• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2419
  • Last Modified:

windows 2000 replication problems

It seems like I'm having replication problems. When I create a user in active directory on one of my two dc's it does not replicate on the other dc. when I try to force the replication in Active Directory Sites and Services I get this message

"The following error occurred during the attempt to synchronize the domain controllers: Access is denied"

and

: The target principal name is incorrect.

When I run netdiag, this is what I get:

         The last success occurred at 2006-04-11 11:55.50.
         1720 failures have occurred since the last success.
      [SERVEUREXCHANGE] DsBind() failed with error -2146893022,
      Win32 Error -2146893022.
      [Replications Check,SERVEURBD] A recent replication attempt failed:
         From SERVEUREXCHANGE to SERVEURBD
         Naming Context: CN=Configuration,DC=polybois,DC=ca
         The replication generated an error (5):
         Win32 Error 5
         The failure occurred at 2006-06-22 15:43.37.
         The last success occurred at 2006-04-11 12:34.06.
         8660 failures have occurred since the last success.

can someone help?
bob
 
0
bobsensor
Asked:
bobsensor
  • 8
  • 4
  • 3
  • +1
1 Solution
 
puter_geekCommented:
What are each of the Servers running?
Are you part of the Administrators group or Domain Admins?
0
 
Rick HobbsRETIREDCommented:
IS one of your DCs also an exchange server?
0
 
dotENGCommented:
My guess is: you somewhere along the road lost the synchronization between two DCs, the number of changes needed to replicate now is too high and AD does not know how to deal with it.

Please post a report of the server's errors in all event logs, something like:

10100 - started 11/11/02 repeats every boot
10101 - started 12/12/03 repeats every hour
etc...
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
bobsensorAuthor Commented:
Hello all... sory for the delay, I was gone for the week end.

puter_geek

two windows 2000 servers

1x File server (the defect one)
1x exchange server

rickhobbs

yes one is an exchange server

dotENG

You may be right... you do I fix w/o reformating
here is the message error I get in my event log


Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1000
Date:            2006-06-26
Time:            08:39:41
User:            NT AUTHORITY\SYSTEM
Computer:      SERVEURFILES
Description:
Windows cannot determine the user or computer name. Return value (-2146893022).


I have another problem... My file server that is not working well (wich is a DC) is still trying to authentificate users w/o succes... so to temporarely solve the problem, I paused the netlogon service on that computer... is that the right thing to do????
0
 
bobsensorAuthor Commented:
I also have this message:

Event Type:      Warning
Event Source:      NtFrs
Event Category:      None
Event ID:      13508
Date:            2006-06-25
Time:            12:46:29
User:            N/A
Computer:      SERVEURFILES
Description:
The File Replication Service is having trouble enabling replication from SERVEUREXCHANGE to SERVEURFILES for c:\winnt\sysvol\domain using the DNS name serveurexchange.poly.com. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name serveurexchange.poly.com from this computer.
 [2] FRS is not running on serveurexchange.poly.com.
 [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
Data:
0000: 21 07 00 00               !...    
0
 
bobsensorAuthor Commented:
this is a netlogon error that occurs when a user is being authentificated by the faulty DC

vent Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5722
Date:            2006-06-26
Time:            07:32:02
User:            N/A
Computer:      SERVEURFILES
Description:
The session setup from the computer PC15444 failed to authenticate. The name of the account referenced in the security database is PC15444$.  The following error occurred:
Access is denied.  
Data:
0000: 22 00 00 c0               "..À    
0
 
dotENGCommented:
Well, the outcome of your problems is the 13508 Error, you should check that:
a. Your DNS holds the AD zone.
b. both servers use the same DNS for resolving

Check this document for details:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd12.mspx
0
 
bobsensorAuthor Commented:
doteng:

can you give me more information on the solutio that you gave me

I canot see anything about error 13508 on the lynk you sent me...

I have tried the repadmin /showreps

and this is what I get

==== INBOUND NEIGHBORS ======================================

CN=Schema,CN=Configuration,DC=poly,DC=com
    Default-First-Site-Name\SERVEUREXCHANGE via RPC
        objectGuid: 71508b0c-0f18-49b1-8927-7781c8ac4c2f
        Last attempt @ 2006-06-26 15:27.08 failed, result 5:
            Can't retrieve message string 5 (0x5), error 1815.
        Last success @ 2006-04-11 11:55.50.
        2103 consecutive failure(s).

CN=Configuration,DC=poly,DC=com
    Default-First-Site-Name\SERVEUREXCHANGE via RPC
        objectGuid: 71508b0c-0f18-49b1-8927-7781c8ac4c2f
        Last attempt @ 2006-06-26 15:28.40 failed, result 5:
            Can't retrieve message string 5 (0x5), error 1815.
        Last success @ 2006-04-11 12:34.06.
        9815 consecutive failure(s).¸


please help
0
 
dotENGCommented:
After you verify that Time is synchronized and both servers use the same DNS
Troubleshooting here:
http://support.microsoft.com/kb/237675/EN-US/

Try the three steps from this document:
http://support.microsoft.com/kb/329860/?sd=RMVP&fr=1

This error is already two months old, if it's not the initial install data (2006-04-11) try figuring what has happened at that date.
0
 
bobsensorAuthor Commented:
thanks doteng

I try doing net time command from serveurfiles.... and I get this


C:\Documents and Settings\Administrator>net time \\serveurexchange /set /yes
System error 5 has occurred.

Access is denied.


here is a stupid question.... how do I know if they are using the same DNS???

thank you

0
 
Rick HobbsRETIREDCommented:
Check their IP settings to determine if they are using the same DNS.

Manually set their time a close as you possibly can using time gui.
0
 
Rick HobbsRETIREDCommented:
Does the file server have all the FSMO roles or are they shared?
Try to move all FSMO roles to the Exchange system and then dcpromo x 2 on the file server. (Once to remove active directory, once to add it back in).  Then check Replication.  If it is ok, split the FSMO roles and make sure both are global catalogs.
0
 
bobsensorAuthor Commented:
ok.... I have reset the secure channel password of the faulty server "serveurfiles"
and there seems to be good things happening!... the a.d. has replicated.

But it seems like the sysvol is not replicating... when I do a dcdiag I get this error

 Starting test: frssysvol Error: No record of File Replication System, SYSVOL started.

we are getting close!...
0
 
bobsensorAuthor Commented:
I restarted the frs service and no more errors in the frssysvol test!... but the sysvol folder does not seem to replicate... I will wait a couple hours and come back with that....

bob
0
 
bobsensorAuthor Commented:
yes sir!... everything is back on track!... thank you experts!
0
 
Rick HobbsRETIREDCommented:
Sweet.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 8
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now