Windows 2008 Active directory replication issue
Hi all,
i got a very strange problem with replication in active directory.
Scenario:
2 sites called AR and GI
AR site 192.168.30.0/24
GI site 192.168.40.0/24
The sites are connected via Vpn site-to-site
There is one domain controller per site.
DC are global catalog
DCA1 is in AR site
DCG1 is in GI site
IPV6 disabled on DCs
If i use only one site, putting all DC in the same site, replication is good.
If i put DCA1 in AR site and DCG1 in GI site the replication function for some time (one hour more or less)
After this replication stops with RPC call failed and never complete again until i put all DCs in the same site.
To avoid long logon times and unnecessary use of Vpn i have to correct this situation.
Other info:
Ping and Rpcping between DCs is always ok.
I have configured AD sites with the right subnets using an IP site link.
Tried to config the two DCs as bridgehead server.
Forest and domain functional level: windows 2003
In event viewer on DCG1 i found a lot of:
Warning 1232 DS RPC client: "Active Directory Domain Services attempted to perform a remote procedure call (RPC) to the following server. The call timed out and was cancelled."
Error 1311 KCC: "The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
Directory partition:
CN=Configuration,DC=compan
There is insufficient site connectivity information for the KCC to create a spanning tree replication topology. Or, one or more directory servers with this directory partition are unable to replicate the directory partition information. This is probably due to inaccessible directory servers. "
A lot of FRS warnings
i got a very strange problem with replication in active directory.
Scenario:
2 sites called AR and GI
AR site 192.168.30.0/24
GI site 192.168.40.0/24
The sites are connected via Vpn site-to-site
There is one domain controller per site.
DC are global catalog
DCA1 is in AR site
DCG1 is in GI site
IPV6 disabled on DCs
If i use only one site, putting all DC in the same site, replication is good.
If i put DCA1 in AR site and DCG1 in GI site the replication function for some time (one hour more or less)
After this replication stops with RPC call failed and never complete again until i put all DCs in the same site.
To avoid long logon times and unnecessary use of Vpn i have to correct this situation.
Other info:
Ping and Rpcping between DCs is always ok.
I have configured AD sites with the right subnets using an IP site link.
Tried to config the two DCs as bridgehead server.
Forest and domain functional level: windows 2003
In event viewer on DCG1 i found a lot of:
Warning 1232 DS RPC client: "Active Directory Domain Services attempted to perform a remote procedure call (RPC) to the following server. The call timed out and was cancelled."
Error 1311 KCC: "The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
Directory partition:
CN=Configuration,DC=compan
There is insufficient site connectivity information for the KCC to create a spanning tree replication topology. Or, one or more directory servers with this directory partition are unable to replicate the directory partition information. This is probably due to inaccessible directory servers. "
A lot of FRS warnings
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://support.microsoft.c
See this too:
http://www.eventid.net/display.asp?eventid=1232&eventno=3527&source=NTDS%20Replication&phase=1