Active Directory was unable to establish a connection with the global catalog.
Hi,
I really need some help here please.
I have a GC which is giving me this error:
Active Directory was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200cd1
Now, this machine (appserv1) is set to be a GC and was working fine before....
I had to remove a PCI Perc card and swap over to using an internal Raid kit, and then restore the server from a tape backup.
This is the result of a dcdiag:
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine APPSERV1, is a DC.
* Connecting to directory service on server APPSERV1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Reigate\APPSERV1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... APPSERV1 passed test Connectivity
Doing primary tests
Testing server: Reigate\APPSERV1
Starting test: Replications
* Replications Check
[Replications Check,APPSERV1] Inbound replication is disabled.
To correct, run "repadmin /options APPSERV1 -DISABLE_INBOUND_REPL"
[Replications Check,APPSERV1] Outbound replication is disabled.
To correct, run "repadmin /options APPSERV1 -DISABLE_OUTBOUND_REPL"
......................... APPSERV1 failed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC APPSERV1.
* Security Permissions Check for
DC=ForestDnsZones,DC=lette
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=lette
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=letter
(Configuration,Version 2)
* Security Permissions Check for
DC=letterpart,DC=local
(Domain,Version 2)
......................... APPSERV1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\APPSERV1\netlogon
Verified share \\APPSERV1\sysvol
......................... APPSERV1 passed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for \\appserv2.letterpart.loca
Server is not responding or is not considered suitable.
The DC APPSERV1 is advertising itself as a DC and having a DS.
The DC APPSERV1 is advertising as an LDAP server
The DC APPSERV1 is advertising as having a writeable directory
The DC APPSERV1 is advertising as a Key Distribution Center
Warning: APPSERV1 is not advertising as a time server.
Warning: APPSERV1 is not advertising as a global catalog.
Check that server finished GC promotion.
Check the event log on server that enough source replicas for the GC are available.
......................... APPSERV1 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Domain Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role PDC Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Rid Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Infrastructure Update Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
......................... APPSERV1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2103 to 1073741823
* APPSERV1.letterpart.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
The DS has corrupt data: rIDPreviousAllocationPool value is not valid
* rIDPreviousAllocationPool is 0 to 0
* rIDNextRID: 0
No rids allocated -- please check eventlog.
......................... APPSERV1 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC APPSERV1 on DC APPSERV1.
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/APPSERV1
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/a38107ea-9880-4c83-9
* SPN found :E3514235-4B06-11D1-AB04-0
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :HOST/APPSERV1
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :GC/APPSERV1.letterpart.lo
......................... APPSERV1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
w32time Service is stopped on [APPSERV1]
* Checking Service: NETLOGON
NETLOGON Service is paused on [APPSERV1]
......................... APPSERV1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
APPSERV1 is in domain DC=letterpart,DC=local
Checking for CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=APPSERV1,CN=Se
Object is up-to-date on all servers.
......................... APPSERV1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... APPSERV1 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... APPSERV1 passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... APPSERV1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0000005
Time Generated: 01/30/2007 09:51:11
Event String: Failed to setup initiator portal. Error status is
given in the dump data.
An Error Event occured. EventID: 0x0000410B
Time Generated: 01/30/2007 09:51:47
Event String: The request for a new account-identifier pool
failed. The operation will be retried until the
request succeeds. The error is
"
The requested FSMO operation failed. The current FSMO holder could not be contacted.
"
An Error Event occured. EventID: 0xC25A002E
Time Generated: 01/30/2007 09:52:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0001B6F
Time Generated: 01/30/2007 09:52:58
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:41
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:42
(Event String could not be retrieved)
......................... APPSERV1 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
on
CN=APPSERV1,CN=Servers,CN=
are correct.
The system object reference (frsComputerReferenceBL)
CN=APPSERV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=lette
and backlink on
CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
The system object reference (serverReferenceBL)
CN=APPSERV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=lette
and backlink on
CN=NTDS Settings,CN=APPSERV1,CN=Se
are correct.
......................... APPSERV1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : letterpart
Starting test: CrossRefValidation
......................... letterpart passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... letterpart passed test CheckSDRefDom
Running enterprise tests on : letterpart.local
Starting test: Intersite
Skipping site Reigate, this site is outside the scope provided by the
command line arguments provided.
