Replication issue

-

we have 5 domain, 1 parent domain , 4 child domain.

we need testing clone dc lab test.

but after cloning, replication not work within same domain , have usn error,

so demote 1 , repromote (i read document technet)

 the situation that, parentdc 1 , parent dc2 (demoted , repromoted),

child dc1 (demoted , repromoted), child dc2

the domain dc can replicate between same domain cannot cross domain.

but can ping other server , nslookup

i have dcdiag these 4 server.

parent dc1

   testing server: parentsite\parentdc1
      starting test: connectivity
         ......................... parentdc1 passed test connectivity

doing primary tests
  
   testing server: parentsite\parentdc1
      starting test: replications
      
         [replications check,parentdc1] recent replication attempt failed:
            childdc1 parentdc1
            naming context: dc=forestdnszones,dc=ad,dc=xx,dc=local
            replication generated error (1256):
            remote system not available. network connection issue, please see windows help
            failure occurred @ 2010-09-22 10:55:21.
            last success occurred @ 2010-08-09 01:52:43.
            468 failures have occurred since last success.
         [replications check,parentdc1] recent replication attempt failed:
            childdc2 parentdc1
            naming context: dc=forestdnszones,dc=ad,dc=xx,dc=local
            replication generated error (1256):
            remote system not available. network connection issue, please see windows help
            failure occurred @ 2010-09-22 10:57:09.
            last success occurred @ 2010-08-09 01:52:43.
            469 failures have occurred since last success.
      
         [replications check,parentdc1] recent replication attempt failed:
            childdc1 parentdc1
            naming context: cn=schema,cn=configuration,dc=ad,dc=xx,dc=local
            replication generated error (8524):
            dsa operation unable proceed because of dns lookup failure。
            failure occurred @ 2010-09-22 10:45:28.
            last success occurred @ 2010-08-09 01:52:05.
            468 failures have occurred since last success.
            guid-based dns name 54331e1c-993e-4d8a-85fe-acf140e2608d._msdcs.ad.xx.local
            not registered on 1 or more dns servers.
         [replications check,parentdc1] recent replication attempt failed:
            childdc2 parentdc1
            naming context: cn=schema,cn=configuration,dc=ad,dc=xx,dc=local
            replication generated error (8524):
            dsa operation unable proceed because of dns lookup failure。
            failure occurred @ 2010-09-22 10:45:51.
            last success occurred @ 2010-08-09 01:52:43.
            469 failures have occurred since last success.
            guid-based dns name 9ebfeca8-7272-41e7-97d2-9fe00b7b990d._msdcs.ad.xx.local
            not registered on 1 or more dns servers.
         [replications check,parentdc1] recent replication attempt failed:
            childdc1 parentdc1
            naming context: cn=configuration,dc=ad,dc=xx,dc=local
            replication generated error (8524):
            dsa operation unable proceed because of dns lookup failure。
            failure occurred @ 2010-09-22 10:55:21.
            last success occurred @ 2010-08-09 01:51:26.
            469 failures have occurred since last success.
            guid-based dns name 54331e1c-993e-4d8a-85fe-acf140e2608d._msdcs.ad.xx.local
            not registered on 1 or more dns servers.
         [replications check,parentdc1] recent replication attempt failed:
            childdc2 parentdc1
            naming context: cn=configuration,dc=ad,dc=xx,dc=local
            replication generated error (8524):
            dsa operation unable proceed because of dns lookup failure。
            failure occurred @ 2010-09-22 10:57:09.
            last success occurred @ 2010-08-09 01:51:27.
            469 failures have occurred since last success.
            guid-based dns name 9ebfeca8-7272-41e7-97d2-9fe00b7b990d._msdcs.ad.xx.local
            not registered on 1 or more dns servers.
         [replications check,parentdc1] recent replication attempt failed:
            childdc1 parentdc1
            naming context: dc=gd,dc=ad,dc=xx,dc=local
            replication generated error (1256):
            remote system not available. network connection issue, please see windows help
            failure occurred @ 2010-09-22 10:55:21.
            last success occurred @ 2010-08-09 01:52:44.
            464 failures have occurred since last success.
               replication-received latency warning
         parentdc1:  current time 2010-09-22 11:00:40.
            dc=forestdnszones,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:57:03.
               last replication recieved childdc1 @ 2010-08-09 03:57:03.
            cn=schema,cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:56:25.
               last replication recieved childdc1 @ 2010-08-09 03:56:25.
            cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:55:47.
               last replication recieved childdc1 @ 2010-08-09 03:55:47.
            dc=child,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:57:04.
               last replication recieved childdc1 @ 2010-08-09 03:57:04.
                  ......................... parentdc1 passed test replications
      starting test: ncsecdesc
         ......................... parentdc1 passed test ncsecdesc
      starting test: netlogons
         ......................... parentdc1 passed test netlogons
      starting test: advertising
         fatal error:dsgetdcname (parentdc1) call failed, error 1355
         locator not find server.
         ......................... parentdc1 failed test advertising
      starting test: knowsofroleholders
         ......................... parentdc1 passed test knowsofroleholders
      starting test: ridmanager
         ......................... parentdc1 passed test ridmanager
      starting test: machineaccount
         ......................... parentdc1 passed test machineaccount
      starting test: services
            netlogon service paused on [parentdc1]
         ......................... parentdc1 failed test services
      starting test: objectsreplicated
         ......................... parentdc1 passed test objectsreplicated
      starting test: frssysvol
         ......................... parentdc1 passed test frssysvol
      starting test: frsevent
         there warning or error events within last 24 hours after the         sysvol has been shared.  failing sysvol replication problems may cause         group policy problems.
         ......................... parentdc1 failed test frsevent
      starting test: kccevent
        
