Veeam is happy to provide a free NFR license for one year. It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.
COURSE of the MONTH
8 days, 2 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Computer object is not replicated from one DC to another after 24 hours lapsed ?
Posted on 2016-10-31
People,
Can anyone here please assist me in troubleshooting the AD domain controller replication where some of my AD computer object is not replicated after waiting for more than 24 hours from one DC to another ?
Here's some background information:
PRODDC67-VM --> Data Center Domain Controller.
PRODDC70-VM --> Remote Office Domain Controller.
This is the PortQry tool result from one DC to another above:
This is the error from the DCDIAG from PRODDC70-VM:
Any help would be greatly appreciated.
Thanks,
Can anyone here please assist me in troubleshooting the AD domain controller replication where some of my AD computer object is not replicated after waiting for more than 24 hours from one DC to another ?
Here's some background information:
PRODDC67-VM --> Data Center Domain Controller.
PRODDC70-VM --> Remote Office Domain Controller.
This is the PortQry tool result from one DC to another above:
portqry.exe -n PRODDC70-VM -e 135 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 137 -p UDP exits with return code 0x80000003.
portqry.exe -n PRODDC70-VM -e 138 -p UDP exits with return code 0x00000002.
portqry.exe -n PRODDC70-VM -e 139 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 3268 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 3269 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 389 -p BOTH exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 42 -p TCP exits with return code 0x00000001.
portqry.exe -n PRODDC70-VM -e 445 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 53 -p BOTH exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 636 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC70-VM -e 88 -p BOTH exits with return code 0x00000002.
portqry.exe -n PRODDC67-VM -e 135 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 137 -p UDP exits with return code 0x80000003.
portqry.exe -n PRODDC67-VM -e 138 -p UDP exits with return code 0x00000002.
portqry.exe -n PRODDC67-VM -e 139 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 3268 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 3269 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 389 -p BOTH exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 42 -p TCP exits with return code 0x00000001.
portqry.exe -n PRODDC67-VM -e 445 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 53 -p BOTH exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 636 -p TCP exits with return code 0x00000000.
portqry.exe -n PRODDC67-VM -e 88 -p BOTH exits with return code 0x00000002.
This is the error from the DCDIAG from PRODDC70-VM:
Starting test: KccEvent
A warning event occurred. EventID: 0x8000061E
Time Generated: 11/01/2016 17:21:00
Event String:
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
An error event occurred. EventID: 0xC000051F
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
A warning event occurred. EventID: 0x80000749
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.
A warning event occurred. EventID: 0x8000061E
Time Generated: 11/01/2016 17:21:00
Event String:
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
An error event occurred. EventID: 0xC000051F
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
A warning event occurred. EventID: 0x80000749
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.
A warning event occurred. EventID: 0x8000061E
Time Generated: 11/01/2016 17:21:00
Event String:
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
An error event occurred. EventID: 0xC000051F
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
A warning event occurred. EventID: 0x80000749
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.
A warning event occurred. EventID: 0x8000061E
Time Generated: 11/01/2016 17:21:00
Event String:
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
An error event occurred. EventID: 0xC000051F
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
A warning event occurred. EventID: 0x80000749
Time Generated: 11/01/2016 17:21:00
Event String:
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.
Any help would be greatly appreciated.
Thanks,
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3
4 Comments
Active today
Niten,
This is the error result from the PRODDC67-VM
This is the error result from the PRODDC67-VM
PRODDC67-VM: Current time is 2016-11-01 10:23:40.
DC=ForestDnsZones,DC=MyDomain,DC=local
Last replication received from PRODDC70-VM at 2016-10-11 20:06:33
DC=DomainDnsZones,DC=MyDomain,DC=local
Last replication received from PRODDC70-VM at 2016-10-11 20:06:33
CN=Schema,CN=Configuration,DC=MyDomain,DC=local
Last replication received from PRODDC70-VM at 2016-10-11 20:06:32
CN=Configuration,DC=MyDomain,DC=local
Last replication received from PRODDC70-VM at 2016-10-11 20:06:32
DC=MyDomain,DC=local
Last replication received from PRODDC70-VM at 2016-10-11 20:06:32
Active 2 days ago
Seems like you have connectivity issues since the last replication happened on 11-10-2016. Do you have two DCs in your environment only. Is the time on both dcs synchronized. Can you run repadmin /replsum and repadmin /syncall and see if you get any errors.
Active 2 days ago
There is a technet thread with an error similar to yours on at the link below.
https://social.technet.microsoft.com/Forums/windowsserver/en-US/e689b8d9-845e-4f2e-af6b-b237fb76ebb4/the-knowledge-consistency-checker-kcc-was-unable-to-form-a-complete-spanning-tree-network?forum=winserverDS
The issue was solved by registering the w32time...see link below:
https://awinish.wordpress.com/2011/10/07/time-server-role-in-forestdomain-2/
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site
https://social.technet.microsoft.com/Forums/windowsserver/en-US/e689b8d9-845e-4f2e-af6b-b237fb76ebb4/the-knowledge-consistency-checker-kcc-was-unable-to-form-a-complete-spanning-tree-network?forum=winserverDS
The issue was solved by registering the w32time...see link below:
https://awinish.wordpress.com/2011/10/07/time-server-role-in-forestdomain-2/
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory.
If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Compliance and data security require steps be taken to prevent unauthorized users from copying data. Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites.
Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month8 days, 2 hours left to enroll
765 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.