Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Domain Controller Replication Issues...

Posted on 2009-07-06
4
Medium Priority
?
1,086 Views
Last Modified: 2012-06-27
Hi,

I've got an issue with our domain controller where I believe the domain is no longer replicating.

As you can see, it doesn't appear to have worked succesfully since 2007!!

Can anyone help or offer any advice?

dcdiag log below... I also keep getting this error in the eventlog:

Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller LVL3-liveSQL-02.managedservices.net for FRS replica set configuration information.
 
 Could not bind to a Domain Controller. Will try again at next polling cycle.

 


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.





Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\LVL3-liveSQL-02
      Starting test: Connectivity
         ......................... LVL3-liveSQL-02 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\LVL3-liveSQL-02
      Starting test: Replications
         [Replications Check,LVL3-liveSQL-02] A recent replication attempt faile
d:
            From LVL3-liveSQL-03 to LVL3-liveSQL-02
            Naming Context: DC=ForestDnsZones,DC=managedservices,DC=net
            The replication generated an error (8614):
            Win32 Error 8614
            The failure occurred at 2009-07-04 04:48:07.
            The last success occurred at 2007-09-26 15:46:27.
            11 failures have occurred since the last success.
         [LVL3-liveSQL-03] DsBindWithSpnEx() failed with error -2146893022,
         Win32 Error -2146893022.
         [Replications Check,LVL3-liveSQL-02] A recent replication attempt faile
d:
            From LVL3-liveSQL-03 to LVL3-liveSQL-02
            Naming Context: DC=DomainDnsZones,DC=managedservices,DC=net
            The replication generated an error (8614):
            Win32 Error 8614
            The failure occurred at 2009-07-04 04:48:07.
            The last success occurred at 2007-09-26 15:46:27.
            11 failures have occurred since the last success.
         [Replications Check,LVL3-liveSQL-02] A recent replication attempt faile
d:
            From LVL3-liveSQL-03 to LVL3-liveSQL-02
            Naming Context: CN=Schema,CN=Configuration,DC=managedservice
s,DC=net
            The replication generated an error (-2146893022):
            Win32 Error -2146893022
            The failure occurred at 2009-07-06 09:48:05.
            The last success occurred at 2007-09-26 15:46:27.
            15573 failures have occurred since the last success.
         [Replications Check,LVL3-liveSQL-02] A recent replication attempt faile
d:
            From LVL3-liveSQL-03 to LVL3-liveSQL-02
            Naming Context: CN=Configuration,DC=managedservices,DC=net
            The replication generated an error (-2146893022):
            Win32 Error -2146893022
            The failure occurred at 2009-07-06 09:51:07.
            The last success occurred at 2007-09-26 15:46:27.
            36466 failures have occurred since the last success.
         [Replications Check,LVL3-liveSQL-02] A recent replication attempt faile
d:
            From LVL3-liveSQL-03 to LVL3-liveSQL-02
            Naming Context: DC=managedservices,DC=net
            The replication generated an error (-2146893022):
            Win32 Error -2146893022
            The failure occurred at 2009-07-06 10:03:17.
            The last success occurred at 2007-09-26 15:46:27.
            19762 failures have occurred since the last success.
         REPLICATION-RECEIVED LATENCY WARNING
         LVL3-liveSQL-02:  Current time is 2009-07-06 10:03:19.
            DC=ForestDnsZones,DC=managedservices,DC=net
               Last replication recieved from LVL3-liveSQL-03 at 2007-09-26 15:4
6:31.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!

            DC=DomainDnsZones,DC=managedservices,DC=net
               Last replication recieved from LVL3-liveSQL-03 at 2007-09-26 15:4
6:31.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!

            CN=Schema,CN=Configuration,DC=managedservices,DC=net
               Last replication recieved from LVL3-liveSQL-03 at 2007-09-26 15:4
6:31.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!

            CN=Configuration,DC=managedservices,DC=net
               Last replication recieved from LVL3-liveSQL-03 at 2007-09-26 15:4
6:31.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!

