R
Ryan
Hi all,
After promoting an additional DC, I started to have Directory Service
Replication issue (including FRS). Initially, I have 3 DCs in single domain
with the PDC holding all the FSMO roles. When I access AD Sites and Servies
and click on each server, I can only see other 2 DC appearing on each server
(which should have been 3). Server1 can only see Server2 and Server4
(replication successful on bothe servers as well). Server2 can only see
Server1 and Server3. Server3 can see Server2 and Server4. Server4 can only
see Server1 and Server3. Conclusion: Server1 can't "communicate" with
Server3 (and vice versa) while Server2 can't communicate with Server4 (and
vice versa). I have run dnslint and the result successfully captured the 4
server GUID.
The error log for FRS error is 13508, I have followed the error log to
create a new replication path. I tried to use FRSDIAG but get an error
certain registry not registered, do i need to add-in any component for the
tool to run? A new replicated sripts and policies (both attached with some
ID) folders were created and can be successfully replicated. So, which
folder would be the "effective" sysvol share folder (the one with ID or
original, can I manually remove or rename these folders?)?
I found missing keberos and kpasswd service location of the newly promoted
server in the DNS forward lookup zone. I have manually added them. What is
the impact of adding these entries. It does not solve the problem I faced
though. Any advice would be very much appreciated, thank you.
Ryan
After promoting an additional DC, I started to have Directory Service
Replication issue (including FRS). Initially, I have 3 DCs in single domain
with the PDC holding all the FSMO roles. When I access AD Sites and Servies
and click on each server, I can only see other 2 DC appearing on each server
(which should have been 3). Server1 can only see Server2 and Server4
(replication successful on bothe servers as well). Server2 can only see
Server1 and Server3. Server3 can see Server2 and Server4. Server4 can only
see Server1 and Server3. Conclusion: Server1 can't "communicate" with
Server3 (and vice versa) while Server2 can't communicate with Server4 (and
vice versa). I have run dnslint and the result successfully captured the 4
server GUID.
The error log for FRS error is 13508, I have followed the error log to
create a new replication path. I tried to use FRSDIAG but get an error
certain registry not registered, do i need to add-in any component for the
tool to run? A new replicated sripts and policies (both attached with some
ID) folders were created and can be successfully replicated. So, which
folder would be the "effective" sysvol share folder (the one with ID or
original, can I manually remove or rename these folders?)?
I found missing keberos and kpasswd service location of the newly promoted
server in the DNS forward lookup zone. I have manually added them. What is
the impact of adding these entries. It does not solve the problem I faced
though. Any advice would be very much appreciated, thank you.
Ryan