219com
asked on
domain controllers cannot communicate
All heck broke loose this afternoon. The PDC and BDC stopped communicating and Exchange 2007 was stuck in the middle. I can force AD replication from 2 to 1 but when I try from 1 to 2 I get an error that says:
"The following error occurred during and attempt to synchronize naming contect <domain> from domain controller dc1 to dc2. Replication is denied. It looked as if the PDC was not workign correctly so I tried to transfer FSMO roles to the BDC and take the PDC offline. When I did that the BDC tool the roles fine but the PDC would not let go of them, saying that if I wanted to transfer roles I would have to connect the DC's....but they are connected. When I perform a netdiag on the Exchange Server it can't find any domain conrollers.
I'm not sure what happened here, but nothing seems to be talking. I have layer 1, 2, and 3 connection but that seems to be where it stops. I am getting pummeled with userenv 1030 and 1058 errors as well as Exchange errors and warnings that there are no domain controllers online. I have reset teh kerberos passwords thinking it might be an authentication error or maybe a journal wrap of some sorts possibly. I have been going blind trying to figure this one out. Any help gets my eternal gratitude.
"The following error occurred during and attempt to synchronize naming contect <domain> from domain controller dc1 to dc2. Replication is denied. It looked as if the PDC was not workign correctly so I tried to transfer FSMO roles to the BDC and take the PDC offline. When I did that the BDC tool the roles fine but the PDC would not let go of them, saying that if I wanted to transfer roles I would have to connect the DC's....but they are connected. When I perform a netdiag on the Exchange Server it can't find any domain conrollers.
I'm not sure what happened here, but nothing seems to be talking. I have layer 1, 2, and 3 connection but that seems to be where it stops. I am getting pummeled with userenv 1030 and 1058 errors as well as Exchange errors and warnings that there are no domain controllers online. I have reset teh kerberos passwords thinking it might be an authentication error or maybe a journal wrap of some sorts possibly. I have been going blind trying to figure this one out. Any help gets my eternal gratitude.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
At this moment I'm not sure what it might be but something tells me you may need to reset the password of the computer account of DC2. I'm saying unsure, because I have not the seen the exact ERROR messages. Those are always important to prevent misinterpretations. Can you post those errors including event IDs?
Can you also attach a DCDIAG output in TXT files of BOTH DCs? (DCDIAG /C /V /D)
To reset the pssword of a DC: http://support.microsoft.com/kb/325850
Can you also attach a DCDIAG output in TXT files of BOTH DCs? (DCDIAG /C /V /D)
To reset the pssword of a DC: http://support.microsoft.com/kb/325850
ASKER
Once I removed one of the DC's and made some adjustments system came to life, thanks
It will be better to restore system state on one server then get your exchange server to talk to it by changing the directory access tap in exchange system manger.
Then restore system state on the secondary server & attach it to the network.
Restoring system state will take about 10 minutes, then your system will boot up with working state.
Best of luck
Exchange.JPG