• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

Server 2012 R2 DC - replication issues

Hi all,

Single domain: 2003

Just added a server 2012 r2 DC to my domain. Promoted without errors but Im getting errors when trying to replicate. Can ping other domain controllers both on LAN and across WAN. I have entered itself as the primary DNS server and anther DC on the same network as a secondary.
File replication event log:
Event :13508
The File Replication Service is having trouble enabling replication
from [Server2] to [Server1] for c:\windows\sysvol\domain
using the DNS name [Server2].domain.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.

DCDIAG

Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Windows\system32>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = MDGDC01
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Munich\MDGDC01
      Starting test: Connectivity
         ......................... MDGDC01 passed test Connectivity

Doing primary tests

   Testing server: Munich\MDGDC01
      Starting test: Advertising
         ......................... MDGDC01 passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... MDGDC01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... MDGDC01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... MDGDC01 passed test SysVolCheck
      Starting test: KccEvent
         A warning event occurred.  EventID: 0x8000061E
            Time Generated: 09/04/2014   23:24:59
            Event String:
            All directory servers in the following site that can replicate the d
irectory partition over this transport are currently unavailable.
         An error event occurred.  EventID: 0xC000051F
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) has detected problems with t
he following directory partition.
         A warning event occurred.  EventID: 0x80000749
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) was unable to form a complet
e spanning tree network topology. As a result, the following list of sites canno
t be reached from the local site.
         A warning event occurred.  EventID: 0x8000061E
            Time Generated: 09/04/2014   23:24:59
            Event String:
            All directory servers in the following site that can replicate the d
irectory partition over this transport are currently unavailable.
         An error event occurred.  EventID: 0xC000051F
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) has detected problems with t
he following directory partition.
         A warning event occurred.  EventID: 0x80000749
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) was unable to form a complet
e spanning tree network topology. As a result, the following list of sites canno
t be reached from the local site.
         A warning event occurred.  EventID: 0x8000061E
            Time Generated: 09/04/2014   23:24:59
            Event String:
            All directory servers in the following site that can replicate the d
irectory partition over this transport are currently unavailable.
         An error event occurred.  EventID: 0xC000051F
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) has detected problems with t
he following directory partition.
         A warning event occurred.  EventID: 0x80000749
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) was unable to form a complet
e spanning tree network topology. As a result, the following list of sites canno
t be reached from the local site.
         A warning event occurred.  EventID: 0x8000061E
            Time Generated: 09/04/2014   23:24:59
            Event String:
            All directory servers in the following site that can replicate the d
irectory partition over this transport are currently unavailable.
         An error event occurred.  EventID: 0xC000051F
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) has detected problems with t
he following directory partition.
         A warning event occurred.  EventID: 0x80000749
            Time Generated: 09/04/2014   23:24:59
            Event String:
            The Knowledge Consistency Checker (KCC) was unable to form a complet
e spanning tree network topology. As a result, the following list of sites canno
t be reached from the local site.
         ......................... MDGDC01 failed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... MDGDC01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... MDGDC01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... MDGDC01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... MDGDC01 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... MDGDC01 passed test ObjectsReplicated
      Starting test: Replications
         [Replications Check,MDGDC01] A recent replication attempt failed:
            From DRDC to MDGDC01
            Naming Context: DC=my.domain,DC=local
            The replication generated an error (8453):
            Replication access was denied.
            The failure occurred at 2014-09-04 23:04:59.
            The last success occurred at 2014-09-04 17:57:10.
            1 failures have occurred since the last success.
            The machine account for the destination MDGDC01.
            is not configured properly.
            Check the userAccountControl field.
            Kerberos Error.
            The machine account is not present, or does not match on the.
            destination, source or KDC servers.
            Verify domain partition of KDC is in sync with rest of enterprise.
            The tool repadmin/syncall can be used for this purpose.
         [Replications Check,MDGDC01] A recent replication attempt failed:
            From COLODC to MDGDC01
            Naming Context: DC=my.domain,DC=local
            The replication generated an error (8453):
            Replication access was denied.
            The failure occurred at 2014-09-04 23:19:59.
            The last success occurred at 2014-09-04 19:57:09.
            13 failures have occurred since the last success.
            The machine account for the destination MDGDC01.
            is not configured properly.
            Check the userAccountControl field.
            Kerberos Error.
            The machine account is not present, or does not match on the.
            destination, source or KDC servers.
            Verify domain partition of KDC is in sync with rest of enterprise.
            The tool repadmin/syncall can be used for this purpose.
         [Replications Check,MDGDC01] A recent replication attempt failed:
            From WINDC01 to MDGDC01
            Naming Context: DC=my.domain,DC=local
            The replication generated an error (8453):
            Replication access was denied.
            The failure occurred at 2014-09-04 23:20:00.
            The last success occurred at 2014-09-04 19:57:09.
            14 failures have occurred since the last success.
            The machine account for the destination MDGDC01.
            is not configured properly.
            Check the userAccountControl field.
            Kerberos Error.
            The machine account is not present, or does not match on the.
            destination, source or KDC servers.
            Verify domain partition of KDC is in sync with rest of enterprise.
            The tool repadmin/syncall can be used for this purpose.
         ......................... MDGDC01 failed test Replications
      Starting test: RidManager
         ......................... MDGDC01 passed test RidManager
      Starting test: Services
         ......................... MDGDC01 passed test Services
      Starting test: SystemLog
         ......................... MDGDC01 passed test SystemLog
      Starting test: VerifyReferences
         ......................... MDGDC01 passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : my.domain
      Starting test: CheckSDRefDom
         ......................... my.domain passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... my.domain passed test CrossRefValidation

   Running enterprise tests on : my.domain.local
      Starting test: LocatorCheck
         ......................... my.domain.local passed test LocatorCheck
      Starting test: Intersite
         ......................... my.domain.local passed test Intersite

C:\Windows\system32>
0
Matt
Asked:
Matt
2 Solutions
 
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Refer to links below as it could be caused by multiple issues:

http://support.microsoft.com/kb/2022387
http://support.microsoft.com/kb/329860
0
 
Matt DDomain ArchitectCommented:
Try running DFSR

Add Feature (if not already present): Features --> Remote Server Administration Tools --> Role Administration Tools --> File Services Tools --> DFS Management Tools

Open DFS Management and create a diagnostic report.

Create a diagnostic report for DFS Replication
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now