In news:236907F0-2ECD-4A49-AE5C-(E-Mail Removed),
Greg <(E-Mail Removed)> typed:
> We have 4 sites with a DC at each site. Replication
> is set both ways but only works 1 way. The NY
> which is a win 2000 PDC in mixed mode, can propagate
> AD changes down to the other sites. The other
> sites can not send AD changes back. I ran the diagnostic
> below and this is what I discovered.
>
> dcdiag /test:replications
> Doing primary tests
>
> From LRCSRVNY001 to LRCSRVMD001
> Naming Context: CN=Schema,CN=Configuration,DC=allstar,DC=com
> The replication generated an error (8524):
> The DSA operation is unable to proceed because of a DNS lookup
> failure. The failure occurred at 2008-03-29 13:03.16.
>
>
>
> When you look at The DNS configuration on the LRCSRVNY001 server in
> DNS under _msdcs,
> it is not listed. Are there any dangers to
> adding this entery under _msdcs. TIA
Which DNS server(s) is the NY DC pointed to?
Are there multiple domains or are they all in one domain? I ask because you
mentioned that the NY site's DC is in mixed mode. This was somewhat
confusing beacuse the term defines Functional Levels for domains and
forests, but not a specific domain controller.
Are all DCs in the infrastructure (whether single or multiple domains) all
Windows 2000 or are there also Windows 2003 DCs?
Are there any blocked firewall ports between any of the locations? Keep in
mind, ALL UDP and TCP ports MUST be opened completely between locations.
What type of line is at each location? Are they digital lines, such as T1s,
or are they cable or ADSL? ADSL can be problemati due PPPoE's MTU
requirement being less than 1500.
Post any Eventlog errors on any of the DCs please. Post the EventID # and
Source name.
Is there a host record entry for LRCSRVNY001?
If you want to create an entry for LRCSRVNY001, you could try it, and it may
work, but the fact that it is not present poses a greater concern why it
never registered, hence my questioning.
To better assist, please post an ipconfig /all from each DC in your 4
locations. This will help us get a better 'view' of your network to help
come up with a possible resolution.
By the way, the term "PDC" is a legacy term from the NT4 days and don't
really apply to Windows 2000/2003/2008. In the later Windows versions, we
just call them domain controllers, or 'replica' domain controllers, or just
DCs. Keep in mind however there is a FSMO role that runs on one of the DCs
in each domain called the PDC Emulator. When the domain is in mixed mode,
the PDC emulator will support any NT4 BDCs that exist in an AD domain as
well as other functions. However in raised levels such as Windows 2000 or
2003 levels, NT4 BDC support disappears but it still supports other
functions such as time sync (extermely important for Kerberos), password
sync, and source fo the writable GPO DC, and others.
--
Regards,
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly. Please
check
http://support.microsoft.com for regional support phone numbers.
Infinite Diversities in Infinite Combinations
Similar Threads
