[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 320
  • Last Modified:

Cannot Replicate after upgrading domain functional level

Hello,
Parent and child domain. Parent domain (forest) still in domain functional level 2003. However, child domain i just updated to domain functional level 2008 R2. Now replication is not working. I believe the issue is dns, but i do not know what could be different the names have not changed? This is a two way transitive trust between domains.
Frequent messages from dcdiag dns, are
no DNS RPC connectivity (although i have tried restarting dcom, netbios and frs)
Also in event viewer many 13508 errors
Any help is greatly appreciated thank you.
0
mrbayIt
Asked:
mrbayIt
  • 5
  • 4
1 Solution
 
MaheshArchitectCommented:
From Parent Domain DC, try to connect to ADUC of child domain and check if it allows you to connect, if not please check DNS records
Upgrading functional level has nothing to do with replication.
Replication problem must be there already, can you please check below
What is the name resolution method between parent and child domain ?

Parent domain should have dns delegation in parent dns zone (domain.com) pointing to child domain or secondary zone pointing to child domain dns zone
Also child domain must have conditional forwarder \ secondary zone pointing to parent dns zone

Once your name resolution is working correctly, your replication should work correctly
0
 
mrbayItAuthor Commented:
hi mahesh, i agree with your logic however the data shows differently. Everything was replicating fine, we add student accounts every day, the moment replication stopped was the moment i upgrade domain functional level. Which is what i am trying to unmask now. do you have any specific instructions i can follow to try and troubleshoot
0
 
MaheshArchitectCommented:
OK
What you are trying to replicate, parent domain have his own domain directory partition and child domain also has separate domain directory partition
Only configuration and schema partitions get replicated

Why \ How you get \ feel that replication is stopped

Please run repadmin /showrepl on parent DC and child DC to ensure AD replication is working or not?

Also is DNS is setup correctly?
Are you able to resolve parent and child domains correctly with nslookup?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
mrbayItAuthor Commented:
i can correctly resolve parent and child domains, but honestly all that i am trying to replicate right now is amongst DC's in the child domain. Not even looking into replication between child and parent
0
 
MaheshArchitectCommented:
Really I don't see any problems with functional levels

Can you please post dcdiag /v and repadmin /showrepl output on child DCs ?
0
 
mrbayItAuthor Commented:
issue resolved
0
 
MaheshArchitectCommented:
Not sure what you mean by reenable replication ?

Raising functional level will not stop AD replication,

Can you explain what exact issue you have faced please?
0
 
mrbayItAuthor Commented:
after the upgrade replication froze, the pdc went into a protective state. i had to run these commmands from pdc
                                   § repadmin /options <DC NAME> +DISABLE_OUTBOUND_REPL
                                    § repadmin /options <DC NAME> -DISABLE_OUTBOUND_REPL
                                   § repadmin /options <DC NAME> +DISABLE_INBOUND_REPL
                                    § repadmin /options <DC NAME> -DISABLE_INBOUND_REPL

and that resolved it
0
 
mrbayItAuthor Commented:
i figured it out, had to reenable replication
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now