Solved

Active Directory Replication Issue between two DC's

Posted on 2008-10-28
5
521 Views
Last Modified: 2012-06-21
We have two domain controllers (W2K8) and when performing a manual AD replication between them the following error is detailed;
The following error occured during the attempt to synchronize context. The target principle name is incorrect.
On DC1 when you manually replicate AD reports the connections as OK to DC2, on DC2 the error appears. Checking AD Users and computers on DC1 shows it as the operations master. Checking on DC2 shows error. Checking in AD sites/svcs shows the same. DC3 is fine to all others except going from DC2 to DC1.
DC2 has Exchange 2007 installed, Symantec BU Exec 12 required the install of the Exchange Management Console yesterday on DC1 which hosts Backup Exec. Restarting AD Services is to no avail. Checking Logs on DC1 don't list any issues. Checking the logs on DC2 showlots of 1308 KCC errors having issues. DC1 also has had Network Policy Server installed 3 days ago.
0
Comment
Question by:Anthony_Rich
5 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 22828293
RUn dcdiag and netdiag on all servers and see what shows up.

Also see if there is a Best practices analyzer for exchange and or win 2008.


I hope this helps !
0
 
LVL 15

Expert Comment

by:HayesJupe
ID: 22828981
theres no BPA for win 2008 AD.... but there is for exchange.

Its likely to be a DNS issue, but if you check the directory services log on the DC thats having the issue, it will tell you what the issue is.... and if you cant interpret it, post it here...
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22831255
Please have the following reports run to provide us some better information. Also, can you paste those KCC errors here - thanks.

Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take
into account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests
without having to learn all the switch options. The details will be output
in notepad text files that pop up automagically.

The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045

Ref: http://www.techtalkz.com/windows-server-2003/459203-ntds-kcc-1308-a.html

0
 

Accepted Solution

by:
Anthony_Rich earned 0 total points
ID: 22863325
Okay state of play at the moment, ran DCDiag and it reported that all servers were failing replication. Restarted DNS on all servers and Active Directory services. Re built active directory sites and services. (Identical to what it was) and commenced to do manual replication between sites. Is now working. DCDiag reports minimul errors.
C:\Users\Administrator>dcdiag /test:replications
Directory Server Diagnosis
Performing initial setup:
   Trying to find home server...
   Home Server = TCCI-SVR1
   * Identified AD Forest.
   Done gathering initial info.
Doing initial required tests
   Testing server: Hobart\TCCI-SVR1
      Starting test: Connectivity
    ............... TCCI-SVR1 passed test Connectivity
Doing primary tests
   Testing server: Hobart\TCCI-SVR1
    Starting test: Replications
     .... TCCI-SVR1 passed test Replications
   Running partition tests on : ForestDnsZones
   Running partition tests on : DomainDnsZones
   Running partition tests on : Schema
   Running partition tests on : Configuration
   Running partition tests on : tcci
   Running enterprise tests on : tcci.local
C:\Users\Administrator>
Don't know on this one.....
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 22863689
SO when you run  the DCDIAG again, does it say that it is replicating ?

0

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now