ktpoitm
asked on
Event ID 1864
Hi,
I receive the following error message on the DC. We only run 1 DC so there is no need for replication. How can i remove those replication objects?
The local domain controller has not recently received replication information from a number of domain controllers. The count of domain controllers is shown, divided into the following intervals.
More than 24 hours:
1
More than a week:
1
More than one month:
1
More than two months:
1
More than a tombstone lifetime:
1
Tombstone lifetime (days):
180
Domain controllers that do not replicate in a timely manner may encounter errors. It may miss password changes and be unable to authenticate. A DC that has not replicated in a tombstone lifetime may have missed the deletion of some objects, and may be automatically blocked from future replication until it is reconciled.
To identify the domain controllers by name, install the support tools included on the installation CD and run dcdiag.exe.
You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest. The command is "repadmin /showvector /latency <partition-dn>".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I receive the following error message on the DC. We only run 1 DC so there is no need for replication. How can i remove those replication objects?
The local domain controller has not recently received replication information from a number of domain controllers. The count of domain controllers is shown, divided into the following intervals.
More than 24 hours:
1
More than a week:
1
More than one month:
1
More than two months:
1
More than a tombstone lifetime:
1
Tombstone lifetime (days):
180
Domain controllers that do not replicate in a timely manner may encounter errors. It may miss password changes and be unable to authenticate. A DC that has not replicated in a tombstone lifetime may have missed the deletion of some objects, and may be automatically blocked from future replication until it is reconciled.
To identify the domain controllers by name, install the support tools included on the installation CD and run dcdiag.exe.
You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest. The command is "repadmin /showvector /latency <partition-dn>".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
Hi thx for the answer. Yes we had 3 Domain Controller before, but there is only one DC in the metadata.
So unfortunately that is not the problem
Thx
Sebastian
So unfortunately that is not the problem
Thx
Sebastian
Sebastian,
Run the following command from the cmd prompt to see if it tells you who the culprit is:
repadmin /replsum /errorsonly >> c:\temp\readmin_err.txt
Thanks,
Brian
Run the following command from the cmd prompt to see if it tells you who the culprit is:
repadmin /replsum /errorsonly >> c:\temp\readmin_err.txt
Thanks,
Brian
ASKER
i ran the command and the output is as followed :
Replication Summary Start Time: 2008-11-12 10:04:58
Beginning data collection for replication summary, this may take awhile:
....
Source DC largest delta fails/total %% error
Destination DC largest delta fails/total %% error
Assertion
Replication Summary Start Time: 2008-11-12 10:04:58
Beginning data collection for replication summary, this may take awhile:
....
Source DC largest delta fails/total %% error
Destination DC largest delta fails/total %% error
Assertion
Well that is a wealth of info. :) It did complete correct?
Brian
Brian
ASKER
it did not give me any error message :P. It seems like the DC tries to replicated with an non existing server. Would it help if i rebuild the second Domain Controller move everything over to it and rebuild DC1, or would that move the Problem?
I'm not 100% sure on that but it would seem that it would move the problem since that really isn't doing anything to remove the issue.
ASKER
Do you have any idea how to resolve the issue?
My next step would be to search though AD using LDP to see if I could find anything. That is going to take some time though.
ASKER
I just checked ldap and saw some NTDS entries under Lostandfound. Could that have anything to do with it?
Only if it was the same names as your old DCs. If you find anything for those old DCs remove it.
ASKER
i ran dcdiag and got the following error. I dont know if that has anything to do with it, im just shooting in the dark right now
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various important DN
references. Note, that these problems can be reported because of
latency in replication. So follow up to resolve the following
problems, only if the same problem is reported on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object: CN=LostAndFoundConfig,CN=C
Base Object Description: "Server Object"
Value Object Attribute: serverReference
Value Object Description: "DC Account Object"
Recommended Action: This could hamper authentication (and thus
replication, etc). Check if this server is deleted, and if so
clean up this DCs Account Object. If the problem persists and
this is not a deleted DC, authoratively restore the DSA object from
a good copy, for example the DSA on the DSA's home server.
[2] Problem: Missing Expected Value
Base Object: CN=LostAndFoundConfig,CN=C
Base Object Description: "Server Object"
Value Object Attribute: serverReference
Value Object Description: "DC Account Object"
Recommended Action: This could hamper authentication (and thus
replication, etc). Check if this server is deleted, and if so
clean up this DCs Account Object. If the problem persists and
this is not a deleted DC, authoratively restore the DSA object from
a good copy, for example the DSA on the DSA's home server.
......................... KTPO05DC1 failed test VerifyEnterpriseReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various important DN
references. Note, that these problems can be reported because of
latency in replication. So follow up to resolve the following
problems, only if the same problem is reported on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object: CN=LostAndFoundConfig,CN=C
Base Object Description: "Server Object"
Value Object Attribute: serverReference
Value Object Description: "DC Account Object"
Recommended Action: This could hamper authentication (and thus
replication, etc). Check if this server is deleted, and if so
clean up this DCs Account Object. If the problem persists and
this is not a deleted DC, authoratively restore the DSA object from
a good copy, for example the DSA on the DSA's home server.
[2] Problem: Missing Expected Value
Base Object: CN=LostAndFoundConfig,CN=C
Base Object Description: "Server Object"
Value Object Attribute: serverReference
Value Object Description: "DC Account Object"
Recommended Action: This could hamper authentication (and thus
replication, etc). Check if this server is deleted, and if so
clean up this DCs Account Object. If the problem persists and
this is not a deleted DC, authoratively restore the DSA object from
a good copy, for example the DSA on the DSA's home server.
......................... KTPO05DC1 failed test VerifyEnterpriseReferences
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks,
Brian