NTDS Replication error
Hi
We keep getting the below error appearing in the event viewer on our DC. It's a 2008 R2 server. We also have 2 other DCs, running 2003.
Alongside this, the server keeps having intermittent problems where the company data folder (F: mapped drive to the server /data share) keeps losing connection. When this happens, no connection can be made to the server via UNC path or IP, whether it is pinging or attempting to access the c$ or other shares.
Any help would be much appreciated.
Cheers
Dom
We keep getting the below error appearing in the event viewer on our DC. It's a 2008 R2 server. We also have 2 other DCs, running 2003.
Alongside this, the server keeps having intermittent problems where the company data folder (F: mapped drive to the server /data share) keeps losing connection. When this happens, no connection can be made to the server via UNC path or IP, whether it is pinging or attempting to access the c$ or other shares.
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 19/08/2015 15:04:03
Event ID: 1955
Task Category: Replication
Level: Information
Keywords: Classic
User: ANONYMOUS LOGON
Computer: MAINSERVER.sadofskys.local
Description:
Active Directory Domain Services encountered a write conflict when applying replicated changes to the following object.
Object:
CN=Administrator,CN=Users,DC=sadofskys,DC=local
Time in seconds:
0
Event log entries preceding this entry will indicate whether or not the update was accepted.
A write conflict can be caused by simultaneous changes to the same object or simultaneous changes to other objects that have attributes referencing this object. This commonly occurs when the object represents a large group with many members, and the functional level of the forest is set to Windows 2000. This conflict triggered additional retries of the update. If the system appears slow, it could be because replication of these changes is occurring.
User Action
Use smaller groups for this operation or raise the forest functional level to Windows Server 2003.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS Replication" />
<EventID Qualifiers="16384">1955</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>5</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2015-08-19T14:04:03.978663600Z" />
<EventRecordID>21148</EventRecordID>
<Correlation />
<Execution ProcessID="592" ThreadID="1624" />
<Channel>Directory Service</Channel>
<Computer>MAINSERVER.sadofskys.local</Computer>
<Security UserID="S-1-5-7" />
</System>
<EventData>
<Data>CN=Administrator,CN=Users,DC=sadofskys,DC=local</Data>
<Data>0</Data>
</EventData>
</Event>Any help would be much appreciated.
Cheers
Dom
ASKER
Hi Guy
The functional level is 2003.
We're not sure, hence the error above.
Cheers
Dom
The functional level is 2003.
We're not sure, hence the error above.
Cheers
Dom
Ho Dom,
Run
Also, please open up powershell on a DC and run
And post the results, removing any confidential info of course...
Regards
Guy
Run
Repadmin /Replsum /bySrc /Bydest /sort:DeltaAlso, please open up powershell on a DC and run
Import-Module ActiveDirectory
Get-ADDomain | fl Name,DomainMode
Get-ADForest | fl Name,ForestModeAnd post the results, removing any confidential info of course...
Regards
Guy
ASKER
There were no errors when running Repadmin
Name : server
DomainMode : Windows2003Domain
PS C:\Users\administrator.ser
Name : server.local
ForestMode : Windows2003Forest
Thank you
Name : server
DomainMode : Windows2003Domain
PS C:\Users\administrator.ser
Name : server.local
ForestMode : Windows2003Forest
Thank you
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
All of the FSMO roles are on the main DC. The other two DC's are also logging the same event error
I will try the IP reset later this evening when the server wont be used.
Thanks so far
I will try the IP reset later this evening when the server wont be used.
Thanks so far
To be clear, the error is appearing on all DC's, but only one has odd connectivity issues?
ASKER
Yes. We only have one mapped drive and that data sits on the main DC.
ASKER
Good Morning Guy
I have done the TCP/IP reset and will see how things go today. For the last week or so, it usually goes wrong quite quickly so I will find out if thats worked or not.
I will keep you posted.
Thanks
I have done the TCP/IP reset and will see how things go today. For the last week or so, it usually goes wrong quite quickly so I will find out if thats worked or not.
I will keep you posted.
Thanks
ASKER
Unfortunately we are sill experiencing the same issues. It does seem to be happening more on one particular PC though at the minute. This PC has lost connectivity with the server about 8 times today.
I can start pinging the server from the PC with -t and it comes back with some pings and then drops off all together. Pinging the server by name then pings via IPv6 and it sometimes comes back with 'General Failure'.
Do you have any more thoughts on what I could try please?
Thanks
I can start pinging the server from the PC with -t and it comes back with some pings and then drops off all together. Pinging the server by name then pings via IPv6 and it sometimes comes back with 'General Failure'.
Do you have any more thoughts on what I could try please?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Any update on this one?
ASKER
We run Sophos Endpoint Protection and there's no AV warnings at the moment.
We've actually replaced the PC that was getting the worst of it now and it seems very intermittent elsewhere but I'll keep an eye on it and reopen the question if it hasn't resolved.
We've actually replaced the PC that was getting the worst of it now and it seems very intermittent elsewhere but I'll keep an eye on it and reopen the question if it hasn't resolved.
Can you confirm the functional level of the Domain?
Also, can you confirm AD replication is working as expected?
regards
Guy