......................... letterpart.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\APPSERV1.letterpart.loca
Locator Flags: 0xe00001bd
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
A Good Time Server could not be located.
KDC Name: \\appserv2.letterpart.loca
Locator Flags: 0xe00001b8
......................... letterpart.local failed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
I really need some help here please.
I have a GC which is giving me this error:
Active Directory was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200cd1
Now, this machine (appserv1) is set to be a GC and was working fine before....
I had to remove a PCI Perc card and swap over to using an internal Raid kit, and then restore the server from a tape backup.
This is the result of a dcdiag:
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine APPSERV1, is a DC.
* Connecting to directory service on server APPSERV1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Reigate\APPSERV1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... APPSERV1 passed test Connectivity
Doing primary tests
Testing server: Reigate\APPSERV1
Starting test: Replications
* Replications Check
[Replications Check,APPSERV1] Inbound replication is disabled.
To correct, run "repadmin /options APPSERV1 -DISABLE_INBOUND_REPL"
[Replications Check,APPSERV1] Outbound replication is disabled.
To correct, run "repadmin /options APPSERV1 -DISABLE_OUTBOUND_REPL"
......................... APPSERV1 failed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC APPSERV1.
* Security Permissions Check for
DC=ForestDnsZones,DC=lette
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=lette
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=letter
(Configuration,Version 2)
* Security Permissions Check for
DC=letterpart,DC=local
(Domain,Version 2)
......................... APPSERV1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\APPSERV1\netlogon
Verified share \\APPSERV1\sysvol
......................... APPSERV1 passed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for \\appserv2.letterpart.loca
Server is not responding or is not considered suitable.
The DC APPSERV1 is advertising itself as a DC and having a DS.
The DC APPSERV1 is advertising as an LDAP server
The DC APPSERV1 is advertising as having a writeable directory
The DC APPSERV1 is advertising as a Key Distribution Center
Warning: APPSERV1 is not advertising as a time server.
Warning: APPSERV1 is not advertising as a global catalog.
Check that server finished GC promotion.
Check the event log on server that enough source replicas for the GC are available.
......................... APPSERV1 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Domain Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role PDC Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Rid Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
Role Infrastructure Update Owner = CN=NTDS Settings,CN=APPSERV1,CN=Se
......................... APPSERV1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2103 to 1073741823
* APPSERV1.letterpart.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
The DS has corrupt data: rIDPreviousAllocationPool value is not valid
* rIDPreviousAllocationPool is 0 to 0
* rIDNextRID: 0
No rids allocated -- please check eventlog.
......................... APPSERV1 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC APPSERV1 on DC APPSERV1.
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/APPSERV1
* SPN found :LDAP/APPSERV1.letterpart.
* SPN found :LDAP/a38107ea-9880-4c83-9
* SPN found :E3514235-4B06-11D1-AB04-0
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :HOST/APPSERV1
* SPN found :HOST/APPSERV1.letterpart.
* SPN found :GC/APPSERV1.letterpart.lo
......................... APPSERV1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
w32time Service is stopped on [APPSERV1]
* Checking Service: NETLOGON
NETLOGON Service is paused on [APPSERV1]
......................... APPSERV1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
APPSERV1 is in domain DC=letterpart,DC=local
Checking for CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=APPSERV1,CN=Se
Object is up-to-date on all servers.
......................... APPSERV1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... APPSERV1 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... APPSERV1 passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... APPSERV1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0000005
Time Generated: 01/30/2007 09:51:11
Event String: Failed to setup initiator portal. Error status is
given in the dump data.
An Error Event occured. EventID: 0x0000410B
Time Generated: 01/30/2007 09:51:47
Event String: The request for a new account-identifier pool
failed. The operation will be retried until the
request succeeds. The error is
"
The requested FSMO operation failed. The current FSMO holder could not be contacted.
"
An Error Event occured. EventID: 0xC25A002E
Time Generated: 01/30/2007 09:52:14
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0001B6F
Time Generated: 01/30/2007 09:52:58
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:41
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 01/30/2007 09:53:42
(Event String could not be retrieved)
......................... APPSERV1 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
on
CN=APPSERV1,CN=Servers,CN=
are correct.
The system object reference (frsComputerReferenceBL)
CN=APPSERV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=lette
and backlink on
CN=APPSERV1,OU=Domain Controllers,DC=letterpart,
The system object reference (serverReferenceBL)
CN=APPSERV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=lette
and backlink on
CN=NTDS Settings,CN=APPSERV1,CN=Se
are correct.
