J
Joep Verhaeg
Hello,
Since a couple of day's the File Replication Service is not replicating the
SYSVOL anymore with Event ID: 13508 on one domain controller, the other only
logs the message "The File Replication Service is no longer preventing the
computer server2 from becoming a domain controller...", the following
actions I performed to try to fix it:
1. Verified name resolution, DNS is working fine on both DC's (using AD
integrated DNS).
2. Verified the creation of SRV records for both DC's and this is also fine.
3. Restarted the NtFrs service on both DC's.
4. Verified the security (rights) on the SYSVOL folders (and subfolders) on
both DC's, this is correct.
5. Reset the machine account following KB260575 for the DC which can not be
connected to.
6. Netdiag reports everything is ok.
7. Replmon reports that AD replication is working fine.
8. Sonar reports LongJoinC for SERVER1 as "1" and for SERVER2 as "0", I
don't know is this is normal or just my problem...
9. The system time is in sync on both DC's.
10. The SYSVOL share is available on both DC's (verified with the "net
share" command).
11. There is enough harddisk space to replicate on both DC's.
A snapshot from the logfiles created by the NtFrs service:
--
Server1 NtFrs_0005.log:
<FrsDsFindComputer: 4220: 8717: S2: 10:21:30> S: Computer
FQDN is cn=server1,ou=domain controllers,dc=domain,dc=nl
<FrsDsFindComputer: 4220: 8723: S2: 10:21:30> S: Computer's
dns name is server1.domain.nl
<FrsDsFindComputer: 4220: 8737: S2: 10:21:30> S: Settings
reference is cn=ntds
settings,cn=server1,cn=servers,cn=city,cn=sites,cn=configuration,dc=domain,d
c=nl
<SndCsMain: 4096: 868: S0: 10:21:30> :SR: Cmd
00237ca8, CxtG 1c42b4c7, WS ERROR_ACCESS_DENIED, To server2.domain.nl Len:
(380) [SndFail - rpc call]
<SndCsMain: 4096: 895: S0: 10:21:30> :SR: Cmd
00237ca8, CxtG 1c42b4c7, WS ERROR_ACCESS_DENIED, To server2.domain.nl Len:
(380) [SndFail - Send Penalty]
<MainServiceHandler: 4016: 2053: S0: 10:21:32> :S: Received
control code 4 from Service Controller
<MainServiceHandler: 4016: 2053: S0: 10:22:07> :S: Received
control code 4 from Service Controller
--
--
Server2 NtFrs_0005.log:
<FrsHashCalcString: 1676: 4777: S0: 10:20:28> Name =
S-1-5-21-1202660629-1078145449-1060284298-1003
<SERVER_FrsRpcSendCommPkt: 1676: 436: S0: 10:20:28> ++ ERROR -
Invalid Partner: AuthClient:domain\server1$,
AuthSid:S-1-5-21-1202660629-1078145449-1060284298-1003
<FrsHashCalcString: 1676: 4777: S0: 10:21:30> Name =
S-1-5-21-1202660629-1078145449-1060284298-1003
<SERVER_FrsRpcSendCommPkt: 1676: 436: S0: 10:21:30> ++ ERROR -
Invalid Partner: AuthClient:domain\server1$,
AuthSid:S-1-5-21-1202660629-1078145449-1060284298-1003
--
Can someone help me with this problem?
Thanks in advance,
Joep Verhaeg.
Since a couple of day's the File Replication Service is not replicating the
SYSVOL anymore with Event ID: 13508 on one domain controller, the other only
logs the message "The File Replication Service is no longer preventing the
computer server2 from becoming a domain controller...", the following
actions I performed to try to fix it:
1. Verified name resolution, DNS is working fine on both DC's (using AD
integrated DNS).
2. Verified the creation of SRV records for both DC's and this is also fine.
3. Restarted the NtFrs service on both DC's.
4. Verified the security (rights) on the SYSVOL folders (and subfolders) on
both DC's, this is correct.
5. Reset the machine account following KB260575 for the DC which can not be
connected to.
6. Netdiag reports everything is ok.
7. Replmon reports that AD replication is working fine.
8. Sonar reports LongJoinC for SERVER1 as "1" and for SERVER2 as "0", I
don't know is this is normal or just my problem...
9. The system time is in sync on both DC's.
10. The SYSVOL share is available on both DC's (verified with the "net
share" command).
11. There is enough harddisk space to replicate on both DC's.
A snapshot from the logfiles created by the NtFrs service:
--
Server1 NtFrs_0005.log:
<FrsDsFindComputer: 4220: 8717: S2: 10:21:30> S: Computer
FQDN is cn=server1,ou=domain controllers,dc=domain,dc=nl
<FrsDsFindComputer: 4220: 8723: S2: 10:21:30> S: Computer's
dns name is server1.domain.nl
<FrsDsFindComputer: 4220: 8737: S2: 10:21:30> S: Settings
reference is cn=ntds
settings,cn=server1,cn=servers,cn=city,cn=sites,cn=configuration,dc=domain,d
c=nl
<SndCsMain: 4096: 868: S0: 10:21:30> :SR: Cmd
00237ca8, CxtG 1c42b4c7, WS ERROR_ACCESS_DENIED, To server2.domain.nl Len:
(380) [SndFail - rpc call]
<SndCsMain: 4096: 895: S0: 10:21:30> :SR: Cmd
00237ca8, CxtG 1c42b4c7, WS ERROR_ACCESS_DENIED, To server2.domain.nl Len:
(380) [SndFail - Send Penalty]
<MainServiceHandler: 4016: 2053: S0: 10:21:32> :S: Received
control code 4 from Service Controller
<MainServiceHandler: 4016: 2053: S0: 10:22:07> :S: Received
control code 4 from Service Controller
--
--
Server2 NtFrs_0005.log:
<FrsHashCalcString: 1676: 4777: S0: 10:20:28> Name =
S-1-5-21-1202660629-1078145449-1060284298-1003
<SERVER_FrsRpcSendCommPkt: 1676: 436: S0: 10:20:28> ++ ERROR -
Invalid Partner: AuthClient:domain\server1$,
AuthSid:S-1-5-21-1202660629-1078145449-1060284298-1003
<FrsHashCalcString: 1676: 4777: S0: 10:21:30> Name =
S-1-5-21-1202660629-1078145449-1060284298-1003
<SERVER_FrsRpcSendCommPkt: 1676: 436: S0: 10:21:30> ++ ERROR -
Invalid Partner: AuthClient:domain\server1$,
AuthSid:S-1-5-21-1202660629-1078145449-1060284298-1003
--
Can someone help me with this problem?
Thanks in advance,
Joep Verhaeg.