Solved

Replication errors showing up on Event Viewer

Posted on 2006-11-09
12
2,613 Views
Last Modified: 2008-01-09
Hi Guys,

I'm getting error logs of NTDS replication.  Stating that the replication has passed its tombstone lifetime.

Source: NTDS Replication   EventId: 1864

Description:

This is the replication status for the following directory partition on the local domain controller.
 
Directory partition:
DC=Exponential-e,DC=it
 
The local domain controller has not recently received replication information from a number of domain controllers.   The count of domain controllers is shown, divided into the following intervals.
 
More than 24 hours:
1
More than a week:
1
More than one month:
0
More than two months:
0
More than a tombstone lifetime:
0
Tombstone lifetime (days):
180
 Domain controllers that do not replicate in a timely manner may encounter errors. It may miss password changes and be unable to authenticate. A DC that has not replicated in a tombstone lifetime may have missed the deletion of some objects, and may be automatically blocked from future replication until it is reconciled.
 
To identify the domain controllers by name, install the support tools included on the installation  CD and run dcdiag.exe.
You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest.   The command is "repadmin /showvector /latency <partition-dn>".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

According to the events I ran dcdiag.exe on the DC that had the logs.  The results were:

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>DCDIAG.exe

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Replications
         [Replications Check,ALPHA] A recent replication attempt failed:
            From BRAVO to ALPHA
            Naming Context: DC=ForestDnsZones,DC=Exponential-e,DC=it
            The replication generated an error (1256):
            Win32 Error 1256
            The failure occurred at 2006-11-09 13:51:22.
            The last success occurred at 2006-01-01 02:49:48.
            1114 failures have occurred since the last success.
         [BRAVO] DsBindWithSpnEx() failed with error 1753,
         Win32 Error 1753.
         [Replications Check,ALPHA] A recent replication attempt failed:
            From BRAVO to ALPHA
            Naming Context: DC=DomainDnsZones,DC=Exponential-e,DC=it
            The replication generated an error (1256):
            Win32 Error 1256
            The failure occurred at 2006-11-09 13:51:22.
            The last success occurred at 2006-01-01 02:49:48.
            1122 failures have occurred since the last success.
         [Replications Check,ALPHA] A recent replication attempt failed:
            From BRAVO to ALPHA
            Naming Context: CN=Schema,CN=Configuration,DC=Exponential-e,DC=it
            The replication generated an error (1753):
            Win32 Error 1753
            The failure occurred at 2006-11-09 13:51:22.
            The last success occurred at 2006-01-01 02:49:48.
            1117 failures have occurred since the last success.
            The directory on BRAVO is in the process.
            of starting up or shutting down, and is not available.
            Verify machine is not hung during boot.
         [Replications Check,ALPHA] A recent replication attempt failed:
            From BRAVO to ALPHA
            Naming Context: CN=Configuration,DC=Exponential-e,DC=it
            The replication generated an error (1753):
            Win32 Error 1753
            The failure occurred at 2006-11-09 13:51:22.
            The last success occurred at 2006-10-25 19:48:49.
            357 failures have occurred since the last success.
            The directory on BRAVO is in the process.
            of starting up or shutting down, and is not available.
            Verify machine is not hung during boot.
         [Replications Check,ALPHA] A recent replication attempt failed:
            From BRAVO to ALPHA
            Naming Context: DC=Exponential-e,DC=it
            The replication generated an error (1753):
            Win32 Error 1753
            The failure occurred at 2006-11-09 13:51:22.
            The last success occurred at 2006-10-25 20:10:12.
            357 failures have occurred since the last success.
            The directory on BRAVO is in the process.
            of starting up or shutting down, and is not available.
            Verify machine is not hung during boot.
         REPLICATION-RECEIVED LATENCY WARNING
         ALPHA:  Current time is 2006-11-09 14:43:27.
            DC=ForestDnsZones,DC=Exponential-e,DC=it
               Last replication recieved from BRAVO at 2006-01-01 02:49:48.
               WARNING:  This latency is over the Tombstone Lifetime of 180 days
!
            DC=DomainDnsZones,DC=Exponential-e,DC=it
               Last replication recieved from BRAVO at 2006-01-01 02:49:48.
               WARNING:  This latency is over the Tombstone Lifetime of 180 days
!
            CN=Schema,CN=Configuration,DC=Exponential-e,DC=it
               Last replication recieved from BRAVO at 2006-01-01 02:49:48.
               WARNING:  This latency is over the Tombstone Lifetime of 180 days
!
            CN=Configuration,DC=Exponential-e,DC=it
               Last replication recieved from BRAVO at 2006-10-25 19:48:49.
            DC=Exponential-e,DC=it
               Last replication recieved from BRAVO at 2006-10-25 20:10:12.
         ......................... ALPHA passed test Replications
      Starting test: NCSecDesc
         ......................... ALPHA passed test NCSecDesc
      Starting test: NetLogons
         ......................... ALPHA passed test NetLogons
      Starting test: Advertising
         ......................... ALPHA passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... ALPHA passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... ALPHA passed test RidManager
      Starting test: MachineAccount
         ......................... ALPHA passed test MachineAccount
      Starting test: Services
         ......................... ALPHA passed test Services
      Starting test: ObjectsReplicated
         ......................... ALPHA passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... ALPHA passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... ALPHA failed test frsevent
      Starting test: kccevent
         ......................... ALPHA passed test kccevent
      Starting test: systemlog
         ......................... ALPHA passed test systemlog
      Starting test: VerifyReferences
         ......................... ALPHA passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : Exponential-e
      Starting test: CrossRefValidation
         ......................... Exponential-e passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Exponential-e passed test CheckSDRefDom