......................... APPSERV1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : letterpart
Starting test: CrossRefValidation
......................... letterpart passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... letterpart passed test CheckSDRefDom
Running enterprise tests on : letterpart.local
Starting test: Intersite
Skipping site Reigate, this site is outside the scope provided by the
command line arguments provided.
......................... letterpart.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\APPSERV1.letterpart.loca
Locator Flags: 0xe00001bd
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
A Good Time Server could not be located.
KDC Name: \\appserv2.letterpart.loca
Locator Flags: 0xe00001b8
......................... letterpart.local failed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
ASKER
Ok,
after a reboot I now get:
Event ID 2103
The Active Directory database has been restored using an unsupported restoration procedure.
and looking up technet: http://support.microsoft.com/kb/875495
It seems that when I restored the AD from tape during the SCSI drive controller swap I have created an Update Sequence Number (USN) rollback.
after a reboot I now get:
Event ID 2103
The Active Directory database has been restored using an unsupported restoration procedure.
and looking up technet: http://support.microsoft.com/kb/875495
It seems that when I restored the AD from tape during the SCSI drive controller swap I have created an Update Sequence Number (USN) rollback.
ASKER
Right...
If I run: repadmin /showutdvec appserv1 dc=letterpart,dc=local
I get:
Caching GUIDs.
..
Reigate\APPSERV1 @ USN 540748 @ Time 2007-01-18 13:00:23
Reigate\APPSERV2 @ USN 272258 @ Time 2007-01-30 11:50:49
Reigate\APPSERV1 @ USN 639021 @ Time 2007-01-30 11:54:09
and if I run: repadmin /showutdvec appserv2 dc=letterpart,dc=local
Caching GUIDs.
..
Reigate\APPSERV1 @ USN 524324 @ Time 2007-01-15 16:56:58
Reigate\APPSERV2 @ USN 272272 @ Time 2007-01-30 11:56:29
Appserv1 is the GC machine that was restored.
The replication partner has a lower USN number for the dc than the dc has for it'self, so does this point to it not being a USN issue?
thanks.
If I run: repadmin /showutdvec appserv1 dc=letterpart,dc=local
I get:
Caching GUIDs.
..
Reigate\APPSERV1 @ USN 540748 @ Time 2007-01-18 13:00:23
Reigate\APPSERV2 @ USN 272258 @ Time 2007-01-30 11:50:49
Reigate\APPSERV1 @ USN 639021 @ Time 2007-01-30 11:54:09
and if I run: repadmin /showutdvec appserv2 dc=letterpart,dc=local
Caching GUIDs.
..
Reigate\APPSERV1 @ USN 524324 @ Time 2007-01-15 16:56:58
Reigate\APPSERV2 @ USN 272272 @ Time 2007-01-30 11:56:29
Appserv1 is the GC machine that was restored.
The replication partner has a lower USN number for the dc than the dc has for it'self, so does this point to it not being a USN issue?
thanks.
ASKER
Ok,
I have transferred the 5 FSMO roles to the other DC (using ntdsutil) and then attempted to remove AD on the primary server.
This gave me an error so I used the /forceremoval switch on dcpromo.
I have transferred the 5 FSMO roles to the other DC (using ntdsutil) and then attempted to remove AD on the primary server.
This gave me an error so I used the /forceremoval switch on dcpromo.
ASKER
I then got errors when trying to log the server onto the domain and also when trying to make it a DC.
The error was:
The specified user already exists.
So, I used KB: How to remove data in Active Directory after an unsuccessful domain controller demotion (216498 ) to remove the old entries.
Then dcpromo to promote it to a DC, and so far, there are no errors on the DC.
Have now checked my exchange server and that is connection ok, and finally Interorg replication tool is logging on properly now, which is what sparked all this off.
Seeing as I answered this myself, I am going to ask for the points to be refunded.
regards
The error was:
The specified user already exists.
So, I used KB: How to remove data in Active Directory after an unsuccessful domain controller demotion (216498 ) to remove the old entries.
Then dcpromo to promote it to a DC, and so far, there are no errors on the DC.
Have now checked my exchange server and that is connection ok, and finally Interorg replication tool is logging on properly now, which is what sparked all this off.
