Link to home
Start Free TrialLog in
Avatar of Andy Howard
Andy HowardFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Replica 2016DC not functioning correctly when remote mainsite SBS2011 DC is unavailable

A 2016 Standard server has been added as a replica DC to a remote SBS2011 server. The two sites are linked via a IPSec VPN and all has functioned well until today.

The SBS2011 site has had a powercut over night so the intersite VPN is down.

None of the AD tools on the 2016 replica DC will work (ADUC, ADSS etc). The error is "Naming information cannot be located because: The specified domain either does not exist or could not be contacted".

It was my understanding that the replica DC would still function should the main DC (SBS2011 in this case) "do down".

What's up?
Many thanks.
Avatar of DrDave242
DrDave242
Flag of United States of America image

Is the 2016 DC a Global Catalog and DNS server, and have you confirmed that AD and SYSVOL replication were working before the SBS 2011 server went down?
Avatar of Andy Howard

ASKER

Thank you for responding. The link between the two sites is available again.
Yes the 2016 server is GC and DNS.
I've just run a dcdiag and see:
Starting test: Netlogons
Unable to connect to the NETLOGON share! (\\DCReplica\netlogon)
[DCReplica] An net use or LsaPolicy operation failed with error 67, the network name cannot be found.
DCReplica failed test Netlogons

Clearly something is wrong then.

I am able to create users or other objects (e.g. OUs) either side and the changes are reflected OK.
I forced a replication with ADSS too and saw no faults.
Run net share from a command prompt on both servers and check to see if the SYSVOL and NETLOGON shares are listed in the output.
HI there. I have just done that for you. On the SBS2011 there are SYSVOL & NETLOGON present, on the 2016 server they are not.
I have run dcdiag again on the 2k16 server and this is the only aspect that appears to be failing.
Cheers
Morning @ DrDave242

All is fixed.

Following your heads up re: net share I googled the sh!t out of this.
On Checking the SBS server I found a bunch of Event ID 13561  “DOMAIN SYSTEM VOLUME (SYSVOL SHARE)” is in JRNL_WRAP_ERROR" in the FRS log.
I referred to a page:
https://www.experts-exchange.com/questions/29112028/Replica-2016DC-not-functioning-correctly-when-remote-mainsite-SBS2011-DC-is-unavailable.html?anchorAnswerId=42642432#a42642432 (use with extreme caution and read the comments at the bottom first!!!)

This fixed the corrupt sysvol on the SBS server (a problem that has been there unseen for long time, even pre the replica DC being added).

Thanks for pointing the way.
ASKER CERTIFIED SOLUTION
Avatar of Andy Howard
Andy Howard
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial