G
Guest
Hi All,
I have a following problem.
2 W2K3 DCs. Both are DNS servers and are located in two separate sites. DC1
is in the Site1 and DC2 is in the Site2. The replication interval is 15
minutes.
The Site2 was accidentally deleted in the Configuration partition on the DC1:
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM. After that I
authoritatively restored the subtree:
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM on the DC1.
AD data started to replicate from DC1 to DC2, but not backwards, because the
KCC did not created the connection object from DC2 to DC1 even after I forced
to generate connection objects, rebooted both DCs, flushed and re-registered
DNS, restarted netlogon. Only connection object from DC1 to DC2 has been
generated automatically.
If I manually add connection from DC2 to DC1 it stays and AD data gets
replicated. It does not disappear at all. I tested for several hours and it
stays there. After that I deleted this manually added connection object and
tried to use "repadmin /add" and added all required partitions.
I noticed the following behavior:
"Repadmin" and "Replmon" showed that the connection object is added, but DS
Sites and Services Snap-in - does not show the recently added connection
objects. After I triggered the KCC to check the replication topology or after
I waited for about 15 mins, the connection object from DC2 to DC1 disappeared
and AD stopped the replication. The AD replication from DC1 to DC2 through
the automatically generated connection object proceeded though.
Everything worked fine before.
Fixed the issue by forceful removal of DC2 and dcpromo it once more after
the metadata clean-up. Was able to reproduce the issue in the same
environment after that by deleting the
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM object bby myself.
Questions:
1. Has anybody seen similar weird behavior after and how to fix it without
the metadata cleanup and DCPROMO of the remote DC?
2. What can potentially cause the issue, so I would perform a preventive
maintenance in the AD to fix it and address the potential issues in future?
Thank you,
Alex
I have a following problem.
2 W2K3 DCs. Both are DNS servers and are located in two separate sites. DC1
is in the Site1 and DC2 is in the Site2. The replication interval is 15
minutes.
The Site2 was accidentally deleted in the Configuration partition on the DC1:
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM. After that I
authoritatively restored the subtree:
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM on the DC1.
AD data started to replicate from DC1 to DC2, but not backwards, because the
KCC did not created the connection object from DC2 to DC1 even after I forced
to generate connection objects, rebooted both DCs, flushed and re-registered
DNS, restarted netlogon. Only connection object from DC1 to DC2 has been
generated automatically.
If I manually add connection from DC2 to DC1 it stays and AD data gets
replicated. It does not disappear at all. I tested for several hours and it
stays there. After that I deleted this manually added connection object and
tried to use "repadmin /add" and added all required partitions.
I noticed the following behavior:
"Repadmin" and "Replmon" showed that the connection object is added, but DS
Sites and Services Snap-in - does not show the recently added connection
objects. After I triggered the KCC to check the replication topology or after
I waited for about 15 mins, the connection object from DC2 to DC1 disappeared
and AD stopped the replication. The AD replication from DC1 to DC2 through
the automatically generated connection object proceeded though.
Everything worked fine before.
Fixed the issue by forceful removal of DC2 and dcpromo it once more after
the metadata clean-up. Was able to reproduce the issue in the same
environment after that by deleting the
CN=Site2,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM object bby myself.
Questions:
1. Has anybody seen similar weird behavior after and how to fix it without
the metadata cleanup and DCPROMO of the remote DC?
2. What can potentially cause the issue, so I would perform a preventive
maintenance in the AD to fix it and address the potential issues in future?
Thank you,
Alex