KANEWONG
asked on
AD replication problem - Event ID 1311 found
I found Event ID 1311 in Event Viewer, and after doing dc diagnostic by uisng the following command, I got this message. it looks like the dns problem, how can I solve it?
I did it at the head office domain (the parent domain, I have a child domain in remote site)
dcdiag /test:connectivity /e /q
HUBDC's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6c04af51-1692-4aa2-9782-4
couldn't be resolved, the server name (hubdc.BO.mycompany.com)
resolved to the IP address (192.168.0.13) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... HUBDC failed test Connectivity
WMIDC's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(a3418a6c-029e-4366-8cb7-c
couldn't be resolved, the server name (remotedc.BO.mycompany.com
resolved to the IP address (192.168.1.1) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... REMOTEDC failed test Connectivity
My Active Directory infrastructure
Head Office
DC1.mycompany.com - w2k server
DC2.mycompany.com - w2k server
DC3.mycompany.com - w2k server
HUBDC.BO.mycompany.com - w2003 server
Remote site
REMOTEDC.BO.mycompany.com - W2003 server
All sites are in the defaultsitelink. Remote site and Head office site should be replicated via hubdc.bo.mycompany.com
Please give me the solution.
Thanks!
I did it at the head office domain (the parent domain, I have a child domain in remote site)
dcdiag /test:connectivity /e /q
HUBDC's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6c04af51-1692-4aa2-9782-4
couldn't be resolved, the server name (hubdc.BO.mycompany.com)
resolved to the IP address (192.168.0.13) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... HUBDC failed test Connectivity
WMIDC's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(a3418a6c-029e-4366-8cb7-c
couldn't be resolved, the server name (remotedc.BO.mycompany.com
resolved to the IP address (192.168.1.1) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... REMOTEDC failed test Connectivity
My Active Directory infrastructure
Head Office
DC1.mycompany.com - w2k server
DC2.mycompany.com - w2k server
DC3.mycompany.com - w2k server
HUBDC.BO.mycompany.com - w2003 server
Remote site
REMOTEDC.BO.mycompany.com - W2003 server
All sites are in the defaultsitelink. Remote site and Head office site should be replicated via hubdc.bo.mycompany.com
Please give me the solution.
Thanks!
Pete Long
http://www.eventid.net/display.asp?eventid=1311
can you run a full dcdiag with a dcdiag /v in verbose mode.
check whether the Dc has registerd the GUID properly on the DNS servers.
can you also try pinging the GUID and also the fqdn and make sure it resolves.
what about physical conn.
check whether the Dc has registerd the GUID properly on the DNS servers.
can you also try pinging the GUID and also the fqdn and make sure it resolves.
what about physical conn.
ASKER
We are using a dedicated T1 line to connect both sites.
how can I check if my DC registered the GUID on DNS?
I am able to ping remotedc.bo.mycompany.com.
how can I check if my DC registered the GUID on DNS?
I am able to ping remotedc.bo.mycompany.com.
ASKER
In DNS server, I cannot see the _kerberos and _tcp SRV record of my remote site, should I add it back and how.
DC3 -> Forward Lookup Zones -> mycompany.com -> _msdcs -> dc -> _sites -> _remotesite -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] dc1.mycompany.com
_kerberos Service location [0][100][88] dc2.mycompany.com
_kerberos Service location [0][100][88] dc3.mycompany.com
_tcp Service location [0][100][389] dc1.mycompany.com
_tcp Service location [0][100][389] dc2.mycompany.com
_tcp Service location [0][100][389] dc3.mycompany.com
Should I add something like these for HUBDC and REMOTEDC back to DNS? And how?
DC3 -> Forward Lookup Zones -> mycompany.com -> _msdcs -> dc -> _sites -> _remotesite -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] dc1.mycompany.com
_kerberos Service location [0][100][88] dc2.mycompany.com
_kerberos Service location [0][100][88] dc3.mycompany.com
_tcp Service location [0][100][389] dc1.mycompany.com
_tcp Service location [0][100][389] dc2.mycompany.com
_tcp Service location [0][100][389] dc3.mycompany.com
Should I add something like these for HUBDC and REMOTEDC back to DNS? And how?
