NTDS Replication error

[Jim Geith]

On DC's/sites outside of one particular site I am seeing an event 1864 "The
local domain controller has not received replication information from a
number of domain controllers." Then there is some count information.
DCDIAG also shows "REPLICATION_RECEIVED LATENCY WARNING" and a reference
back to the site in question for Schema and Configuration partitions.
Here's the problem, I have been able to force replication, and REPLMON shows
a more recent date than DCDIAG or the event log. We use AD integrated DNS
with the remote/child site hosting it's own zone, which is delegated at the
root DNS. DNS was temporarily pointed back to the root DNS but that didn't
help. ADSIedit just shows the DC's that are there. No other domains (12)
are having this issue. I need some clues where to go next in discovering
why we're seeing this latency error. Thanks.

 

[Tim Springston \(MSFT\)]

Hi Jim-

Does the latency message also appear when you look in a REPADMIN /SHOWREPS
output on that DC?

 

[Jim Geith]

It seems the problem has been cleared thanks to some router access list
change for the affected remote site. Despite my asking several times and
being told the site wasn't blocking any ports, it turned out they were block
some netbios ports on the intranet. Grrrrrr.

The thing bugging me is the inconsistency of DCDIAG, DS event log showing
errors and then REPLMON and REPADMIN showing things syncing up. The last
thing I can add is the server properties for the affected site in REPLMON
showed "The RPC server is unavailable" in the Failure Reason field. REPLMON
is a great tool by the way.

Any suggestion to a specific reliable test I could have used to prove
netbios port blocking?

Thanks.

Hi Jim-

Does the latency message also appear when you look in a REPADMIN /SHOWREPS
output on that DC?

--
Tim Springston
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no

rights.

 

[Tim Springston \(MSFT\)]

A verbose NETDIAG output is usually pretty cpmprehensive for that.
Another method is to remotely connect to a remote machine (across a suspect
firewall) for administrative purposes. For example, open Computer
Management (COMPMGMT.MSC) and remotely connect to a machine at the opposite
side of the firewall with that. The remote connection requires RPC
connectivity.