Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Server 2008R2 Replication problem

Posted on 2014-02-05
8
Medium Priority
?
449 Views
Last Modified: 2014-02-12
My network is setup in a "hub and spoke" configuration with the main office being the hub and three branch locations.  All branches can communicate with the main office via VPN connections.  There are no firewalls blocking any internal traffic.

Main office subnet 10.39.1.0/255.255.255.0   Server Name: APP2 10.39.1.251 (2008R2) Server Name: TS 10.39.1.249  (2003R2)

Fraser branch subnet 10.39.3.0/255.255.255.0  Server Name: FRAS3  10.39.3.250 (2008R2)

Kremmling branch 10.39.5.0/255.255.255.0 Server Name: KREM  10.39.5.250 (2008R2)

Grand Lake branch 10.39.2.0/255.255.255.0  Server Name: GL  10.39.2.250(2008R2)
 
Each of the servers is a DC running AD integrated DNS.  All servers successfully resolve NSLOOKUP of each other.  All servers successfully reply to pings from APP2 server.

Just to be clear, all the branches have full two way unblocked communication with the main office, but they do not have direct communication to each other.  

The problem is, I had to do a dcpromo /forecremoval from a failed server named FRAS2 at Fraser 10.39.3.0.  I replaced it with a server named FRAS3.  I promoted FRAS3 to a DC two days ago.  The server APP2 located at the main office 10.39.1.0 holds all FSMO roles.  AD Sites and Services on APP2 at the main office did not have a ntds connection to FRAS3.  I manually created a connection.  I forced replication  and received the error "The naming context is in the process of being removed."  SEE ATTACHED SCREEN PRINT.  
How do I fix replicaiton?  I have downloaded Microsoft's AD Replication status tool and will post more information as it becomes available.
replication-error.JPG
0
Comment
Question by:dbldiamond
  • 5
  • 2
8 Comments
 
LVL 19

Expert Comment

by:Kash
ID: 39835488
i take it you have gone through this article >>> http://support.microsoft.com/kb/2023704
0
 

Author Comment

by:dbldiamond
ID: 39835495
Yes, I have read the article but have not found any actions that resolve the issue.
0
 
LVL 19

Expert Comment

by:Kash
ID: 39835512
is it possible to initiate replication from app2?


there is this article which is more informative >>>> http://clintboessen.blogspot.co.uk/2013/05/ad-replication-issue-naming-context-is.html
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:dbldiamond
ID: 39835529
FRAS successfully replicates to APP2.  When I try to force replication from APP2 to FRAS I get the error shown in the screen print.  APP2 is the main DC that should be replicating to all of the branch offices.  I am looking at the blog post you mentioned.  Will investigate further...
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39838204
per your screen shot, it is clear that most of the replication paths are manually configured.
It is common problem when you configure the replication paths manually.

By any chance, is there any possibility to delete manual paths and have KCC to auto-build replication topology?
0
 

Accepted Solution

by:
dbldiamond earned 0 total points
ID: 39841579
Sorry I have not posted updates as I have been busy with this problem.  About two weeks ago one of the RAID1 mirrored drives failed.  I replaced the drive and the ARRAY rebuilt.  Apparently, when the drive failed, it created corruption in the AD.  I tried offline AD repair and DB compaction but that failed.  I purchased a Microsoft Support Incident and turned it over to their AD technicians.  I worked with three engineers over two days trying to repair the directory.  It's a very long story and MS Tech Support did many things that did not solve the problem.   Yesterday, the server was so hosed that I could not login in with domain or local administrator accounts in normal, safe, ore DSR Mode.  Ultimately, I decided to bite the bullet and rebuild the server.  Last night I pulled all the old hard drives from the server, installed new ones and rebuilt the server using a different name just to avoid any problems with old metadata.  Then I restored all our data from backup.  This morning I expect to have a few minor issues, but nothing serious.  So the answer for this situation was to rebuild a new server.  The issue that caused the problems to begin with was AD corruption due to HD failure.  

Thanks for the suggestions.  I will ask that this question be closed.
0
 

Author Comment

by:dbldiamond
ID: 39841599
Pramod_ubhe, Yes the replication paths were created manually because the auto configure would not work.  I was trying desperately to force replication.  The server I had problems with as the PDC that held all FSMO roles.  I tried to transfer the roles gracefully but had to size the roles by another server.  The server that was not replicating that had the AD corruption, did manage to replicate to it's same site partner.  However, it appears that replication contained corrupt data.  Both the PDC and the same site partner had to be demoted to member servers.  Yesterday we were able to get the same site partner server promoted back up to a DC.  We attempted to promote APP2 backup up to a DC that failed.  Now that I have rebuilt the server, all NTDS connections are being automatically created.
0
 

Author Closing Comment

by:dbldiamond
ID: 39852784
Ultimately this issue was created by hardware failure and the solution was to rebuild the server with new hard drives.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question