Solved

Netlogon Paused error

Posted on 2008-10-10
8
3,111 Views
Last Modified: 2012-06-21
We have two Windows 2003 Servers running ADS. On the additional domain controller the Netlogon service is Paused when restarted.  
0
Comment
Question by:mnraghu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 18

Expert Comment

by:kjanicke
ID: 22685250
Are you having any space issues on that server?  Do you have at elast half a gb of free space?
0
 

Author Comment

by:mnraghu
ID: 22685304
There  is lot of free space around 10 GB of disk space.
0
 

Author Comment

by:mnraghu
ID: 22685863
I am posting the Events logs that could help you understand my problem

Source: NTDS General
Category: Replication
Event ID: 1113

Description: Inbound replication has been disabled by the user.

------------------------------------------------------------------------

Source: NTDS General
Category: Replication
Event ID: 1115

Description: Outbound replication has been disabled by the user.

------------------------------------------------------------------------

Source: NTDS General
Category: Service Control
Event ID:2103

Description: The Active Directory database has been restored using an unsupported restoration procedure.
 
Active Directory will be unable to log on users while this condition persists. As a result, the Net Logon service has paused.
------------------------------------------------------------------------


Source: NTDS KCC
Category: Knowledge Consistency
Event ID:1308

Description: The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.
 
Attempts:
25475
Domain controller:
CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sis,DC=com
Period of time (minutes):
47720
 
The Connection object for this domain controller will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this domain controller resumes, the temporary connection will be removed.
 
Additional Data
Error value:
8457 The destination server is currently rejecting replication requests.
------------------------------------------------------------------------


Source: NTDS Replication
Category: Replication
Event ID:1586

Description: The Windows NT 4.0 or earlier replication checkpoint with the PDC emulator master was unsuccessful.
 
A full synchronization of the security accounts manager (SAM) database to domain controllers running Windows NT 4.0 and earlier might take place if the PDC emulator master role is transferred to the local domain controller before the next successful checkpoint.
 
The checkpoint process will be tried again in four hours.
 
Additional Data
Error value:
8457 The destination server is currently rejecting replication requests.
------------------------------------------------------------------------

Source: NTDS ISAM
Category: Online Defragmentation
Event ID: 700

Description: NTDS (440) NTDSA: Online defragmentation is beginning a full pass on database 'C:\WINDOWS\NTDS\ntds.dit'.

------------------------------------------------------------------------

Source: NTDS ISAM
Category: Online Defragmentation
Event ID: 701

Description: NTDS (440) NTDSA: Online defragmentation has completed a full pass on database 'C:\WINDOWS\NTDS\ntds.dit'.
------------------------------------------------------------------------

0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22686610
0
 

Author Comment

by:mnraghu
ID: 22692648
Thanks for the links dariusg!
According to the information in the support .microsoft link, what I understand is, to resolve the issue it is better to remove the ADS from the additional Domain and clean the meta data from the main domain controller, and then reinstall the ADS to make it an additional domain controller.

Is there any method that I can enable the inbound replication on the additional domain controller? or is there any method I can repair the replication?


0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 125 total points
ID: 22701854
Do you have the hotfixed installed? If you demote the DC then you can repromote to the second DC. This will allow you to make sure you don't have issues later on with this same problem. Doing a metadat cleanup is important so you can get rid of any lingering objects that might cause another issue.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:mnraghu
ID: 22706376
Thanks a lot dariusg! I very much appreciate your solution!
I removed the ADS on the additional domain controller using force removal method as suggested in the following link
http://support.microsoft.com/kb/875495
And later I cleaned the metadata as suggested in the following link: http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Had you not sent the above link how to clean the metadata, I think it would have been difficult for me. The above link is so excellent, it was like a spoon feeding for a beginner like me.

The wonderful part is the the File Server is intact, the file Sharing and Security is restored perfectly. The most thrilling part is my profile is restored with all my desktop files and settings.

I think this is the best solution one can expect for this problem.



0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22710756
I'm glad it's fix.

Cheers
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question