Active Directory Replication failing

Posted on 2014-01-19
Medium Priority
Last Modified: 2014-01-20
I have added a 2012 Standard server to a 2003 functional level domain that had a single 2003 standard server. The 2012 server has been added to the domain and promoted to a domain controller. Both servers are on same LAN and in same subnet. Both servers have GC. all FSMO roles are on 2003 Server, Both servers have DNS installed, 2003Server is only authorized DHCP. plan to retire the 2003Server in near future. Logged on as built-in Administrator account on both servers. I have not been able to successfully replicate. Error numbers are 1722 The RPC server is unavailable, Experienced the following Operational Errors trying to retrieve replication information 58 - [2003Server].[domainName].local
I have taken the following steps;
read several kb articles etc.
disable firewall on both servers
disable antivirus software
restart DNS
verify that NIC in each DC uses own address for DNS
verify that both servers DNS forwarders is ISP DNS servers
verify that each DC is the SOA in DNS and that each has an A record for the other server
verify that I can ping both ways, open shares, transfer files, etc.
ipconfig /flushdns
ipconfig /registerdns
ran repadmin /replsum from 2012Server results indicate Source 2003Server to 2012Server  - 5 fails
ran repadmin /replsum from 2003Server. Results indicate Source 2012Server 0 fails. Source 2003Server 5 fails.
ran dcdiag from 2012Server (attached) names are substitutes
Question by:rettif9
LVL 14

Expert Comment

by:Abduljalil Abou Alzahab
ID: 39793511
Did you check the below, it may help you
Replication error 1722 The RPC server is unavailable

Troubleshooting “RPC server is unavailable” error, reported in failing AD replication scenario
LVL 38

Accepted Solution

Mahesh earned 1400 total points
ID: 39793612
have you faced any errors when you promoted 2012 server as DC ?

If not, just give some time to settle down everything. may be you can restart both Dcs one by one and check.

Check if you are able to view netlogon and sysvol shares in windows explorer or through net share command in command prompt on 2012 server
Also check directory services events on 2012 DC for event ID 1394 and FRS events for 13516

Check if both servers are in same time zone and time is correct on them.
If there is deviation, from elevated command prompt on 2012 DC, run below command
net time \\2003DCname /set /y
Check if DNS zones are populated on 2012 DC
point Windows 2012 server preferred DNS to its own IP, then restart netlogon service from 2012 DC,
Check NS records are there in domain.com zone and _msdcs.domain.com zone for both Dcs, if not found just create it.
Delet connection objects from active directory sites and services and trigger "check replication topology" from both servers for both servers.

Try creating replicate connection objects manually in AD sites and services if "Check replication topology" didn't created them uautomaticallt for you.

LVL 13

Expert Comment

ID: 39793796
Check are you able to resolve the 2003 server IP from 2012 server. What is the primary DNS configured in the 2012 server. Configure 2003 IP address as primary DNS in 2012 server and do ipconfig /registerdns.
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 600 total points
ID: 39794145
When you promoted the 2012 DC did you have its DNS settings pointing to the 2003 DC that was online? If everything went well with the promotion then what you might want to do in the mean time is the following...

- go into Sites and Services
- check to see if the 2012 DC object was created
- See if there are any NTDS connections made to it for replication
- It will try and use the KCC automatically by default
- if you have automatic conneciton (delete them temporarily)
- create manual connections to the DC you want to replicate to/from
- once the manual connection is created on both DC's wait for replication
- Once you have verified replication delete the manual connections and allow KCC to re-create the connections again

I have seen at times where the KCC does not properly create the connections for newly promoted servers. This does not happen often but what i do to work around this is temporarily create manul connections to the DC having issues. Allow replicaiton to happen and let KCC re-create the connections.


Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question