Hi,
We upgarded an NT domain to a 2K domain last year. It's still running in mixed mode. Presently we've three DCs. The problem is that AD is not replicating between the servers. Whenever we add a new DC to the domain, it gets the AD info without a problem but when we try to replicate the AD info through AD Sites and Services tool, it gives a variety of errors, like:
"The security context could not be established due to a failure in the requested quality of service (e.g. mutual authentication or delegation)"
"Directory object not found"
When we run the AD replication monitor for errors, it gives all sorts of errors of repli between three servers. The errors are like:
1. The RPC server is unavailable. (From 1st DC to 3rd DC)
2. Access is denied. (From 2nd and 3rd DC to 1st DC)
3. The DSA operation is unable to proceed because of a DNS lookup failure. (From 3rd DC to 2nd DC)
Another issue is that the first upgraded server has a disjoint hostname i.e., if the domain name is abc.com for instance the server's hostname is 1stsrv.abc. instead of 1stsrv.abc.com. Both the other server have the correct hostnames, like: 2ndsrv.abc.com & 3rdsrv.abc.com.
The first server is the DNS server and since it was the first to be upgraded, it's now Schema and Domain Naming Master, along with the RID, PDC and Infra Master. Now if we try to correct the hostname of the first server, we've to demote the server, change the name and then promote, which is a bit difficult. The last three roles can be assigned to other servers but what about the first two? Is there a way to solve this issue and others mentioned above?
The domain uses DNS and WINS and DHCP. All three services work well. If anybody can hep us here, we'd appreciate from the very core of our hearts, really.
Regards,
Mobile Laundry Unit.
We upgarded an NT domain to a 2K domain last year. It's still running in mixed mode. Presently we've three DCs. The problem is that AD is not replicating between the servers. Whenever we add a new DC to the domain, it gets the AD info without a problem but when we try to replicate the AD info through AD Sites and Services tool, it gives a variety of errors, like:
"The security context could not be established due to a failure in the requested quality of service (e.g. mutual authentication or delegation)"
"Directory object not found"
When we run the AD replication monitor for errors, it gives all sorts of errors of repli between three servers. The errors are like:
1. The RPC server is unavailable. (From 1st DC to 3rd DC)
2. Access is denied. (From 2nd and 3rd DC to 1st DC)
3. The DSA operation is unable to proceed because of a DNS lookup failure. (From 3rd DC to 2nd DC)
Another issue is that the first upgraded server has a disjoint hostname i.e., if the domain name is abc.com for instance the server's hostname is 1stsrv.abc. instead of 1stsrv.abc.com. Both the other server have the correct hostnames, like: 2ndsrv.abc.com & 3rdsrv.abc.com.
The first server is the DNS server and since it was the first to be upgraded, it's now Schema and Domain Naming Master, along with the RID, PDC and Infra Master. Now if we try to correct the hostname of the first server, we've to demote the server, change the name and then promote, which is a bit difficult. The last three roles can be assigned to other servers but what about the first two? Is there a way to solve this issue and others mentioned above?
The domain uses DNS and WINS and DHCP. All three services work well. If anybody can hep us here, we'd appreciate from the very core of our hearts, really.
Regards,
Mobile Laundry Unit.