Tyler-Roy
asked on
DSGETDCNAME advertising test failing. SYSVOL and NETLOGON shares not replicating. Please help!!!
Hello all. I have just joined this community, and I have to say out of sheer desperation. I have been working on this issue for days now and can not seem to find a solution. I am praying that someone here might be able to help me...
I'll keep it as to the point as I can. We have a Windows Server 2003 VM ("retired1") acting as a DHCP, DNS, ADDC and GC server. It also held FSMO. it is being hosted by Windows Server 2012 Hyper-V.
We added a second VM ("retired2012"). It is Windows Server 2012. I promoted it to a DC and replicated AD, DHCP and DNS. I transferred FSMO but kept the GC at retired1.
However, FRS replication did not replicate SYSVOL or NETLOGON shares. This is problem A. Without this, I cannot demote retired1 because retired2012 will not allow user logins.
Problem B. After running: "dcdiag /test:advertising" I get an error saying:
Testing server: Default-First-Site\RETIRED 2012
Starting test: Advertising
Warning: DsGetDcName returned information for
\\retired1.RetireFirst.loc al, when we were trying to reach
RETIRED2012.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... RETIRED2012 failed test Advertising
So without this passing, FRS can not complete replication of SYSVOL or NETLOGON shares. A brief summary of what I have tried.
Checked for multiple NICs. Checked firewall rules to allow for replication. Performed D2 non authoritative restore of shares. Re registered DNS. Restarted net login services on all DCs. Checked DNS records for errors (could have missed something though). Set each DC to own DNS server and also tried to common retired1 for DNS. Among others...
Once again I implore anyone who can help to please lend a hand. It would be greatly appreciated!
I can post any additional data you may want to look at. I just wanted to provide a summary to start. Thank you in advance!
I'll keep it as to the point as I can. We have a Windows Server 2003 VM ("retired1") acting as a DHCP, DNS, ADDC and GC server. It also held FSMO. it is being hosted by Windows Server 2012 Hyper-V.
We added a second VM ("retired2012"). It is Windows Server 2012. I promoted it to a DC and replicated AD, DHCP and DNS. I transferred FSMO but kept the GC at retired1.
However, FRS replication did not replicate SYSVOL or NETLOGON shares. This is problem A. Without this, I cannot demote retired1 because retired2012 will not allow user logins.
Problem B. After running: "dcdiag /test:advertising" I get an error saying:
Testing server: Default-First-Site\RETIRED
Starting test: Advertising
Warning: DsGetDcName returned information for
\\retired1.RetireFirst.loc
RETIRED2012.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... RETIRED2012 failed test Advertising
So without this passing, FRS can not complete replication of SYSVOL or NETLOGON shares. A brief summary of what I have tried.
Checked for multiple NICs. Checked firewall rules to allow for replication. Performed D2 non authoritative restore of shares. Re registered DNS. Restarted net login services on all DCs. Checked DNS records for errors (could have missed something though). Set each DC to own DNS server and also tried to common retired1 for DNS. Among others...
Once again I implore anyone who can help to please lend a hand. It would be greatly appreciated!
I can post any additional data you may want to look at. I just wanted to provide a summary to start. Thank you in advance!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
To both of you:
Thank you! Everything I had read from Microsoft had said that a D4 restore should not be attempted except as a very last resort. I did try it earlier on, but it did not work. I think the problem was that before I had restarted NETLOGON as well when apparently it was not needed and actually prevented proper replication.
DCDIAG now passes advertising; sysvol and netlogon are replicating properly it says. A great test I think will be to shut down the old DC and try to connect a client computer to the domain. If netlogon successfully replicated, it should work. Then I can run the demotion of the old server.
Thank you again! I will keep you UTD with my tests now to ensure no fall backs to this problem!
Thank you! Everything I had read from Microsoft had said that a D4 restore should not be attempted except as a very last resort. I did try it earlier on, but it did not work. I think the problem was that before I had restarted NETLOGON as well when apparently it was not needed and actually prevented proper replication.
DCDIAG now passes advertising; sysvol and netlogon are replicating properly it says. A great test I think will be to shut down the old DC and try to connect a client computer to the domain. If netlogon successfully replicated, it should work. Then I can run the demotion of the old server.
Thank you again! I will keep you UTD with my tests now to ensure no fall backs to this problem!
ASKER
Just out of curiosity, I clicked accept multiple solutions and now I can only select one. Howdy I select the other answer as correct as well?
Lost many hours today trying "the entire internet" lol. Accepted solution solved in 10 minutes!
A Big Thank You
A Big Thank You
Hi _ i need clarification on what you wrote - browse \\WorkingDC.domain.local copy sysvol & netlogon and keep backup on ProblemDC & WorkingDC (If can not browse check network connectivity/Port and don't proceed further)
Go to WorkingDC stop NTFRS service open regedit and go to "HKEY_LOCAL_MACHINE\System \CurrentCo ntrolSet\S ervices\Nt Frs\Parame ters\Backu p/Restore\ Process at Startup" change the burflag value to D4 Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now Go to ProblemDC stop NTFRS service open regedit go to "HKEY_LOCAL_MACHINE\System \CurrentCo ntrolSet\S ervices\Nt Frs\Parame ters\Backu p/Restore\ Process at <samp>Startup" change the burflag value to D2 -> Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now
my "Dc-bad" no longer has sysvol and netlogon shares available. It's repl partner in same domain is from another site. Do I select the "workingDC" as the repl partner or select the PDC of this domain to perform this action ?
I obviously don't want to foul it up. Please reply when you can.
Thx
John
Go to WorkingDC stop NTFRS service open regedit and go to "HKEY_LOCAL_MACHINE\System
my "Dc-bad" no longer has sysvol and netlogon shares available. It's repl partner in same domain is from another site. Do I select the "workingDC" as the repl partner or select the PDC of this domain to perform this action ?
I obviously don't want to foul it up. Please reply when you can.
Thx
John
Take the backup of policies and script folder from 2003DC and copy the same to alternate location before you proceed.
Configure authorative time server on the PDC role holder server below is the KB article for the same.http://support.microsoft.com/kb/816042
Also disable time sync from host to VM server:http://jorgequestforknowledge.wordpress.com/2011/09/14/time-sync-recommendations-for-virtual-dcs-on-hyper-v-change-in-recommendations/
Ensure correct dns setting as this:http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/
Hope this helps