Replication Problems & DC Server Name Showing Twice in Repadmin / Showutdvec?!

Our school district has two DC’s running Windows 2003. The fileserver has the FSMO roles, and has DNS. The emailserver is running Exchange 2007. We had a Sysvol problem on the fileserver early this week. (It was empty and not shared anymore.) I must admit that I panicked, and did an authoritative restore of the sysvol before investigating other options. Everything seemed okay. Until I noticed that the DC’s were not replicating. I get the Event ID: 4 about "the password used to encrypt the kerberos service ticket is different than on the target server."

Furthermore, the fileserver has all the staff files which My Documents is redirected to. Throughout the day people would complain that they lost contact with their files and would get an error that the fileserver is unavaible. Restarting the computer and logging on again usually helped solve that.

The fileserver still has group  policies, but when I check the group policies on the emailserver I get “domain controller for group policy operations is not available” message.

The strangest part is that I did a repadmin / showutdvec and got these results:
On the emailserver:
Default-First-Site\Fileserver @USN 4288541 @ Time 2010-04-13 10:31:44
Default-First-Site\Emailserver @USN 4091962 @ Time 2010-04-16 16:12:34
On the Fileserver
Default-First-Site\Fileserver @USN 4171162 @ Time 2010-04-16 16:13:18
Default-First-Site\Fileserver @USN 4288541 @ Time 2010-04-13 10:31:44
Default-First-Site\Emailserver @USN 4091945 @ Time 2010-04-16 15:56:01
Why do I have “Default-First-Site\Fileserver” listed twice when I ran this on the fileserver?! Is that normal?
I am thinking that ain’t right and causing my problems. But, how do I fix it??

Attached are the results from a dcdiag on both servers. Hopefully this might help in solving my problem.

Thank you in advance.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

you will have to reset the kerberos secure channel password between two DC's

here is the procedure to do it

stop KDC service on the server you are resetting password of and change startup type to manual.
if necessary purge the current tickets using klist.

reset the password by this command
netdom resetpwd /server:Replication_Partner_Server_Name  /userd:domainname\administrator_id /passwordd:*
(* means it will ask to enter password)
delete KCC connections on source DC
start KDC service and change startup type to automatic
run this command
repadmin /kcc this will re-create kcc connections.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jcole1966Author Commented:

Will this fix the problem with having fileserver listed twice in the fileserver's up-to-dateness vector USN list?  I was going to attempt this yesterday, but when I saw the results of my repadmin / showutdvec I didn't want to attempt it until I knew for sure.
it should fix your problem

if as in this case both servers have multiple entries reset the password on both machines
jcole1966Author Commented:

Thank you so much! It worked perfectly!
jcole1966Author Commented:

Thank you so much. It worked perfectly. I am sorry I am late posting this. Thanks again!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.