NFletcher
asked on
Active directory objects not replicating
Hi Experts,
I have 4 DCs in my domain.
I went to create a user object on my PC in ADUC but it came up with the screen shot attached to this question.
I created the user objects on one DC but they have not appeared in the same OU on the other DCs or in the ADUC on my PC.
I can change the OU names and PW resets seem to work across DCs so something is getting across.
Can you help please?
Image1.JPG
I have 4 DCs in my domain.
I went to create a user object on my PC in ADUC but it came up with the screen shot attached to this question.
I created the user objects on one DC but they have not appeared in the same OU on the other DCs or in the ADUC on my PC.
I can change the OU names and PW resets seem to work across DCs so something is getting across.
Can you help please?
Image1.JPG
IS your FSMO roles intact. It seems like you RID master FSMO role is not working fine.
ASKER
You are probably on the right lines as we had a consultant in recently to move the some FSMO roles off a heavly overworked server.
UK does not 'wake up' for another 3 hours so I will come back to you when I've spokent to him unless you can give me some thing to try/alter/test now.
UK does not 'wake up' for another 3 hours so I will come back to you when I've spokent to him unless you can give me some thing to try/alter/test now.
on all the domain controllers run folowing command and compare the out out.
netdom query /domain:domain_name fsmo
you should also try to run dcdiag and netdiag on domain controllers and look for failures.
netdom query /domain:domain_name fsmo
you should also try to run dcdiag and netdiag on domain controllers and look for failures.
* Also apart from the above comments from Sudhirchauhan3 could you confirm your DNS settings which would be also tested by the dcdiag and netdiag commands.
* Also as per your question i belive the "PC" that you are refering to is not a domain controller but has ADUC installed on it (via adminpack). If that is the case then could you check the connectivity to the domain controller from that machine.
* Alternatively you can use the repadmin command from the Support Tools. The following link might help.
http://technet.microsoft.com/en-us/library/cc773062.aspx
* Also as per your question i belive the "PC" that you are refering to is not a domain controller but has ADUC installed on it (via adminpack). If that is the case then could you check the connectivity to the domain controller from that machine.
* Alternatively you can use the repadmin command from the Support Tools. The following link might help.
http://technet.microsoft.com/en-us/library/cc773062.aspx
ASKER
Many thanks for your input; you started me thinking about replication and I noticed the FW had been switched on; switch it off, do a 'replicatate now' via ADSS and hey presto they are all there.
Question now is, which port should we have open for it work but with the FW on?
Question now is, which port should we have open for it work but with the FW on?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
* Pretty good article there by Sudhirchauhan3. Probably that should fix the problem
Good Luck (^_^)
Good Luck (^_^)
ASKER
Thanks, looking at it this evening with the hope of getting change control approval tomorrow AM.
ASKER
OK, I set the reg files as per the screen shots and added the FW ports for 53211 and 53212 but no luck. From my PC I'm unable to browse the ADUC on this DC but as soon as I take the FW off on the DC all OK.
Am I doing something wrong here?
AD-replication-settings-on-DC.JPG
RPC-settings-on-DC.JPG
Am I doing something wrong here?
AD-replication-settings-on-DC.JPG
RPC-settings-on-DC.JPG