         ......................... parentdc1 failed test kccevent
      starting test: systemlog
                 ......................... parentdc1 failed test systemlog
    
   running enterprise tests on : ad.xx.local
      starting test: intersite
         ......................... ad.xx.local passed test intersite
      starting test: fsmocheck
         warning: dcgetdcname(gc_server_required) call failed, error 1355
         global catalog server not located - gc's down.
         warning: dcgetdcname(time_server) call failed, error 1355
         time server not located.
         server holding pdc role down.
         warning: dcgetdcname(good_time_server_preferred) call failed, error 1355
         time server not located.
         warning: dcgetdcname(kdc_required) call failed, error 1355
         kdc not located - kdcs down.
         ......................... ad.xx.local failed test fsmocheck

 

parent dc 2


domain controller diagnosis

performing initial setup:
   done gathering initial info.

doing initial required tests
  
   testing server: parentsite\parentdc2
      starting test: connectivity
         ......................... parentdc2 passed test connectivity

doing primary tests
  
   testing server: parentsite\parentdc2
      starting test: replications
         replication-received latency warning
         parentdc2:  current time 2010-09-22 10:59:55.
            dc=forestdnszones,dc=ad,dc=xx,dc=local
              
               last replication recieved childdc2 @ 2010-08-09 03:57:03.
               last replication recieved childdc1 @ 2010-08-09 03:57:03.
            cn=schema,cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:56:25.
               last replication recieved childdc1 @ 2010-08-09 03:56:25.
            cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:55:47.
               last replication recieved childdc1 @ 2010-08-09 03:55:47.
           
            dc=child,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:57:04.
               last replication recieved childdc1 @ 2010-08-09 03:57:04.
           
