Solved

Netlogon Paused error

Posted on 2008-10-10
8
3,086 Views
Last Modified: 2012-06-21
We have two Windows 2003 Servers running ADS. On the additional domain controller the Netlogon service is Paused when restarted.  
0
Comment
Question by:mnraghu
  • 4
  • 3
8 Comments
 
LVL 18

Expert Comment

by:kjanicke
Comment Utility
Are you having any space issues on that server?  Do you have at elast half a gb of free space?
0
 

Author Comment

by:mnraghu
Comment Utility
There  is lot of free space around 10 GB of disk space.
0
 

Author Comment

by:mnraghu
Comment Utility
I am posting the Events logs that could help you understand my problem

Source: NTDS General
Category: Replication
Event ID: 1113

Description: Inbound replication has been disabled by the user.

------------------------------------------------------------------------

Source: NTDS General
Category: Replication
Event ID: 1115

Description: Outbound replication has been disabled by the user.

------------------------------------------------------------------------

Source: NTDS General
Category: Service Control
Event ID:2103

Description: The Active Directory database has been restored using an unsupported restoration procedure.
 
Active Directory will be unable to log on users while this condition persists. As a result, the Net Logon service has paused.
------------------------------------------------------------------------


Source: NTDS KCC
Category: Knowledge Consistency
Event ID:1308

Description: The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.
 
Attempts:
25475
Domain controller:
CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sis,DC=com
Period of time (minutes):
47720
 
The Connection object for this domain controller will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this domain controller resumes, the temporary connection will be removed.
 
Additional Data
Error value:
8457 The destination server is currently rejecting replication requests.
------------------------------------------------------------------------


Source: NTDS Replication
Category: Replication
Event ID:1586

Description: The Windows NT 4.0 or earlier replication checkpoint with the PDC emulator master was unsuccessful.
 
A full synchronization of the security accounts manager (SAM) database to domain controllers running Windows NT 4.0 and earlier might take place if the PDC emulator master role is transferred to the local domain controller before the next successful checkpoint.
 
The checkpoint process will be tried again in four hours.
 
Additional Data
Error value:
8457 The destination server is currently rejecting replication requests.
------------------------------------------------------------------------

Source: NTDS ISAM
Category: Online Defragmentation
Event ID: 700

Description: NTDS (440) NTDSA: Online defragmentation is beginning a full pass on database 'C:\WINDOWS\NTDS\ntds.dit'.

------------------------------------------------------------------------

Source: NTDS ISAM
Category: Online Defragmentation
Event ID: 701

Description: NTDS (440) NTDSA: Online defragmentation has completed a full pass on database 'C:\WINDOWS\NTDS\ntds.dit'.
------------------------------------------------------------------------

0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:mnraghu
Comment Utility
Thanks for the links dariusg!
According to the information in the support .microsoft link, what I understand is, to resolve the issue it is better to remove the ADS from the additional Domain and clean the meta data from the main domain controller, and then reinstall the ADS to make it an additional domain controller.

Is there any method that I can enable the inbound replication on the additional domain controller? or is there any method I can repair the replication?


0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 125 total points
Comment Utility
Do you have the hotfixed installed? If you demote the DC then you can repromote to the second DC. This will allow you to make sure you don't have issues later on with this same problem. Doing a metadat cleanup is important so you can get rid of any lingering objects that might cause another issue.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:mnraghu
Comment Utility
Thanks a lot dariusg! I very much appreciate your solution!
I removed the ADS on the additional domain controller using force removal method as suggested in the following link
http://support.microsoft.com/kb/875495
And later I cleaned the metadata as suggested in the following link: http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Had you not sent the above link how to clean the metadata, I think it would have been difficult for me. The above link is so excellent, it was like a spoon feeding for a beginner like me.

The wonderful part is the the File Server is intact, the file Sharing and Security is restored perfectly. The most thrilling part is my profile is restored with all my desktop files and settings.

I think this is the best solution one can expect for this problem.



0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
I'm glad it's fix.

Cheers
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Learn about cloud computing and its benefits for small business owners.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now