Seeing as I answered this myself, I am going to ask for the points to be refunded.
regards
you've shown very good knowledge and ability of research that I think you are kind of people who don't need EE....well not entirely true..we all learn from others....but i mean you are really good.
Just out of my curiosity, how did the replication disabled at the first place?
Just out of my curiosity, how did the replication disabled at the first place?
ASKER
Heh,
thanks for the compliment but you're wrong! :-)
This all started when I had to remove the PERC SCSI controller card out of the server to make room for another SCSI card to hang a tape device off.
The original PERC was used to control the hard drives. When i swapped it over to the internal controller, I lost my windows install and had to restore from a timely back up I had done earlier to the SAN box <phew>. This was the second of a pair that I have had to do, the other one swapped over to the internal card without any problems.
The restore put the AD out of synch with the other DC and that is how the replication failed.
To be honest, it took a while to notice that it was the replication that had failed as I was too busy looking at the exchange server Interorg replication tool failing. I should have spotted the errors on the DC sooner. But, despite spending the day sh***ing myself, I have learnt loads.
regards.
thanks for the compliment but you're wrong! :-)
This all started when I had to remove the PERC SCSI controller card out of the server to make room for another SCSI card to hang a tape device off.
The original PERC was used to control the hard drives. When i swapped it over to the internal controller, I lost my windows install and had to restore from a timely back up I had done earlier to the SAN box <phew>. This was the second of a pair that I have had to do, the other one swapped over to the internal card without any problems.
The restore put the AD out of synch with the other DC and that is how the replication failed.
To be honest, it took a while to notice that it was the replication that had failed as I was too busy looking at the exchange server Interorg replication tool failing. I should have spotted the errors on the DC sooner. But, despite spending the day sh***ing myself, I have learnt loads.
regards.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have enabled inbound and outbound replication using:
repadmin /options APPSERV1 -DISABLE_INBOUND_REPL
repadmin /options APPSERV1 -DISABLE_OUTBOUND_REPL
and now the dcdiag shows;
Doing primary tests
Testing server: Reigate\APPSERV1
Starting test: Replications
* Replications Check
[Replications Check,APPSERV1] A recent replication attempt failed:
From APPSERV2 to APPSERV1
Naming Context: DC=ForestDnsZones,DC=lette
The replication generated an error (8457):
The destination server is currently rejecting replication requests.
The failure occurred at 2007-01-30 09:51:57.
The last success occurred at 2007-01-15 13:51:04.
356 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,APPSERV1] A recent replication attempt failed:
From APPSERV2 to APPSERV1
Naming Context: DC=DomainDnsZones,DC=lette
The replication generated an error (8457):
The destination server is currently rejecting replication requests.
The failure occurred at 2007-01-30 09:51:57.
The last success occurred at 2007-01-15 13:51:04.
356 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,APPSERV1] A recent replication attempt failed:
From APPSERV2 to APPSERV1
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (8457):
The destination server is currently rejecting replication requests.
The failure occurred at 2007-01-30 09:51:57.
The last success occurred at 2007-01-15 13:51:04.
356 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,APPSERV1] A recent replication attempt failed:
From APPSERV2 to APPSERV1
Naming Context: CN=Configuration,DC=letter
The replication generated an error (8457):
The destination server is currently rejecting replication requests.
The failure occurred at 2007-01-30 09:58:53.
The last success occurred at 2007-01-15 15:37:30.
796 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
[Replications Check,APPSERV1] A recent replication attempt failed:
From APPSERV2 to APPSERV1
Naming Context: DC=letterpart,DC=local
The replication generated an error (8457):
The destination server is currently rejecting replication requests.
The failure occurred at 2007-01-30 10:03:39.
The last success occurred at 2007-01-15 15:50:53.
641 failures have occurred since the last success.
Replication has been explicitly disabled through the server options.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
APPSERV1: Current time is 2007-01-30 10:43:30.
DC=ForestDnsZones,DC=lette
Last replication recieved from APPSERV2 at 2007-01-15 13:51:04.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=lette
Last replication recieved from APPSERV2 at 2007-01-15 13:51:04.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration
Last replication recieved from APPSERV2 at 2007-01-15 13:51:04.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=letter
Last replication recieved from APPSERV2 at 2007-01-15 15:37:30.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=letterpart,DC=local
Last replication recieved from APPSERV2 at 2007-01-15 15:50:54.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check