Link to home
Create AccountLog in
Avatar of fairtech
fairtechFlag for Canada

asked on

Replication between 2 DC's stopped working

Here is the error I get when trying to manually run the replication

User generated image
Avatar of Mike Kline
Mike Kline
Flag of United States of America image

Are there any firewalls between the two servers? You can use tools like portqry to track those down   http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

Can you run repadmin /replsum  What do you see there?

Any other errors in your logs?

Thanks

Mike
Hi,

The "RPC server unavailable" error can occur for the following reasons:

DNS problems

Time synchronization problem

RPC service is not running

Network connectivity problem

DNS Resolution-
1. Each DC / DNS server points to its private IP address as primary DNS server and other internal DNS servers as secondary ones
2. Each DC has just one IP address and one network adapter is enabled.  
3. Contact your ISP and get valid DNS IPs from them and add it in to the forwarders, Do not set public DNS server in TCP/IP setting.
4. Once you are done, run "ipconfig /flushdns & ipconfig /registerdns", restart DNS and NETLOGON service each DC.

TIme resolution-
Refer this article: http://abhijitw.wordpress.com/2011/10/08/time-server-configuration-to-sync-pdc-emulator-to-an-external-time-source/

RPC service-
Ensure the RPC service is running.

Network connectivity-
Ensure that the important well-known ports required in a domain environment are open on the firewall between these DCs, use the PortqryUI tool.

Refer:http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

Avatar of fairtech

ASKER

User generated image
Port Query from SERV2003
 User generated image
I can  ping each server from either end by:

IP
Simple name
FQDN

I think it maybe a time issue as "2003BACK" time is always off.
Port Query took quite awhile to run as this DC is very slow. Port Query didn't find any "Return Code 1"
Time configuration is important, make sure the PDC role owner in forest root domain is authorative time server and another DC, members are syncing with it.

run "ipconfig /all" and "dcidag /q"on each DC and post the result.
Here's SERV2003

 User generated image
dcdiag /q didn't report anything

_____________________________________

Here's 2003BACK
 User generated image
dcdiag /q
 User generated image
They need to be within 5 minutes of each other in terms of time.

Thanks

Mike
ASKER CERTIFIED SOLUTION
Avatar of abhijitwaikar
abhijitwaikar
Flag of India image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Should the Primary DNS be the other DC's IP address?
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Well I think that worked. Here's DC "SERV2003"
 User generated image
Here's DC "2003BACK
 User generated image
and keeping the same Time on both DC's

Suggest you to run dcdiag /q and repadmin /replsum commands to verify that the everything is in place.
Maybe not out of the woods yet.

Here's "2003BACK"
 User generated image
Here's "SERV2003"
 User generated image
Everything is clean now, do not to worry about the DCDIAG output on 2003BACK, it shows there were previous error in system event log.
Okay ...that's sort of what I thought after I looked at them alittle closer.

thanks you very much abhijitwaikar and mkline71