2nd DC doesn't sync with PDC (DNS-failure..)
Posted on 2003-11-27
When trying to initialise a Active Directory Synchronisation from my 2nd Server
(via Active Directory Replication Manager) to PDC I get the following error:
"The DSA Operation Is Unable to Proceed Because of a DNS Lookup Failure" Error
If you think now: "hehe that's easy - you only need to setup the IP / DNS Name correctly " then do not read on...;-)
Both server's hace 2 Ip's:
PDC: aserver 192.168.0.1 , 192.168.0.2
2nd DC: bserver 192.168.0.3 , 192.168.0.4
TCP/IP over NetBios is activated on all 4 interfaces.
On both servers DNS client & server is running.
I can ping all 4 Ip's from both servers.
Name resolution works from both servers ( ping aserver -> OK, ping aserver.domain.dnsname.com -> OK)
reverse name resolution works for both servers ( ping -a 192.168.0.1 -> trying [aserver.domain.dnsname.com] -> OK )
In short: DNS works great, beside:
In the event viewer for DNS i get the following error:
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 6702
Time: 10:13:08 PM
DNS server has updated its own host (A) records. In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update. An error was encountered during this update, the record data is the error code.
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this server.
5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact. (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner. It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.
*** End of error message
The DNS log for startup does'nt show anything unusual.
Using Active Directory Replication Monitor I'm able to see the Replication partners, I'm even able to "Check current USN and unreplicated Objects".
It shows a list of things that have to be updated, but when trying to "Synchronize with this replication partnter" i get the first error message..
pls help - i'm on the verge of getting crazy...
I even tried to manually set up a KCC link using repadmin but still always the old plain errors...
Any help would be appreciated.