   Running enterprise tests on : Exponential-e.it
      Starting test: Intersite
         ......................... Exponential-e.it passed test Intersite
      Starting test: FsmoCheck
         ......................... Exponential-e.it passed test FsmoCheck

According to the above results its expecting BRAVO to replicate active directory data to it.  


Now my concern is that BRAVO is no longer a DC as I have demoted it.  ALPHA still BRAVO ia a DC and is expecting BRAVO to replicate.  This is whats causing it to create those logs.

How do I stop ALPHA from expecting BRAVO to replicate and recognise that BRAVO is no longer a DC??

Please Help


Best Regards


Mbavisi

0
Comment
Question by:mbavisi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
  • +1
12 Comments
 
LVL 1

Author Comment

by:mbavisi
ID: 17906756
I've also noticed on DCdiag.exe that the frsevent has failed.  I'm assuming its to so failed replicate of SYSVOL between active directories.  How do i resolve that?


Thanks


Mbavisi
0
 
LVL 14

Expert Comment

by:inbarasan
ID: 17906857
I think there is some problem in Alpha Communicating with Bravo system. Kindly check whether you are able to reach the DC bravo.Even the FRS issue is coming because of this only.

Check if bravo DC is hanging or any Communication problem like Network problem
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17907263
Is Alpha at a remote site?  Was SP1 recently installed?  Which DC is Alpha's replication partner?

If a remote site try the following one at a time:

1.  Create a new replication link between Alpha and the DC that holds the PDC Emulator role in AD Sites and Services from both DCs.  Attempt to force replication (right-click the link and choose Replicate Now)

2.  Restart the File Replication Service on Alpha and check the event log for any frsevent errors

3.  Execute the following from the command-line and report any errors:
       dcdiag /s:Alpha /test:netlogons

4.  Execute the following from the command-line and report any errors:
       dcdiag /s:Alpha /test:KnowsOfRoleHolders
       dcdiag /s:Alpha /test:FSMOCheck
       dcdiag /s:Alpha /test:MachineAccount
       dcdiag /s:Alpha /test:Advertising
       dcdiag /s:Alpha /test:Intersite




0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 3

Expert Comment

by:DaSpug
ID: 17907905
Hi,
Check connectivity first but you will need to get these two machines communicating. Check each server can ping the other (alpha to bravo and bravo to alpha). Then check that DNS resolution is working - if not then that is the first problem. Make sure that Alpha is pointing at a functioning DNS server and force dns registration (ipconfig /flushdns). Make sure that Bravo is also pointing at a valid DNS server and also force dns registration. Check event viewer for DNS registration errors.

