Re-Installing Active Directory

[Michael Angus]

I am currently experiencing some replication issues with
my AD which is spread over 4 sites with WAN links.
Everything appears to be replicating from the primary
site, but 2 of my 3 sites are not replicating back to my
Central Office. I think it may have something to do with
when I built these 2 AD servers at my primary site where
the servers where located. I am receiving errors like
1815 and 1722 from the repadmin /showreps. If anyone
could point me into another direction of where to look
that would be great, but my main question is, are the any
major problems with removing AD from the problem servers
and reinstalling it after the removal has replicated
through my network? The effected servers do not host any
of the major 5 services, as they are basically
file/DNS/Wins servers for my sites but one of them does
have Exchange 2000 installed.

Thanks in advance and for taking the time to read this
post.

 

[Cary Shultz [A.D. MVP]]

Michael,

Generally speaking, doing a dcpromo on a problem DC is not a bad idea. It
should not hurt anything. But once you have Exchange running on one of the
DCs I might hesitate. I am generally not in the practice of installing
Exchange on a Domain Controller so I could not tell you if that would do any
damage. I would think that it would / should not....

However, let's take a look at what is going on. You probably have the
Support Tools installed on your DCs as you mentioned that you have done
repadmin /showreps. I hope that the Support Tools that you installed are
from the Service Pack CD rather than from the WIN2000 Server CD. Not really
a biggie, but the latest Service Pack CD will have the newer, corrected
versions of the many utilities.

Not really able to find anything useful regarding these two errors. Did a
http:///www.eventid.net search for them and only the 1722 had anything. Did
a Knowledge Base Search and the 1722 came up with several things. Do you
have ISA in your organization?

Do this: run a netdiag /v as well as a dcdiag /v on all of your DCs and
let's get an idea of what is going on. You might want to add the
'>c:\netdiag.txt' and '>c:\dcdiag.txt' at the end of both those commands so
that the output will be redirected to a text file so that you can then do a
search for 'error', 'fail' and 'warn'.

My initial thoughts are pointing at DNS. Let's do the netdiag and dcdiag
and go from there....Please do verify that all DCs are reachable via ping
( via IP Address, via NetBIOS name, via FQDN ) and run nslookup as well.

Gotta run, going to breakfast with my wife! Can't keep a pregnant woman
waiting too long!!!! ;-)

HTH,

Cary

 

[Guest]

Hi Cary,

Thanks for your advise. I have run those commands and
there where a few errors, but nothing I had not already
seen unfortunately. I will keep on looking as I may have
overlooked something. I think I may have to either log a
job with MS or try re-installing AD. Don't know which
one yet.

Oh, and thanks for the web site link, it should come in
handy.

Thanks anyway.

Kind Regards
Michael.

 

[Cary Shultz [A.D. MVP]]

Michael,

What were the errors that you saw when running either netdiag or dcdiag?
And what about DNS? Also, here is a link to a very good MSKB article that
helps to troubleshoot Intra Site AD Replication. Clearly not what you are
experiencing but might help out a little bit:

http://support.microsoft.com/default.aspx?scid=kb;en-us;249256

Let's look at the four components of a Site Link: Name, Cost, Schedule and
Transport. The name should be clear. The cost is something that you, the
administrator, set. Everything is relative here. The Schedule is simply
the time period that replication is available. Think of this as a window of
time. Remember that replication is based on two one-way, incoming
connection objects. Those two DCs need to have windows that coincide before
replication can take place. The Transport is simply the mechanism for the
actual replication to take place. You have two choices: RPC or SMTP. RPC
is the more common choice ( in this part of the world ). RPC assumes that
you have a reliable connection between the two Sites. SMTP, on the
otherhand, assumes that you have a less than reliable connection between two
Sites. This is more common in Central and South America. Essentially, a DC
sends encrypted e-mails to it's replication partner.

Now, this brings up a point: replication partners. In Inter Site
Replication each Site has a so-called Bridgehead Server. The replication
between Site A and Site B happens between the Bridgehead Server ( naturally
a DC ) in Site A and the Bridgehead Server is Site B.

Does this help you at all? I am guessing from the error message ( 1722 )
that you have made use of SMTP?

I would also verify that your Sites are properly set up and configured, that
you Subnets are properly set up and associated with the correct Sites and
that your DCs are in the correct Site. I am sure that this is the case but
before spending the money with a call to MS PSS let's just make sure that we
have the basics covered. Sometimes when we get deep into it we overlook the
most basic elements!

HTH,

Cary