ASKER
In my remote site child domain controller (REMOTEDC), I can locate the following record in the DNS.
REMOTEDC -> Forward Lookup Zones -> BO.mycompany.com -> _msdcs -> dc -> _sites -> remotesite -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] remotedc.bo.mycompany.com
_tcp Service location [0][100][389] remotedc.bo.mycompany.com
REMOTEDC -> Forward Lookup Zones -> bo.mycompany.com -> _msdcs -> dc -> _sites -> headoffice -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] hubdc.bo.mycompany.com
_tcp Service location [0][100][389] hubdc.bo.mycompany.com
REMOTEDC -> Forward Lookup Zones -> BO.mycompany.com -> _msdcs -> dc -> _sites -> remotesite -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] remotedc.bo.mycompany.com
_tcp Service location [0][100][389] remotedc.bo.mycompany.com
REMOTEDC -> Forward Lookup Zones -> bo.mycompany.com -> _msdcs -> dc -> _sites -> headoffice -> _tcp
In this tree, I can see the following entries only.
_kerberos Service location [0][100][88] hubdc.bo.mycompany.com
_tcp Service location [0][100][389] hubdc.bo.mycompany.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I checked all my DNS server, I do not have any CNAME record for DCs.
I tried stop and start the Netlogon on DC3, HUBDC but still no help.
Where can I find the GUID?
I tried stop and start the Netlogon on DC3, HUBDC but still no help.
Where can I find the GUID?
ASKER
Hi;
I can find this "a3418a6c-029e-4366-8cb7-c
I can find this "a3418a6c-029e-4366-8cb7-c
ASKER
Hi;
I can find the GUIDs of my HUBDC and the REMOTEDC in DNS tree under HUBDC server.
DNS -> HUBDC -> Forward Lookup Zones -> mycompany.com -> _msdcs, that is...
6c04af51-1692-4aa2-9782-48
a3418a6c-029e-4366-8cb7-c3
I have no problem to ping it under HUBDC but cannot ping it under DC1, DC2, DC3
I can find the GUIDs of my HUBDC and the REMOTEDC in DNS tree under HUBDC server.
DNS -> HUBDC -> Forward Lookup Zones -> mycompany.com -> _msdcs, that is...
6c04af51-1692-4aa2-9782-48
a3418a6c-029e-4366-8cb7-c3
I have no problem to ping it under HUBDC but cannot ping it under DC1, DC2, DC3
ASKER
I tried to add a3418a6c-029e-4366-8cb7-c3
ASKER
Update!
I retry to ping a3418a6c-029e-4366-8cb7-c3
I am try to put GUID 6c04af51-1692-4aa2-9782-48
I can ping both 6c04af51-1692-4aa2-9782-48
And I go to Sites and Services to manual run the replication, I do not see the error message pop up again. It seems, the problem was resolved.
I will monitor it and post later.
I retry to ping a3418a6c-029e-4366-8cb7-c3
I am try to put GUID 6c04af51-1692-4aa2-9782-48
I can ping both 6c04af51-1692-4aa2-9782-48
And I go to Sites and Services to manual run the replication, I do not see the error message pop up again. It seems, the problem was resolved.
I will monitor it and post later.
ASKER
I checked my Event Viewer this morning and I did not see the error message there, I am not sure that am I using the right steps to solve this problem but many thanks kprad who gave me a lot of hints.
are the DC multihomed.
when you cannot ping the GUID is the ip pinging.
what about firewalls is there a chance that the port 53 is blocked.
if multihomed then are all the NIC's on a DC registering on the DNS.
when this happens can you run netdiag /fix.
what happens if you use ipconfig /flushdns & ipconfig /registerdns and try to ping the FQDN.
when you cannot ping the GUID is the ip pinging.
what about firewalls is there a chance that the port 53 is blocked.
if multihomed then are all the NIC's on a DC registering on the DNS.
when this happens can you run netdiag /fix.
what happens if you use ipconfig /flushdns & ipconfig /registerdns and try to ping the FQDN.