Active Directory Replication 1

[shreks]

Hi,

When trying to "Check Replication Topology" using AD Sites and Services for one of my domain controllers (not the GC, PDC etc - This DC was recently added to our domain), I receive the following error:

"the following error occurred during the attempt to contact the domain controller:
The Active Directory property cannot be found in the cache"

Any help on this would be greatly appreciated as the domain controller that is having this problem is not replicating back to the first domain controller (which is the PDC)

I am using Windows Server 2000 on both Domain Controllers

Many Thanks

Neil Davis

 

[markdmac]

Neil,

First off there is no PDC. All DC's in Win2K are peers.

Check all of your DNS settings on these servers. 99% of replication problems are related to DNS. Install DNS on each DC.

Verify that in DNS the "Listen On Ports" settings only list the IP of the local server. On the Forwarders tab be sure you hae the DNS servers of your ISP.

Lastly, in the TCP/IP settings for the local NICs, make sure that the DNS server settings point to each other as primary and themselves as secondary. DO NOT list your ISP DNS servers on the NIC TCP/IP configuration.


I hope you find this post helpful. Please let me know if it was.

Regards,

Mark

 

[shreks]

Well we have only got DNS on one of our servers, and just to add to the story which I probably should have mentioned before is that we demoted a DC, formated the server rebuilt and renamed it (ip address was also changed)
we the promoted the new one to be a DC and on further investigation I noticed that the demotion process was not 100% successful as the old server name still existed in users and computers/domain controllers.

So I ran NTDSUTIL to delete this server information from the domain, which was successful.....so I thought.

Once I realised replication was only working from the main server to the new one and not in the other direction I ran the report from AD replication monitor and this is an extract:

***************************************************************************

This server currently has writable copies of the following directory partitions:
---------------------------------------------------------------------------
CN=Schema,CN=Configuration,DC=dms,DC=co,DC=uk
CN=Configuration,DC=dms,DC=co,DC=uk
DC=dms,DC=co,DC=uk

Because this server is a Global Catalog (GC) server, it also has copies
of the following directory partitions:
---------------------------------------------------------------------------

Current NTDS Connection Objects
-------------------------------
Default-First-Site-Name\ZOOT
Connection Name : ZOOT
Administrator Generated?: YES
Reasons for this connection:
Directory Partition (CN=Schema,CN=Configuration,DC=dms,DC=co,DC=uk)
This replication connection is created because another replication partner has surpassed the allowed failure limit.

Directory Partition (CN=Configuration,DC=dms,DC=co,DC=uk)
This replication connection is created because another replication partner has surpassed the allowed failure limit.

Directory Partition (DC=dms,DC=co,DC=uk)
This replication connection is created because another replication partner has surpassed the allowed failure limit.


Current Direct Replication Partner Status
-----------------------------------------

Directory Partition: CN=Schema,CN=Configuration,DC=dms,DC=co,DC=uk

Partner Name: **DELETED SERVER #1
Partner GUID: 9B93A13A-72FA-4DC6-9D87-A36390EB85B6
Last Attempted Replication: 2/25/2005 11:59:52 AM (local)
Last Successful Replication: 4/26/2004 3:55:14 PM (local)
Number of Failures: 7370
Failure Reason Error Code: 8524
Failure Description: The DSA operation is unable to proceed because of a DNS lookup failure.
Synchronization Flags: DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
USN of Last Property Updated: 1987638
USN of Last Object Updated: 1987638
Transport:

Change Notifications for this Directory Partition
-------------------------------------------------
Server Name: Default-First-Site-Name\ZOOT
Object GUID: 1352B1A0-BEFB-41BF-87CC-977EADDF09C0
Time Added: 02/09/2014 02:27:51
Flags: DRS_WRIT_REP
Transport: RPC

Directory Partition: CN=Configuration,DC=dms,DC=co,DC=uk

Partner Name: **DELETED SERVER #1
Partner GUID: 9B93A13A-72FA-4DC6-9D87-A36390EB85B6
Last Attempted Replication: 2/25/2005 11:59:52 AM (local)
Last Successful Replication: 4/26/2004 4:45:03 PM (local)
Number of Failures: 67341
Failure Reason Error Code: 8524
Failure Description: The DSA operation is unable to proceed because of a DNS lookup failure.
Synchronization Flags: DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
USN of Last Property Updated: 1987878
USN of Last Object Updated: 1987878
Transport:

It looks like it still has the old server set up in AD as it's replication partner (**Delete server #1) and has not got the new server, zoot as it's replication partner.

I hope this makes sense?

Ta

Neil

 

[markdmac]

OK, I think I can help you here.

Take a look at my FAQ faq96-4733. At the bottom of the FAQ is a script I got from Microsoft. Save that text to a VBS extension and execute the script on a DC. It will report to you all of the known DCs. You should hopefully still see the bad server there. Enter the name and the script will remove it from AD for you.

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark