Event id 1030 and 1058

Hello EE. I have a domain controller running Windows 2003 SP2 that is located at another location that logs event ID 1030 and 1058. It complains about not finding a particular gpt.ini file for a particular GPO. The remote DC replicates from the main DC located at the main siite. The remote DC connects to the main location via site to site VPN tunnel. When I look at the sysvol on both DCs they do not have the same number of entries  of entries.  The main DC has more poilicies. Are they supposed to be the same?
InSearchOfAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SandeshdubeySenior Server EngineerCommented:
Yes the policies should be same on both the DC.
As there is mismatch between the sysvol content between both the DC perform authorative and non authorative restore of sysvol.

As you have two DC in the network you need to take the backup of sysvol folder(Policies & Scripts) of both DC.Perform D4(auth restore) on healthy DC in your case it is main DC  and D2(non-auth restore) on other DC.

This is probably what you need to do to get it back.
Reference KB "http://support.microsoft.com/kb/290762/" article.

0
abhijitwaikarCommented:
0
ChiefITCommented:
Usually these errors are caused by a problem with the replication process. Please read the article I wrote on the subject to help you self diagnose the root cause:

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/A_1073-Diagnosing-and-repairing-Events-1030-and-1058.html
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

InSearchOfAuthor Commented:
Ok. Thanks for the info. Lrt me look at these solutions and post back. Is there an order to things when it to the BUR flags solution?
0
ChiefITCommented:
Yes, if replication seizes and you can't restart the replication service manually. This is when you have to use the Burflag. Prior to doing so, you have to fix the DNS discrepancy first. Otherwise you will not be able to reset the replication between servers.
0
InSearchOfAuthor Commented:
Well, I ran the checks and tests outlined in the links in your atricle and I get no errord as well as the dfsutil /PurgeMupCache command. The number of policies still differ between the 2 DCs. The main DC has more entries than the remote one.  I read on your article that using the BUR registry method was not reccommended for Windows 2003 R2 which is what I have.
0
ChiefITCommented:
Did you run DCdiag /test:DNS at the server's command prompt and also look within the FRS event logs of the DC?
0
InSearchOfAuthor Commented:
Yes I did. The test ran fine and the event logs have no error. Now I am getting 1030 and 1058 every 5 minutes.
0
ChiefITCommented:
That's a server to server replication. I would like to take a look at this output:

DCdiag /test:netlogons
-------------------------------------------------
I think all you will have to do is reset the replication set between servers...

So, go to the server's command prompt and type these command lines:

Net stop netlogon
Net start netlogon
net stop NTFRS
net start NTFRS

NOW go into AD sites and services snapin and force replicate between servers.

Here is how:
http://www.windowsnetworking.com/kbase/windowstips/windows2003/admintips/activedirectory/ForcingActiveDirectoryReplication.html

---------------------------------------------
Within the errors, you will see an id to the group policy:

it will look something like a gui ID and that tells us what policy is having problems.. What is the UNC path ID of the GPO object having issues?
-----------------------------------------------

0
SandeshdubeySenior Server EngineerCommented:
Have you tried to rebuild the sysvol as there is mismatch between the sysvol content?
Unless you dont rebuild the same you will recieve the event event ID 1030 and 1058.If you ran gpupdate /force you will get the same event.

1) Normally for an Authoritative Restore you stop at NTFRS services on all DCs.
2) Set burflags to D4 on a known good sysvol (or at this time restore sysvol data from backup then set burflags to D4) then start NTFRS on this server.  You may want to rename the old folders with .old extensions prior to restoring good data.
3) Clean up the folders on all the remaining servers (Policies, Scripts, etc) - renamed them with .old extensions.
4) Set burflags to D2 on all remaining servers and start NTFRS.
5) Wait for FRS to replicate.
6) Clean up the .old stuff if things look good.

This is probably what you need to do to get it back.KB article:http://support.microsoft.com/kb/290762/" article.
0
InSearchOfAuthor Commented:
Ok. Thanks for the useful tips. I will try them and post back.
0
InSearchOfAuthor Commented:
This is the output from  DCdiag /test:netlogons:

C:\Program Files\Support Tools>DCdiag /test:netlogons

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: NAME\NYF-NAME
      Starting test: Connectivity
         ......................... NYF-NAME passed test Connectivity

Doing primary tests

   Testing server: NAME\NYF-NAME
      Starting test: NetLogons
         ......................... NYF-NAME passed test NetLogons

   Running partition tests on : DomainDnsZones

   Running partition tests on : ForestDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : DOMAIN
   Running enterprise tests on : DOMAIN.org
C:\Program Files\Support Tools>
0
ChiefITCommented:
OK, a soft reset of the FRS service might fix the issue.

On the remote site, go to the command prompt and type.

Net stop NTFRS

On the FSMO main site, go to the DC and type:

net stop NTFRS
Net start NTFRS

On the remote site, go to the command prompt and type:
Net start NTFRS

Now, try to force replicate between servers by going into AD sites and services snapin. Follow these instructions if you need to know how to force replicate.

http://www.windowsnetworking.com/kbase/windowstips/windows2003/admintips/activedirectory/ForcingActiveDirectoryReplication.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
InSearchOfAuthor Commented:
Ok. Thanks ChiefIT. That worked. Thank you all for the help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.