Solved

Domain replication Error

Posted on 2014-03-16
18
366 Views
Last Modified: 2014-03-20
Hello I have two physical servers.

In physical01 I have a virtualized domain controller(DC3)  in physical02 I have another domain controller(DC1) and a Exchange Server 2010.

This weekend  the servers were down (power outage) and now the physical01 are down  and only is working physical02.

In DC1 the event viewer shows event Id 1863, and 2092. "the server is own of FSMO rol but is not valid"

And the Exchange server can't mount the database.

Can I repair without start physical01?

thanks
0
Comment
Question by:limmontreefree
  • 10
  • 8
18 Comments
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39933486
Hi,

1. Is your FSMO role holder server is up ?, if not then did you planned to make it up ?

if not then

a) perform metadata cleanup for old DC.
b) Seize the FSMO Roles to live server.
c) Make sure that old server name is completely removed from DNS, ADUC and sites and services.
d) Run DCDIAG /V and see the errors.

2. if you can start the FSMO Role holder server then start it, and transfer the roles to running server.
a) Run DCDIAG /V and see the errors.
0
 

Author Comment

by:limmontreefree
ID: 39933954
After start the physical01 and DC3 now the exchange database has been mounted properly.

The physical01 was down in the event log Directory service I was:

Warning event 2092 this server is the owner of the FSMO role but it's not valid. This server was not property replicated since the restart. the replication errors prevent the role validation.

Error event 1863 this is the replication state:
latency interval (hours) 24
....

You can modify the latency interval....

What was the problem? the DC3 was down and after 24 hours the other Domain Controller became "not usable"?

thanks
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39934250
We have to collect some data to get Answer for all questions.

1. what are the Operating system you are running.
2. how many server are acting as GC (I guess All) ?
3. it seems DNS if not configured properly. - run DCDIAG /test:DNS
4. Proper Replication  not happening. - run DCDIAG /V
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:limmontreefree
ID: 39935630
Both DC are W2008R2 and are GC.

In the Dcdiag /test:DNS the only errors are with the forwarders. and with  DCDIAG /V I think all is fine.
Thanks
dcdiag.txt
testDNS.txt
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39937061
Hi,

you are correct, In the Dcdiag /test:DNS the only some errors and DCDIAG /V  is fine.

it seems your Root hints of DNS are not working properly. Please check and fix it.

http://technet.microsoft.com/en-us/library/cc730735.aspx
0
 

Author Comment

by:limmontreefree
ID: 39939326
Thanks again, but now I have serveral questions:

I have two domain Controllers, both are DNS server.

Have I to configure in forwarder Tab the other DNS server?

If yes, Have I to mark the checkbox Use root hint if there isn't enabled forwarder?

In other hand.

Where can I take the correct list of root hints servers?

Thanks
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39939336
No, if you donot have any specific DNS server or you dont want to user any other DNS to resolve you dns queries.

you can copy the other server root hints and check if all root hint servers are showing green.

In your exchange server LAN property, did you added both DC IP as DNS ?
0
 

Author Comment

by:limmontreefree
ID: 39939408
"No, if you donot have any specific DNS server or you dont want to user any other DNS to resolve you dns queries."  --> I have two DNS servers DC1 and DC3, I want the  servers work together, but I don't know if I have to force it the forward Tab or if it is done itself.....

"you can copy the other server root hints and check if all root hint servers are showing green." --> Ok I can copy,  but from Where, If you are telling me to copy from DC3,  I have the some issue in DC1 and DC3, may be forefront are filtering something?... Are there in Internet a good list to copy it....

"In your exchange server LAN property, did you added both DC IP as DNS ?" --> yes, The weekend the problem was that DC3 was down and DC1 thought:

Warning event 2092 this server is the owner of the FSMO role but it's not valid. This server was not property replicated since the restart. the replication errors prevent the role validation.

Error event 1863 this is the replication state:
latency interval (hours) 24  


So I want to make DCDIAG /test:DNS run fine, and latter think about event 2092.

Thanks.
0
 

Author Comment

by:limmontreefree
ID: 39939413
And

"you can copy the other server root hints and check if all root hint servers are showing green."  --> "green Where I have to see it in green"

Thanks and sorry for my bad English ...
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39939455
DNS
0
 

Author Comment

by:limmontreefree
ID: 39941663
Thanks you very much I have checked all the root hints server are green except d.root-server.net has a time out error. This error is in my DC1 and DC3. DC1 and DC3 have the same root hint servers

but If I run DCDIAG /test:DSN , I still this warnning: test 1 not passed in this DNS server. AND the last line shows XXXXXXXX.local pass the DNS test.

I'm confused, are important the warning?, what  means?
 
 image
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39942067
Hi,

1. run the cmd and type
"NSLOOKUP localhost" and see the result.

2. go to C:\Windows\System32\drivers\etc and check the HOSTS files for any additional entry.

3. check the LAN card property and see if you have any loopback address configured as DNS, remove it and make sure that only your DC and ADC IP should be there.

4. run IPCONFIG /FLUSHDNS and rerun the DCDIAG /test:DSN

5. Try to replicate and see the results.
0
 

Author Comment

by:limmontreefree
ID: 39942887
Ok very interesting:


both DC1 and DC3 when I do NSLOOKUP localhost

tell me dc1.XXXXXXX.local not find localhost: non-existing domain
tell me dc2.XXXXXXX.local not find localhost: non-existing domain

 doing this I found a mistake....
DC1 has primary dns itself 192.168.168.10 and secondary 192.168.168.12 DC3

but DC3 had the same  and I change the order so now it's
DC3 has primary dns itself 192.168.168.12 and secondary 192.168.168.10 DC1.

host are empty as expected.

I have flushed the DNS cache.

And run the DCDIAG /test:DNS.

Now in DC1 the result is the same but in DC3 I only get and error in d.root-servers.net neither can ping it.
So DC3 are running correctly ... but what is happened to DC1??
0
 

Author Comment

by:limmontreefree
ID: 39942932
and now finally works fine in DC1 .....

But why has happened this?.

I only change the order of the Ip in the tcptip dns conf.
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39942976
it happens some time.  that's why i did ask to check it in my earlier post, but seems you did not noticed.

any ways..,  

do you have any issue  now ?
0
 

Author Comment

by:limmontreefree
ID: 39942986
No, the log is clear..

I have learned a lot .

Thanks.
0
 

Author Closing Comment

by:limmontreefree
ID: 39942990
Very helpful.

Thanks again
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39943014
your welcome.... Happy to help...
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question