directory Replication issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Replication issue

    I have 4 domains controllers in a domain under windows 2003 (DR01, DC01, DC02, DC03,) and i meet problem when replicating from DC01, DC02 to DR01
    The replication From DC03 To other DCs is fine. I think I have problem with DR01 DC.
    Would be much appreciated if anyone can give a clue on this?

    root.local = root domain
    us.root.local = parent domain
    domain1.us.root.local = child domain
    domain2.us.root.local = child domain
    domain3.us.root.local = child domain
    all below DCs are under us.root.local domain
    DR01 - Windows 2003 Server Enterprise Edition SP2
    DC01 - Windows 2003 Server STD Edition SP2
    DC02 - Windows 2003 Server STD Edition SP2
    DC03 - Windows 2003 Server STD Edition SP2
    I see below error logs on DR01 server.
    =======================================
    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1865
    Date: 9/1/2011
    Time: 3:50:37 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: DR01
    Description:
    The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be
    reached from the local site.

    Sites:
    CN=ST_US_EGC002,CN=Sites,CN=Configuration,DC=root, DC=local

    ==============================
    Event Type: Error
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1311
    Date: 9/1/2011
    Time: 3:50:37 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: DR01
    Description:
    The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.

    Directory partition:
    CN=Configuration,DC=root,DC=local

    There is insufficient site connectivity information in Active Directory Sites and Services for the KCC to create a spanning tree replication topology. Or,
    one or more domain controllers with this directory partition are unable to replicate the directory partition information. This is probably due to
    inaccessible domain controllers.

    User Action
    Use Active Directory Sites and Services to perform one of the following actions:
    - Publish sufficient site connectivity information so that the KCC can determine a route by which this directory partition can reach this site. This is the
    preferred option.
    - Add a Connection object to a domain controller that contains the directory partition in this site from a domain controller that contains the same directory
    partition in another site.

    If neither of the Active Directory Sites and Services tasks correct this condition, see previous events logged by the KCC that identify the inaccessible
    domain controllers.

    ==============================
    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1566
    Date: 9/1/2011
    Time: 3:50:37 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: DR01
    Description:
    All domain controllers in the following site that can replicate the directory partition over this transport are currently unavailable.

    Site:
    CN=ST_US_EGC002,CN=Sites,CN=Configuration,DC=root, DC=local
    Directory partition:
    CN=Configuration,DC=root,DC=local
    Transport:
    CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=root,DC=lo cal

    ==============================
    Event Type: Warning
    Event Source: NtFrs
    Event Category: None
    Event ID: 13508
    Date: 8/2/2011
    Time: 10:07:55 PM
    User: N/A
    Computer: DR01
    Description:
    The File Replication Service is having trouble enabling replication from DC02 to DR01 for d:\windows\sysvol\domain using the DNS name
    DC02.domain2.us.root.local. FRS will keep retrying.
    Following are some of the reasons you would see this warning.

    [1] FRS can not correctly resolve the DNS name DC02.domain2.us.root.local from this computer.
    [2] FRS is not running on DC02.domain2.us.root.local.
    [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.

    This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
    Data:
    0000: ba 06 00 00 ...
    =============================
    Event Type: Warning
    Event Source: NtFrs
    Event Category: None
    Event ID: 13508
    Date: 8/25/2011
    Time: 6:10:32 AM
    User: N/A
    Computer: DR01
    Description:
    The File Replication Service is having trouble enabling replication from DC01 to DR01 for d:\windows\sysvol\domain using the DNS name
    DC01.domain2.us.root.local. FRS will keep retrying.
    Following are some of the reasons you would see this warning.

    [1] FRS can not correctly resolve the DNS name DC01.domain2.us.root.local from this computer.
    [2] FRS is not running on DC01.domain2.us.root.local.
    [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.

    This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
    Data:
    0000: d9 06 00 00 ...
    ============================
    Ipconfig /all details of DR01 DC-
    C:\>ipconfig /all
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : DR01
    Primary Dns Suffix . . . . . . . : domain2.us.root.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domain2.us.root.local
    root.com
    domain1.us.root.local
    eu.root.local
    ecl.jp.root.local
    domain3.us.root.local
    ell.eu.root.local
    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : VMware Accelerated AMD PCNet Adapter
    Physical Address. . . . . . . . . : 00-50-56-8E-3B-F4
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.101.90.57
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 10.101.90.253
    DNS Servers . . . . . . . . . . . : 10.101.80.35
    10.101.180.231
    Primary WINS Server . . . . . . . : 10.101.80.35
    Secondary WINS Server . . . . . . : 10.101.180.231

    ==========================
    IPconfig /all details of DC01
    C:\>ipconfig /all
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : dc01
    Primary Dns Suffix . . . . . . . : domain2.us.root.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domain2.us.root.local
    root.com
    domain1.us.root.local
    eu.root.local
    ecl.jp.root.local
    domain3.us.root.local
    ell.eu.root.local
    Ethernet adapter Team/Production:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : BASP Virtual Adapter
    Physical Address. . . . . . . . . : 00-21-5E-64-89-B4
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.101.180.231
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 10.101.180.254
    DNS Servers . . . . . . . . . . . : 10.101.80.35
    10.101.180.231
    Primary WINS Server . . . . . . . : 10.101.80.35
    Secondary WINS Server . . . . . . : 10.101.180.231
    ================================
    IPconfig /all details of DC02
    C:\>ipconfig /all
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : dc02
    Primary Dns Suffix . . . . . . . : domain2.us.root.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domain2.us.root.local
    root.com
    domain1.us.root.local
    eu.root.local
    ecl.jp.root.local
    domain3.us.root.local
    ell.eu.root.local
    Ethernet adapter Production Team:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : BASP Virtual Adapter
    Physical Address. . . . . . . . . : 00-21-5E-64-8A-56
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.101.188.231
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 10.101.188.254
    DNS Servers . . . . . . . . . . . : 10.101.80.35
    10.101.180.231
    Primary WINS Server . . . . . . . : 10.101.80.35
    Secondary WINS Server . . . . . . : 10.101.180.231

  • #2
    Re: Active Directory Replication issue

    I have a few questions:

    - Are the servers able to ping each other?
    - Are the sites, site links, subnets, and server placement configure in ADSS?
    - Are there connections between one of the DC0x servers and the DR01 server in ADSS?
    - Is ADSS showing the same information on all four DC?
    - What does dcdiag show on the four DC's?
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment

    Working...
    X