Solved

Changes to the DC "Active Directory Users and Computers" are not updated to the other controllers in the domain

Posted on 2006-10-24
7
331 Views
Last Modified: 2008-02-01
I have a windows 2003 AD network running in mixed mode,  I have 7 DCs, when I make a change in active directory users and computer, its not replicated to the other servers, the only changes which appear to be updated to the rest of the DCs is if I make a change on the "Global Catalog Server" which is the server I originally upgraded the NT domain to Windows 2003.

I ran dcdiag on serveral of the servers, here is a few of the error messages, the appear to be the same on all servers. Other then that, all appears to work as expected.

thanks
Steve

________________________________________
Errors on Devine 2 Server DC
________________________________________

Starting test: frssysvol
         ......................... DEVINE2 passed test frssysvol
      Starting test: frsevent
         ......................... DEVINE2 passed test frsevent
      Starting test: kccevent
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:18:09
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:18:32
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:18:55
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:19:18
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:35:26
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:35:49
            (Event String could not be retrieved)
         ......................... DEVINE2 failed test kccevent
      Starting test: systemlog
         ......................... DEVINE2 passed test systemlog

___________________________________________
Errors on HWYserver DC
__________________________________________

      Starting test: frssysvol
         ......................... HWYSERVER passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after
the
         SYSVOL has been shared.  Failing SYSVOL replication problems may
cause
         Group Policy problems.
         ......................... HWYSERVER failed test frsevent
      Starting test: kccevent
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:15:46
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x800004F1
            Time Generated: 10/24/2006   15:16:09
            (Event String could not be retrieved)
         ......................... HWYSERVER failed test kccevent
      Starting test: systemlog




0
Comment
Question by:AccessYourBiz_Com
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17799972
you have 7 DC's - going to need some more background on your AD structure - sites, DNS etc
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17800161
For starters, you need to setup Sites and associate the correct subnets to those sites.  Each Site must have a unique IP range so that they do not overlap in networking ranges.  This is key if you want replication to work.

Next, make sure the original DC stays in Default-First-Site-Name (rename this site if you wish).  Move all the servers into their proper Site in AD Sites and Services.

If you needed to do this then wait for KCC to figure things out.  This assumes that you have 100% connectivity between sites (and the main site or each other) and there is no firewall (including the built-in MS firewall that installs with SP1) blocking domain communication between them.

Let us know.
0
 
LVL 3

Author Comment

by:AccessYourBiz_Com
ID: 17804176
thanks for the info.

I checked sites and services, the default-site-name, under severs, has all the DCs listed in that one container. I have no other sites or subnets listed.

The network is configured in this way

There is a MAIN locations on the subnet 10.0.1.255, all workstations are connected to the same network switch. Replication works well between all these DCs here.

There are several departments connected via VPN. Some are using an exterior wireless, those are locations within a direct sight to the main locations, there are several other locations which are connected, again using vpn, using a DSL or cable modem.

All of these locations receive replication updates from the main, but and changes locally are not replicated up to the main.

Thanks
Steve

0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 51

Expert Comment

by:Netman66
ID: 17804506
The departments are on the same subnet?  If not, you must have Sites configured.

0
 
LVL 3

Author Comment

by:AccessYourBiz_Com
ID: 17805220
Thanks not the are not one the same subnet, do you have any info on the site configuration which is needed? article?
0
 
LVL 3

Author Comment

by:AccessYourBiz_Com
ID: 17806084
Ok I setup the subnets in sites and services, what I did was create a new site for each subnet, then I created a subnet under the subnet container and associated it with each site, then I moved the DCs for each of these sites into the correct site folder, are there any other updates I need to do.

thanks
Steve
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17806200
I don't think so, no.  Just give it some time to replicate now.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question