Windows Server 2003
--
Questions
--
Followers
Top Experts
Event ID 1567 - NTDS KCC
Hi All
I have an issue on a domain controller in a site. We have 4 domains in a single forest, this site has domain controllers from 4 different domains in it. The issue im getting is on a DC / DNS server in domainA (pasted below)
I have checked sites and services and the only prefered bridgehead for the site is a Windows 2003 server but its in DomainB, my first question is when it comes to site replication is each domain treated seperately when it comes to selecting bridgeheads etc or can the birdgehead server that controls replication for that site be any server even in a different domain
This is the only DC for DomainA in this site
I am getting the error below
Thanks
Nick
referred bridgehead servers have been selected to support intersite replication with the following site using the following transport. However, none of these preferred bridgehead servers can replicate the following directory partition.
Site:
CN=COL,CN=Sites,CN=Configu
Transport:
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Con
Directory partition:
DC=mid,DC=domainroot,DC=co
User Action
Using Active Directory Sites and Services, do the following:
- Configure a domain controller that can support replication of this directory partition as a preferred bridgehead server for this transport. You can do this by modifying the corresponding server.
- Verify that the corresponding Server objects have a network address for this transport. For example, domain controllers that replicate using the SMTP transport must have a mailAddress attribute. This attribute is normally configured automatically after the SMTP service is installed.
Until this is rectified, the Knowledge Consistency Checker (KCC) will consider all domain controllers in this site as possible bridgehead domain controllers for this directory partition.
For more information, see Help and Support Center at
I have an issue on a domain controller in a site. We have 4 domains in a single forest, this site has domain controllers from 4 different domains in it. The issue im getting is on a DC / DNS server in domainA (pasted below)
I have checked sites and services and the only prefered bridgehead for the site is a Windows 2003 server but its in DomainB, my first question is when it comes to site replication is each domain treated seperately when it comes to selecting bridgeheads etc or can the birdgehead server that controls replication for that site be any server even in a different domain
This is the only DC for DomainA in this site
I am getting the error below
Thanks
Nick
referred bridgehead servers have been selected to support intersite replication with the following site using the following transport. However, none of these preferred bridgehead servers can replicate the following directory partition.
Site:
CN=COL,CN=Sites,CN=Configu
Transport:
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Con
Directory partition:
DC=mid,DC=domainroot,DC=co
User Action
Using Active Directory Sites and Services, do the following:
- Configure a domain controller that can support replication of this directory partition as a preferred bridgehead server for this transport. You can do this by modifying the corresponding server.
- Verify that the corresponding Server objects have a network address for this transport. For example, domain controllers that replicate using the SMTP transport must have a mailAddress attribute. This attribute is normally configured automatically after the SMTP service is installed.
Until this is rectified, the Knowledge Consistency Checker (KCC) will consider all domain controllers in this site as possible bridgehead domain controllers for this directory partition.
For more information, see Help and Support Center at
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
just to add its also logging the below in the system log
Source Netlogon Event ID 5719
This computer was not able to set up a secure session with a domain controller in domain ESSEX due to the following:
The RPC server is unavailable.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
For more information, see Help and Support Center at
Source Netlogon Event ID 5719
This computer was not able to set up a secure session with a domain controller in domain ESSEX due to the following:
The RPC server is unavailable.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
For more information, see Help and Support Center at
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Hi,
KCC works automatically to findout a proper topology of the forest and create connection objects accordingly. Now, you are getting "RPC Server Unavailable" error, it seems that there is port blockage between the DCs. Hence KCC is not able to create connections or is not able to read complete topology.
I would suggest you to see if all DCs are communicating with each other. You can run PORTQRYUI tool on each DC against each DC to check that.
Generally RPC unavailable error comes when we have some firewall in place between DCs.
Once we fix this RPC error, we can force KCC to check replication topology once again. (For this to happen I recommend you not to make any manual connection objects or make any manual bridgehead servers).
Regards,
Arun.
KCC works automatically to findout a proper topology of the forest and create connection objects accordingly. Now, you are getting "RPC Server Unavailable" error, it seems that there is port blockage between the DCs. Hence KCC is not able to create connections or is not able to read complete topology.
I would suggest you to see if all DCs are communicating with each other. You can run PORTQRYUI tool on each DC against each DC to check that.
Generally RPC unavailable error comes when we have some firewall in place between DCs.
Once we fix this RPC error, we can force KCC to check replication topology once again. (For this to happen I recommend you not to make any manual connection objects or make any manual bridgehead servers).
Regards,
Arun.
Thanks
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Windows Server 2003
--
Questions
--
Followers
Top Experts
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).