            DC=managedservices,DC=net
               Last replication recieved from LVL3-liveSQL-03 at 2007-09-26 15:4
6:31.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!

         ......................... LVL3-liveSQL-02 passed test Replications
      Starting test: NCSecDesc
         ......................... LVL3-liveSQL-02 passed test NCSecDesc
      Starting test: NetLogons
         ......................... LVL3-liveSQL-02 passed test NetLogons
      Starting test: Advertising
         ......................... LVL3-liveSQL-02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: LVL3-liveSQL-03 is the Schema Owner, but is not responding to
DS RPC Bind.
         [LVL3-liveSQL-03] LDAP bind failed with error 8341,
         Win32 Error 8341.
         Warning: LVL3-liveSQL-03 is the Schema Owner, but is not responding to
LDAP Bind.
         Warning: LVL3-liveSQL-03 is the Domain Owner, but is not responding to
DS RPC Bind.
         Warning: LVL3-liveSQL-03 is the Domain Owner, but is not responding to
LDAP Bind.
         Warning: LVL3-liveSQL-03 is the PDC Owner, but is not responding to DS
RPC Bind.
         Warning: LVL3-liveSQL-03 is the PDC Owner, but is not responding to LDA
P Bind.
         Warning: LVL3-liveSQL-03 is the Rid Owner, but is not responding to DS
RPC Bind.
         Warning: LVL3-liveSQL-03 is the Rid Owner, but is not responding to LDA
P Bind.
         Warning: LVL3-liveSQL-03 is the Infrastructure Update Owner, but is not
 responding to DS RPC Bind.
         Warning: LVL3-liveSQL-03 is the Infrastructure Update Owner, but is not
 responding to LDAP Bind.
         ......................... LVL3-liveSQL-02 failed test KnowsOfRoleHolder
s
      Starting test: RidManager
         ......................... LVL3-liveSQL-02 failed test RidManager
      Starting test: MachineAccount
         ......................... LVL3-liveSQL-02 passed test MachineAccount
      Starting test: Services
         ......................... LVL3-liveSQL-02 passed test Services
      Starting test: ObjectsReplicated
         ......................... LVL3-liveSQL-02 passed test ObjectsReplicated

      Starting test: frssysvol
         ......................... LVL3-liveSQL-02 passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... LVL3-liveSQL-02 failed test frsevent
      Starting test: kccevent
         ......................... LVL3-liveSQL-02 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 07/06/2009   10:03:19
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 07/06/2009   10:03:19
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 07/06/2009   10:03:19
            Event String: The kerberos client received a
         ......................... LVL3-liveSQL-02 failed test systemlog
      Starting test: VerifyReferences
         ......................... LVL3-liveSQL-02 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : managedservices
      Starting test: CrossRefValidation
         ......................... managedservices passed test CrossRefV
alidation
      Starting test: CheckSDRefDom
         ......................... managedservices passed test CheckSDRe
fDom

   Running enterprise tests on : managedservices.net
      Starting test: Intersite
         ......................... managedservices.net passed test Inter
site
      Starting test: FsmoCheck
         ......................... managedservices.net passed test FsmoC
heck

C:\Program Files\Support Tools>
0
Comment
Question by:nickrawlins
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 1000 total points
ID: 24783611
If the DC has not replicated in 2+ years then you need to get it out of AD.
You can forcibly demote the DC by running dcpromo /forceremoval. This will remove AD from the server without attempting to replicate any changes off. Once it is done and you reboot the server and it will be a standalone serve in a workgroup
Then you can cleanup that old DC from AD -- known as metadatacleanup
http://support.microsoft.com/kb/216498
http://msmvps.com/blogs/ad/archive/2008/12/17/how-to-remove-a-failed-or-offline-dc.aspx
Not sure how many other DCs you have, but you could rebuild and promote this one again if you still need it.
Thanks
 
Mike
 
 
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 1000 total points
ID: 24783614
Because of the times it is more than likely that you are in a tombstone situation.

Try this thread here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_21682625.html
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 24783621
if that is a no go then as Mike has said it's a force demotion and repromote.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question