         ......................... parentdc2 passed test replications
      starting test: ncsecdesc
         ......................... parentdc2 passed test ncsecdesc
      starting test: netlogons
         unable connect netlogon share! (\\parentdc2\netlogon)
         [parentdc2] net use or lsapolicy operation failed error 1203, no network provider accepted given network path.
         ......................... parentdc2 failed test netlogons
      starting test: advertising
         fatal error:dsgetdcname (parentdc2) call failed, error 1355
         locator not find server.
         ......................... parentdc2 failed test advertising

      starting test: frssysvol
         ......................... parentdc2 passed test frssysvol
      starting test: frsevent
         there warning or error events within last 24 hours after the         sysvol has been shared.  failing sysvol replication problems may cause         group policy problems.
         ......................... parentdc2 failed test frsevent
      starting test: kccevent
       
         ......................... parentdc2 failed test kccevent
      starting test: systemlog
       
         error event occured.  eventid: 0xc0000001
            time generated: 09/22/2010   10:46:54
            event string: initiator failed connect target. target         ......................... parentdc2 failed test systemlog
   
   
   running partition tests on : ad
      starting test: crossrefvalidation
         ......................... ad passed test crossrefvalidation
      starting test: checksdrefdom
         ......................... ad passed test checksdrefdom
  
   running enterprise tests on : ad.xx.local
      starting test: intersite
         ......................... ad.xx.local passed test intersite
      starting test: fsmocheck
         warning: dcgetdcname(gc_server_required) call failed, error 1355
         global catalog server not located - gc's down.
         warning: dcgetdcname(time_server) call failed, error 1355
         time server not located.
         server holding pdc role down.
         warning: dcgetdcname(good_time_server_preferred) call failed, error 1355
         time server not located.
         warning: dcgetdcname(kdc_required) call failed, error 1355
         kdc not located - kdcs down.
         ......................... ad.xx.local failed test fsmocheck

 

child dc 1


domain controller diagnosis

performing initial setup:
   done gathering initial info.

doing initial required tests
  
   testing server: parentsite\parentdc1
      starting test: connectivity
         ......................... parentdc1 passed test connectivity

doing primary tests
  
   testing server: parentsite\parentdc1
      starting test: replications
      
         [replications check,parentdc1] recent replication attempt failed:
            childdc1 parentdc1
            naming context: dc=forestdnszones,dc=ad,dc=xx,dc=local
            replication generated error (1256):
            remote system not available. network connection issue, please see windows help
            failure occurred @ 2010-09-22 10:55:21.
            last success occurred @ 2010-08-09 01:52:43.
            468 failures have occurred since last success.
         [replications check,parentdc1] recent replication attempt failed:
            childdc2 parentdc1
            naming context: dc=forestdnszones,dc=ad,dc=xx,dc=local
            replication generated error (1256):
            remote system not available. network connection issue, please see windows help
            failure occurred @ 2010-09-22 10:57:09.
            last success occurred @ 2010-08-09 01:52:43.
            469 failures have occurred since last success.
       
               replication-received latency warning
         parentdc1:  current time 2010-09-22 11:00:40.
            dc=forestdnszones,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:57:03.
               last replication recieved childdc1 @ 2010-08-09 03:57:03.
            cn=schema,cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:56:25.
               last replication recieved childdc1 @ 2010-08-09 03:56:25.
            cn=configuration,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:55:47.
               last replication recieved childdc1 @ 2010-08-09 03:55:47.
            dc=child,dc=ad,dc=xx,dc=local
               last replication recieved childdc2 @ 2010-08-09 03:57:04.
               last replication recieved childdc1 @ 2010-08-09 03:57:04.
                  ......................... parentdc1 passed test replications

      starting test: services
            netlogon service paused on [parentdc1]
         ......................... parentdc1 failed test services
tdc1 passed test frssysvol
      starting test: frsevent
         there warning or error events within last 24 hours after the         sysvol has been shared.  failing sysvol replication problems may cause         group policy problems.
         ......................... parentdc1 failed test frsevent
      starting test: kccevent
        
