[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2704
  • Last Modified:

Force Replication not working properly

Hi,

In a test environment I've set up yesterday, I have a DC and a another DC in the same subnet I installed recently.
I want to let the main DC replicate with the second DC to get rid of the first DC soon.
The first DC also is a DHCP server and obviously a DNS server.
Both machines are Windows Server 2003 SP1.

I made the second DC a member of the domain, then dcpromoted it, and then installed the DNS service on it but didn't configure it (The DNS servers on both virtual servers are AD-Integrated) .
I tried to force a replication using the Active Directory Sites snap-in's "Replicate Now" option but it didn't work with the following error :

---------------------------
Replicate Now
---------------------------
"The following error occurred during the attempt to synchronize naming context TESTLAB.local from domain controller TESTLAB-DEFAULT to domain controller TESTLAB-DC:
The naming context is in the process of being removed or is not replicated from the specified server."

I left the servers switched on this night and this morning, the DNS server on the second DC was replicated, but Replicate Now still gives the same error.
If that doesn't work, it probably means that something is wrong somewhere and it worries me : any idea ?

Check Typology seems to work fine.

Here is a DCDiag Log (first DC) :

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site\TESTLAB-DC
      Starting test: Connectivity
         ......................... TESTLAB-DC passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site\TESTLAB-DC
      Starting test: Replications
         ......................... TESTLAB-DC passed test Replications
      Starting test: NCSecDesc
         ......................... TESTLAB-DC passed test NCSecDesc
      Starting test: NetLogons
         ......................... TESTLAB-DC passed test NetLogons
      Starting test: Advertising
         ......................... TESTLAB-DC passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TESTLAB-DC passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... TESTLAB-DC passed test RidManager
      Starting test: MachineAccount
         ......................... TESTLAB-DC passed test MachineAccount
      Starting test: Services
            RPCLOCATOR Service is stopped on [TESTLAB-DC]
            TrkWks Service is stopped on [TESTLAB-DC]
            TrkSvr Service is stopped on [TESTLAB-DC]
         ......................... TESTLAB-DC failed test Services
      Starting test: ObjectsReplicated
         ......................... TESTLAB-DC passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... TESTLAB-DC passed test frssysvol
      Starting test: kccevent
         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 07/27/2007   09:48:46
            Event String: The attempt to establish a replication link for
         ......................... TESTLAB-DC failed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x0000165B
            Time Generated: 07/27/2007   09:15:13
            Event String: The session setup from computer 'VIRTUALXPFR'
         An Error Event occured.  EventID: 0x000016AD
            Time Generated: 07/27/2007   09:17:36
            Event String: The session setup from the computer VIRTUALXPFR
         ......................... TESTLAB-DC failed test systemlog
   
   Running enterprise tests on : TESTLAB.local
      Starting test: Intersite
         ......................... TESTLAB.local passed test Intersite
      Starting test: FsmoCheck
         ......................... TESTLAB.local passed test FsmoCheck


DCDiag on the second DC :

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site\TESTLAB-DEFAULT
      Starting test: Connectivity
         ......................... TESTLAB-DEFAULT passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site\TESTLAB-DEFAULT
      Starting test: Replications
         ......................... TESTLAB-DEFAULT passed test Replications
      Starting test: NCSecDesc
         ......................... TESTLAB-DEFAULT passed test NCSecDesc
      Starting test: NetLogons
         ......................... TESTLAB-DEFAULT passed test NetLogons
      Starting test: Advertising
         Warning: DsGetDcName returned information for \\testlab-dc.TESTLAB.loca
l, when we were trying to reach TESTLAB-DEFAULT.
         Server is not responding or is not considered suitable.
         ......................... TESTLAB-DEFAULT failed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TESTLAB-DEFAULT passed test KnowsOfRoleHolder
s
      Starting test: RidManager
         ......................... TESTLAB-DEFAULT passed test RidManager
      Starting test: MachineAccount
         ......................... TESTLAB-DEFAULT passed test MachineAccount
      Starting test: Services
            RPCLOCATOR Service is stopped on [TESTLAB-DEFAULT]
            TrkWks Service is stopped on [TESTLAB-DEFAULT]
            TrkSvr Service is stopped on [TESTLAB-DEFAULT]
         ......................... TESTLAB-DEFAULT failed test Services
      Starting test: ObjectsReplicated
         ......................... TESTLAB-DEFAULT passed test ObjectsReplicated

      Starting test: frssysvol
         Error: No record of File Replication System, SYSVOL started.
         The Active Directory may be prevented from starting.
         There are errors after the SYSVOL has been shared.
         The SYSVOL can prevent the AD from starting.
         ......................... TESTLAB-DEFAULT passed test frssysvol
      Starting test: kccevent
         ......................... TESTLAB-DEFAULT passed test kccevent
      Starting test: systemlog
         ......................... TESTLAB-DEFAULT passed test systemlog

   Running enterprise tests on : TESTLAB.local
      Starting test: Intersite
         ......................... TESTLAB.local passed test Intersite
      Starting test: FsmoCheck
         ......................... TESTLAB.local passed test FsmoCheck
0
Vorenus
Asked:
Vorenus
  • 3
  • 2
  • 2
2 Solutions
 
InteraXCommented:
Hello Vorenus,

There is definatly something wrong with your AD there.