Then take a look at this:

http://www.eventid.net/display.asp?eventid=1864&eventno=4849&source=NTDS%20Replication&phase=1

If that works and all is ok then the problem is that AD has not seen that the machine has been demoted or a firewall is blocking the traffic. You can then try the follwoing from the server that has not removed properly:

dcpromo.exe /forceremoval

Or follow this to manually remove it:

http://support.microsoft.com/kb/216498

That should stop Alpha trying to replicate with Bravo and clear up this message.

Cheers,

DaSpug
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17907974
Guys, Bravo is not longer a DC...He DCPromo'd it down...
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17907985
Sorry that should read "is no longer a DC"...I just can't type this morning
0
 
LVL 3

Expert Comment

by:DaSpug
ID: 17908011
Indeed, hence my link to Removing a DC using ADSI edit.
0
 
LVL 14

Expert Comment

by:inbarasan
ID: 17912406
Yes he can force remove the DC as Daspug mentioned above. mabavai can follow the article to remove it using ADSIedit or NTDSutil method
0
 
LVL 1

Author Comment

by:mbavisi
ID: 17915537
After DCPromo'ing BRAVO shouldn't Active Directory/domain detect it anyway?  Does this mean that I have to use ADSIedit to get rid of it.  Anyways as requested by CharliePete00 the follwoing the results:

dcdiag /s

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: NetLogons
         ......................... ALPHA passed test NetLogons

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it





KnowsOfRoleHolders

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>dcdiag /s:Alpha /test:KnowsOfRoleHolders

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: KnowsOfRoleHolders
         ......................... ALPHA passed test KnowsOfRoleHolders

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>




FSMO Check

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>dcdiag /s:Alpha /test:FS
MOCheck

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it
      Starting test: FsmoCheck
         ......................... Exponential-e.it passed test FsmoCheck

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>


MachineAccount

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>dcdiag /s:Alpha /test:Ma
chineAccount

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: MachineAccount
         ......................... ALPHA passed test MachineAccount

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>


Advertising

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>dcdiag /s:Alpha /test:Ad
vertising

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Advertising
         ......................... ALPHA passed test Advertising

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it



Intersite

C:\Documents and Settings\Administrator.EXPONENT-37XLUU>dcdiag /s:Alpha /test:In
tersite

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ALPHA
      Starting test: Connectivity
         ......................... ALPHA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ALPHA

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : Exponential-e

   Running enterprise tests on : Exponential-e.it
      Starting test: Intersite
         ......................... Exponential-e.it passed test Intersite










As you can see from the above results there are no failed test results for ALPHA.  Can someone elaborate on the ADSIedit as to why I should use after DCpromo.



Thanks




Mbavisi

















0
 
LVL 3

Accepted Solution

by:
DaSpug earned 500 total points
ID: 17915928
Hi,
It looks although BRAVO did not successfully tell ALPHA that it is no longer a domain controller. That's why you need to remove BRAVO using ADSI edit - it means that you will remove BRAVO from everywhere it needs removing from. However, you will need to move BRAVO out of the domain while you do this and then add it back in afterwards (editing with ADSI edit will remove it's computer account).

Once that's done it should stop trying to sync with a server that is no longer a DC.

DaSpug
0
 
LVL 1

Author Comment

by:mbavisi
ID: 17986373
Hi Guys,


Sorry for not replying back as I was tied up with other work/projects.  I will try this out tonight and let you know later on tonight.



Thanks


Mbavisi
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question