         ......................... parentdc1 failed test kccevent
      starting test: systemlog
                 ......................... parentdc1 failed test systemlog

      starting test: fsmocheck
         warning: dcgetdcname(gc_server_required) call failed, error 1355
         global catalog server not located - gc's down.
         warning: dcgetdcname(time_server) call failed, error 1355
         time server not located.
         server holding pdc role down.
         warning: dcgetdcname(good_time_server_preferred) call failed, error 1355
         time server not located.
         warning: dcgetdcname(kdc_required) call failed, error 1355
         kdc not located - kdcs down.
         ......................... ad.xx.local failed test fsmocheck

child dc2


domain controller diagnosis

performing initial setup:
   done gathering initial info.

doing initial required tests
  
   testing server: childsite\childdc2
      starting test: connectivity
         host 9ebfeca8-7272-41e7-97d2-9fe00b7b990d._msdcs.ad.xx.local not resolved an
         ip address.  check dns server, dhcp, server name, etc
         although guid dns name         (9ebfeca8-7272-41e7-97d2-9fe00b7b990d._msdcs.ad.xx.local) couldn't be         resolved, server name (childdc2.child.ad.xx.local) resolved to         ip address (10.37.57.12) , pingable.  check ip         address registered correctly dns server.
         ......................... childdc2 failed test connectivity

doing primary tests
  
   testing server: childsite\childdc2
      skipping tests, because server childdc2 is
      not responding directory service requests
   
   
   
   running enterprise tests on : ad.xx.local
      starting test: intersite
         ......................... ad.xx.local passed test intersite
      starting test: fsmocheck
         warning: dcgetdcname(time_server) call failed, error 1355
         time server not located.
         server holding pdc role down.
         warning: dcgetdcname(good_time_server_preferred) call failed, error 1355
         time server not located.
         warning: dcgetdcname(kdc_required) call failed, error 1355
         kdc not located - kdcs down.
         ......................... ad.xx.local failed test fsmocheck

thanks,

we fixed it, call microsoft, fix, see him tring modify regedit , working fine now



Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

WIMMount (HSM) causing cluster storage to go redirected (2012r2 DC)

-
looking options resolve error , prevent in future. thanks help. hardware: 2 node dell hv cluster running2012r2 dc 8 nic/ea in multiplex mode 4x hyper-v 4x hosts storage: 2x synology nas, accessed through iscsi hosts , cluster relevant logs: log name:      microsoft-windows-failoverclustering/diagnostic source:        microsoft-windows-failoverclustering date:          event id:      2050 task category: none level:         warning keywords:       user:          system computer:      l description: [dcm] filter wimmount found @ unsafe altitude 180700 log name:      system source:        microsoft-windows-failoverclustering date:         event id:      5125 task category: cluster shared volume level:         warning keywords:       user:          system computer: description: cluster shared volume 'volume1' ('cluster disk 1') has identified 1 or more active filter drivers on device stack interfere csv operatio
Read more

Failed to delete the test record dcdiag-test-record in zone test.com

-
ps c:\users\administrator.test> dcdiag /test:dns directory server diagnosis performing initial setup:    trying find home server...    home server = dc02    * identified ad forest.    done gathering initial info. doing initial required tests    testing server: default-first-site-name\dc02       starting test: connectivity          ......................... dc02 passed test connectivity doing primary tests    testing server: default-first-site-name\dc02       starting test: dns          dns tests running , not hung. please wait few minutes...          ......................... dc02 passed test dns    running partition tests on : forestdnszones    running partition tests on : domaindnszones    running partition tests on : schema    running partition tests on : configuration    running partition tests on : test    running enterprise tests on : test.com       starting test: dns          test results domain
Read more

Azure MFA with Azure AD and RDS

-
i have setup following lab in azure , need help. a server (domain controller) , remote desktop services. and server multi factor authentication server. i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/ and when im connecting got following error. the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003". also on security log i've got following authentication details: connection request policy name: ts gateway authorization policy network policy name: - authentication provider: radius proxy authentication server: test.test.local authentication type: - eap t
Read more