Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

sysvol and PGO replicating or not

Posted on 2013-02-07
10
Medium Priority
?
351 Views
Last Modified: 2013-02-08
How can I verify if sysvol and GPO is replicating between domain controllers. I know they did replicate before as they were on the same site but since moving to another remote site I am not sure. I can see the dates on the sysvol folder are the same between the domain controllers. I am also curious as I know GPO's have been changed in the past few weeks yet the dates on the sysvol folder for policies have not. Its 2003 domain.,
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 38863400
what are you using to replicate

still fsr or did you upgrade domain to dfsr?
to check replication run that on domain controllers (from cmd runned as administrator)
repadmin /showrepl
repadmin /replicate
repadmin /syncall

if it detects some errors try that

repadmin /removelingeringobjects

JAN MA CCNA
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38863513
when I run showrepl, the output is broken down into a few different sections, on the first section it shows 3 replications for different guid numbers, the first one is successful the second one a minute before failed and the third was for about ten days ago failed.
other sections are similar but I am unsure of exactly what I am looking for
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 38863535
can you paste it here?

right click and press mark then press enter then press paste in ee (redact sensitive information and possibly change domainnames to something else)
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 6

Author Comment

by:Sid_F
ID: 38863539
For security I can't paste sorry!
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38863554
ok details removed


Default-First-Site\mycompany-server1
DC Options: (none)
Site Options: (none)
DC object GUID: e969e570-9334-4cc3-aa80-79fe94ecbd9f
DC invocationID: af1b471f-cd3d-4bad-b7a1-0f93eb66b2f4

==== INBOUND NEIGHBORS ======================================

DC=mycompany,DC=local
    Default-First-Site\mycompany-server2 via RPC
        DC object GUID: a6067ddb-5854-472d-b6ce-fe30625083f9
        Last attempt @ 2013-02-07 11:25:34 was successful.
    Default-First-Site\mycompany-mainDC via RPC
        DC object GUID: 1f5739a0-d579-4c20-97af-902d9fc50744
        Last attempt @ 2013-02-07 11:26:17 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        51857 consecutive failure(s).
        Last success @ 2013-01-20 00:20:17.
    Default-First-Site\mycompany-secondDC via RPC
        DC object GUID: 844e9cc0-41a9-49da-8449-0523cf96aa36
        Last attempt @ 2013-02-07 11:26:17 was successful.

CN=Configuration,DC=mycompany,DC=local
    Default-First-Site\mycompany-server2 via RPC
        DC object GUID: a6067ddb-5854-472d-b6ce-fe30625083f9
        Last attempt @ 2013-02-07 10:57:05 was successful.
    Default-First-Site\mycompany-secondDC via RPC
        DC object GUID: 844e9cc0-41a9-49da-8449-0523cf96aa36
        Last attempt @ 2013-02-07 10:57:05 was successful.
    Default-First-Site\mycompany-mainDC via RPC
        DC object GUID: 1f5739a0-d579-4c20-97af-902d9fc50744
        Last attempt @ 2013-02-07 10:57:26 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        458 consecutive failure(s).
        Last success @ 2013-01-19 23:56:48.

CN=Schema,CN=Configuration,DC=mycompany,DC=local
    Default-First-Site\mycompany-server2 via RPC
        DC object GUID: a6067ddb-5854-472d-b6ce-fe30625083f9
        Last attempt @ 2013-02-07 10:57:26 was successful.
    Default-First-Site\mycompany-secondDC via RPC
        DC object GUID: 844e9cc0-41a9-49da-8449-0523cf96aa36
        Last attempt @ 2013-02-07 10:57:26 was successful.
    Default-First-Site\mycompany-mainDC via RPC
        DC object GUID: 1f5739a0-d579-4c20-97af-902d9fc50744
        Last attempt @ 2013-02-07 10:57:47 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        455 consecutive failure(s).
        Last success @ 2013-01-19 23:56:48.

DC=DomainDnsZones,DC=mycompany,DC=local
    Default-First-Site\mycompany-mainDC via RPC
        DC object GUID: 1f5739a0-d579-4c20-97af-902d9fc50744
        Last attempt @ 2013-02-07 11:12:11 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        2168 consecutive failure(s).
        Last success @ 2013-01-20 00:13:35.
    Default-First-Site\mycompany-secondDC via RPC
        DC object GUID: 844e9cc0-41a9-49da-8449-0523cf96aa36
        Last attempt @ 2013-02-07 11:12:32 was successful.

DC=ForestDnsZones,DC=mycompany,DC=local
    Default-First-Site\mycompany-mainDC via RPC
        DC object GUID: 1f5739a0-d579-4c20-97af-902d9fc50744
        Last attempt @ 2013-02-07 10:57:05 failed, result 1256 (0x4e8):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
        479 consecutive failure(s).
        Last success @ 2013-01-19 23:56:49.
    Default-First-Site\mycompany-secondDC via RPC
        DC object GUID: 844e9cc0-41a9-49da-8449-0523cf96aa36
        Last attempt @ 2013-02-07 10:58:08 was successful.

Source: Default-First-Site\mycompany-mainDC
******* 51856 CONSECUTIVE FAILURES since 2013-01-20 00:20:17
Last error: 1256 (0x4e8):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38863587
I can see it is failing for one particular domain controller each time.
0
 
LVL 14

Accepted Solution

by:
JAN PAKULA earned 2000 total points
ID: 38865485
Ant update? Did you tried dissabling (temporally) software firewall on servers? If you are using some hardware firewalls -did you forward all necessary ports -checked nat policy? Also try "netstat -an" to see open/listening ports.  dissabling hips antivirus software temporally just to exclude it from potential causes. Any vlans on the system?
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 38867679
Thanks seems to be firewall issue
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 38867734
good you found it - and thanks for points:)
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question