[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

New 2012 Child DC added to existing Domain roll out Event ID 1864

Posted on 2014-01-17
6
Medium Priority
?
624 Views
Last Modified: 2014-02-07
It suggests running dcdiag and repadmin /showvector...
When I run repadmin I see the first 5 items are not named.  Are there things that can be removed or should I be concerned?  (see attached)

DCDIAG shows all test pass except one:
               Starting test: KnowsOfRoleHolders
         [BQDC2] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         Warning: BQDC2 is the Schema Owner, but is not responding to DS RPC
         Bind.
         Ldap search capability attribute search failed on server BQDC2, return
         value = 81
         Warning: BQDC2 is the Schema Owner, but is not responding to LDAP
         Bind.
         Warning: BQDC2 is the Domain Owner, but is not responding to DS RPC
         Bind.
         Warning: BQDC2 is the Domain Owner, but is not responding to LDAP
         Bind.
         ......................... NADC1 failed test KnowsOfRoleHolders
Capture.JPG
0
Comment
Question by:bergquistcompany
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39789631
Is BQDC2 your current FSMO holder and online?   Lets start with the RPC errors and go through the steps outlined here  

http://technet.microsoft.com/library/replication-error-1722-the-rpc-server-is-unavailable(WS.10).aspx

Thanks

Mike
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39789642
It appears that the connection between BQDC2 and NADC1 are not consistent. Can you remove the automatic conneciton in sites and services and manually create a connection so that the DC's can replicate the information (this is only temporary).

Also make sure that your DNS is set correctly as this can be the reason for the error you are encountering.

Take a look at the following KB article as it illustrats a whole host of steps to troubleshoot this issue.

Troubleshooting Steps for Event 1722

Will.
0
 

Author Comment

by:bergquistcompany
ID: 39789676
Services are started/stopped accordingly
HKLM\Software\Microsoft\Rpc - there
DCDIAG /TEST:DNS /V /E /F:<filename.log> - still running
NLTest - completed successfully
no netdiag 2012
Ping - a worked
dnslint /s IP /ad IP - not on 2012
no firewall between
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 38

Expert Comment

by:Mahesh
ID: 39789689
From other DCs in child domain and parent check if you are able to resolve FSMO roles ?

netdom query fsmo

Also if this is new child Domain, check if domaindnszones folder is populated or not as it is the culprit who never populated immediately and creates problem.

If this is child DC in existing domain, then manually add NS entry in dns zone and check

Mahesh
0
 

Author Comment

by:bergquistcompany
ID: 39805072
it appears under the _.msds one of the DCs didn't populate.  I can add  it but how do I know the GUID?
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39806354
You need to go to Ad sites and services and from there navigate to Site\servers\ntds settings properties and on general tab you will find GUID of affected DC

Mahesh
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Here's a look at newsworthy articles and community happenings during the last month.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question