Things I not are as follows.

      Starting test: kccevent
         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 07/27/2007   09:48:46
            Event String: The attempt to establish a replication link for
         ......................... TESTLAB-DC failed test kccevent

KCC is the Knowledge Consistency Checker. This is the process that check the topology of the AD and replicates information.

      Starting test: Advertising
         Warning: DsGetDcName returned information for \\testlab-dc.TESTLAB.loca
l, when we were trying to reach TESTLAB-DEFAULT.
         Server is not responding or is not considered suitable.
         ......................... TESTLAB-DEFAULT failed test Advertising

testlab-dc is being seen as testlab-default.

      Starting test: frssysvol
         Error: No record of File Replication System, SYSVOL started.
         The Active Directory may be prevented from starting.
         There are errors after the SYSVOL has been shared.
         The SYSVOL can prevent the AD from starting.
         ......................... TESTLAB-DEFAULT passed test frssysvol

SYSVOL is the local copy of the AD database. If this has errors, then AD has errors.

I also notice the the RPCLOCATOR service is stopped. Try starting this and seeing if that helps. Also, check the Directory Service and File Replication event logs for errors.

Regards,

Chris
0
 
ocon827679Commented:
How is your DNS setup?  The first DC should be pointing to itself for DNS.  The second should be pointing to the first for initial replication.  You can point it back to itself once replication is complete.

Do you have the SRV records for each DC in each DNS?  If not try restarting the Netlogon service of the problem DC (or reboot the server).

On the second DC's dcdiag output there is a DSGetDCName error.  It looks like the DC is trying to retrieve the wrong information.  This is a true indicator of a DNS issue.  

BTW, what is virtualxpfr? (the error seen on the first dc's report.)
0
 
VorenusAuthor Commented:
InteraX :
I started the RPCLOCATOR service on the two DC and it retried and it doesn't help.
Why the AD installation didn't start them for me (they are still configured as manual) ?
Is it mandatory to have it set to "Automatic" start-up type ?

ocon:
TESTLAB-DC (192.168.0.1) is the first DC (created using the Windows wizard that configures AD, DHCP, and DNS in a row : I didn't configure anything manually actually, just used the default settings)

TESTLAB-DEFAULT (192.168.0.2) is my second DC : I joined the machine to the domain, dcpromoted it, then installed the DNS service, but didn't configure it (so it gets the configuration from the first DC)

Both use 192.168.0.1 as their DNS server.

I have these SRV entries under TESTLAB.local\_tcp on the main DC.

Name      Type      Data      
_gc      Service Location (SRV)      [0][100][3268] testlab-dc.testlab.local.      
_kerberos      Service Location (SRV)      [0][100][88] testlab-default.testlab.local.      
_kerberos      Service Location (SRV)      [0][100][88] testlab-dc.testlab.local.      
_kpasswd      Service Location (SRV)      [0][100][464] testlab-default.testlab.local.      
_kpasswd      Service Location (SRV)      [0][100][464] testlab-dc.testlab.local.      
_ldap      Service Location (SRV)      [0][100][389] testlab-default.testlab.local.      
_ldap      Service Location (SRV)      [0][100][389] testlab-dc.testlab.local.

I rebooted the two server and the outcome is still the same.

VirtualXPFr is a XP Pro virtual machine joined in the domain and connected using DHCP from the 1st DC server : I switched it off for now.

I think I've done something wrong when creating the second DNS server; but I just installed the service after dcpromoting the second machine and didn't configure it : was just waiting for it to replicate.
If this procedure is wrong, how should have I done it ?

Thanks a lot for your help.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
VorenusAuthor Commented:
Actually, after waiting for some hours, it seems to work fine...
It seems that it needs the scheduled replication to happen first and then, the on demand replication works fine.
Is it normal ?

Thanks.
0
 
InteraXCommented:
Sounds like the KCC was re-calculating the replication topology.

Maybe the replication topology on the 2 servers wasn't in sync and the scheduled replication forced the updates.

In theory, all servers within an AD site should recieve all updates withing 1 minute of the change being made to any server on the site. All AD servers should be within 3 hops of any other server on the site, and a change is propogated to neighbouring servers 15 seconds after the change is recieved, so the scheduled replication should have happened within 1 minute anyway.
0
 
ocon827679Commented:
True what you say InteraX.  Unfortunatley DNS doesn't always fit that bill.  I don't know why, but too many times I've rebuild DC's and had to wait several hours before the AD integrated DNS replicated.  I could always force it by restarting services, forcing replication (mostly a combination of the two) but patience was always the virtue.
0
 
VorenusAuthor Commented:
Thanks for your help and comments.
I've splitted the points equally between you two : I hope this is fair.

Cheers,
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now