Replication doesn't work between two DCs in the same site.

V

Voytek

Hi everyone,

I have two DCs that will not replicate changes. One was shut down for
a long period of time. I have followed the instructions given in MS KB
article q26057 without any success, even though the symptoms match my
scenario.

Any other suggestions will be greatly appreciated.
 
D

David Pharr [MSFT]

The kb article number you provided isn't correct, it is missing one number
(there should be six numbers). Are you referring to kb 260575 that
outlines how to reset the secure channel?

How long was this machine shutdown? DCs are not designed to be offline and
not communicating with one another - this breaks replication due to a
busted secure channel. If that machine has been offline for longer than
the tombstone lifetime period (by default it is 60 days) you need to
rebuild that machine.

If you have SP4 installed you can force the machine down to a member server
in a workgroup and remove Active Directory from it using dcpromo
/forceremoval (see kb 332199), perform a metadata cleanup of that machine's
computer account from Active Directory on the other DC per kb 216498, join
that machine back to the domain as a member server then promote it again as
a DC.

David Pharr, (e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: (e-mail address removed) (Voytek)
| Newsgroups: microsoft.public.win2000.active_directory
| Subject: Replication doesn't work between two DCs in the same site.
| Date: 8 Jan 2004 19:01:08 -0800
| Organization: http://groups.google.com
| Lines: 8
| Message-ID: <[email protected]>
| NNTP-Posting-Host: 129.49.78.111
| Content-Type: text/plain; charset=ISO-8859-1
| Content-Transfer-Encoding: 8bit
| X-Trace: posting.google.com 1073617269 20225 127.0.0.1 (9 Jan 2004
03:01:09 GMT)
| X-Complaints-To: (e-mail address removed)
| NNTP-Posting-Date: Fri, 9 Jan 2004 03:01:09 +0000 (UTC)
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
.phx.gbl!newsfeed00.sul.t-online.de!t-online.de!news-spur1.maxwell.syr.edu!n
ews.maxwell.syr.edu!postnews1.google.com!not-for-mail
| Xref: cpmsftngxa07.phx.gbl microsoft.public.win2000.active_directory:62007
| X-Tomcat-NG: microsoft.public.win2000.active_directory
|
| Hi everyone,
|
| I have two DCs that will not replicate changes. One was shut down for
| a long period of time. I have followed the instructions given in MS KB
| article q26057 without any success, even though the symptoms match my
| scenario.
|
| Any other suggestions will be greatly appreciated.
|
 
V

Voytek

Thank you for your responses everyone.

Yes I was referring to kb 260575.

The error was always "access denied".

I actually managed to solve the problem by:
1. stopping the KKDC service on the other server - one that held all
the FSMO roles
2. resetting the password on both domain controllers using Netdom
utility and
3. Forcing the replication with Repadmin
4. restarting KKDC service on FSMO DC.

Thank you for your responses and for the link to intra-domain
replication troubleshooting article.

Voytek
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top