thafemann
asked on
Active Directory Sites and Services, issue with replication
Hello all,
This is a bit weird to me, but I am not sure what is wrong. Background Info.
Windows 2012R2 servers running in Forest/domain functional level 2008r2.
Two Sites, connected with a 30MB vpn connections
Site A is main default site, Site B is remote site.
Site A contains a server with all FSMO roles.
Site B contains a server with R/W AD controller
In Sites and services, everything is default. No custom links.
Intersite Transport is the "DEFAULTIPSITELINK"
Active Directory appears to be healthy.
I have two sites in Sites and services. Each site has 1 server. Each site has more than one subnet attached to it. All the site links are automatically generate. repadmin /kcc shows no errors, repadmin /syncall shows no errors.
When I create a user on a server in Site A, the user doesn't show up as a user on the AD server in Site B. The converse is also true. It is the same for new computers that join the domain. I have waited 24 hours to see if the users would replicate eventually, thinking it was a timing issue. Nope, not even after 24 hours.
If I move AD server in Site B to site A, the users that were created when the server was in Site B do not replicated to the server in Site A. BUT......With the servers in the same site, if I create a brand new user, the user is IMMEDIATELY replicated to all servers, and all is good.
After creating the user, and seeing that is replicated to all the servers, I can then move AD server from Site A back to Site B, change password, change username, change anything, and it is replicated to all the servers.
I can freely move FSMO rolls between servers that are in different sites, so I feel confident that replication is working properly. Since the domain was built with 2008r2, it is DFS replications, and all looks good in the console
Is there anything I can check to see what is going on. Any, "A HA!" moments that anyone can share?
Tom
This is a bit weird to me, but I am not sure what is wrong. Background Info.
Windows 2012R2 servers running in Forest/domain functional level 2008r2.
Two Sites, connected with a 30MB vpn connections
Site A is main default site, Site B is remote site.
Site A contains a server with all FSMO roles.
Site B contains a server with R/W AD controller
In Sites and services, everything is default. No custom links.
Intersite Transport is the "DEFAULTIPSITELINK"
Active Directory appears to be healthy.
I have two sites in Sites and services. Each site has 1 server. Each site has more than one subnet attached to it. All the site links are automatically generate. repadmin /kcc shows no errors, repadmin /syncall shows no errors.
When I create a user on a server in Site A, the user doesn't show up as a user on the AD server in Site B. The converse is also true. It is the same for new computers that join the domain. I have waited 24 hours to see if the users would replicate eventually, thinking it was a timing issue. Nope, not even after 24 hours.
If I move AD server in Site B to site A, the users that were created when the server was in Site B do not replicated to the server in Site A. BUT......With the servers in the same site, if I create a brand new user, the user is IMMEDIATELY replicated to all servers, and all is good.
After creating the user, and seeing that is replicated to all the servers, I can then move AD server from Site A back to Site B, change password, change username, change anything, and it is replicated to all the servers.
I can freely move FSMO rolls between servers that are in different sites, so I feel confident that replication is working properly. Since the domain was built with 2008r2, it is DFS replications, and all looks good in the console
Is there anything I can check to see what is going on. Any, "A HA!" moments that anyone can share?
Tom
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Fun indeed! Sounds like you nailed it, though.
ASKER
The solution provided only gave me a nudge in the right direction to find the solution. Thanks. :)
ASKER
I just did that, and the user SHOWED UP! Hum.....got me thinking.
I looked that the IP DEFAULTIPSITELINK, and then noticed that it was set to 1800.....30 hours. So when I came back about 24 hours later, I was still 6 hours short. I changed it to 90 minutes....
But wait, there is more.
For the fun of it I went into the replication schedule. Yep......the entire schedule was set to "Not Available" except a very small 60 minute window on saturday. Fun.......