InSearchOf
asked on
Dcdiag failures on some of my domain controllers
We are running win 2008 R2 domain controllers. I am having some replication issues. I ran dcdiag and everything passed except the KCCevent test. I am also getting event id 1311 under active directory_domain service
ASKER
1. Not sure if it was running before.
2. When I look at sites and services I some entries with weird numbers like a GUID
3. Windows Firewall is enabled
2. When I look at sites and services I some entries with weird numbers like a GUID
3. Windows Firewall is enabled
Disable, by now the windows firewall just to test.
Using the event viewer filter you are able to see form where this is happening, and how often are that events traced.
Using the event viewer filter you are able to see form where this is happening, and how often are that events traced.
ASKER
Alright. I stopped the service and I lost connectivity with site. One should have nothing to do with the other unless it is coincidental. Might be having an ISP issue
The DC are not being sincronized. How long have been traced that even 1311 ?. If time ago, I don't think it is an ISP problem.
Once you get access again, please check the inter-site transports.
So, the servers are in different locations... then you must have two sites defined under Active Directory Sites and services.
..MFlores..
Once you get access again, please check the inter-site transports.
So, the servers are in different locations... then you must have two sites defined under Active Directory Sites and services.
..MFlores..
ASKER
yes I have different sites. When I check the NTDS settings for the different sites I se entries in there that look like a GUID.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Despite of the firewall, the AD objects let's say; users settings are replicated correctly?.
i.e. if you create a new user in the master AD, it is replicated to the other?
i.e. if you create a new user in the master AD, it is replicated to the other?
It is better if you can paste a screenshot of your current AD site and services config.
Find attached a running AD with 2 DC (one Windows 2003 + one Windows 2012) so you can see what a correct structure must show.
deh-ad-config.png
Find attached a running AD with 2 DC (one Windows 2003 + one Windows 2012) so you can see what a correct structure must show.
deh-ad-config.png
Tool: Active Directory Replication Status Tool
https://www.microsoft.com/ en-us/down load/detai ls.aspx?id =30005
I never have to use this tool yet, however seems specific for this issue.
https://www.microsoft.com/
I never have to use this tool yet, however seems specific for this issue.
ASKER
Thanks for all the help. I have one last question about the "DEFAULTIPSITELINK". Should all my sites be included in that link?
1. It was running before?
2. You must check the configuration under Active Directory Sites and Services Manager. Maybe some network changes (did you make any change?) don't match with that configuration.
3. Did you enable the windows firewall service?. Could you by now stop the firewall if they are running?. You'll find running; services.msc
..MFlores..