+ Post New Thread
Results 1 to 11 of 11
Windows Server 2008 R2 Thread, Replication issue in Technical; Had big problems when I came into work yesterday. I think we have 2 issues: Found out that the 2 ...
  1. #1

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10

    Replication issue

    Had big problems when I came into work yesterday.

    I think we have 2 issues:

    Found out that the 2 domain controllers are not replicating with each other.
    The 'computer password' that is authenticated against Active Directory is expiring after 30 days and making the machine fall off the domain.

    It was exactly 30 days ago when I did an upgrade on the physical host with a new datastore. Restored the DC with VeeamZip and everything worked fine. Happy Days.

    We have had issues with computers not logging on and falling off the domain since yesterday. Target account is invalid and trust relationship between this workstation and the domain controller has failed.

    I've tried taking client off the domain and rejoining but it looks like it goes successfully but you get an error message after the 'Welcome to the *domain' saying target account invalid. It restarts and lets you log onto domain but the PC does not appear ANYWHERE in AD on the Primary DC but does on the Secondary DC.

    I created a test user account on DC2 and it does not appear in DC1.

    We have limited access. Some people are able to get on and access certain things.

    When I've tried to force replication I get the message The destination and source sever is currently rejecting replication requests.

    Any ideas?

  2. #2

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,107
    Thank Post
    217
    Thanked 1,310 Times in 806 Posts
    Blog Entries
    4
    Rep Power
    516
    You restored a DC? which one had the FSMO roles at the time?

    If you've a working domain controller in the domain I'd never recommend restoring another, there's too much chance of issues when it comes back : Domain Controller Recovery

    In all honesty, I'd say blow away the restored DC, remove it from AD using ADSIedit and then build a new server and DCpromo it.

  3. #3

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10
    Took the PDC off the host to upgrade storage on the physical server.
    Added new storage, Created new RAID, Created new Datastore in VMWare. Restored PDC to host using VeeamZip.
    Started dc1 back up.
    Ran updates on all servers.
    Everything has worked fine for the last 30 days. (Or appeared to)

    DC1 has the FSMO roles.
    DC1 is the only DNS server.
    DC2 appears to be working fine.

    Will I have to transfer FSMO roles to DC2 and make it a global catalogue server.

  4. #4

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,107
    Thank Post
    217
    Thanked 1,310 Times in 806 Posts
    Blog Entries
    4
    Rep Power
    516
    It could just be that it's tombstoned itself due to the restore - If you run repadmin /options on the two DCs does DISABLE_OUTBOUND_REPL or DISABLE_INBOUND_REPL appear?

  5. #5

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10
    This is what it says:

    DC1 - IS-GC DISABLE_INBOUND-REPL DISABLE_OUTBOUND_REPL

    DC2 - IS_GC

  6. #6

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,107
    Thank Post
    217
    Thanked 1,310 Times in 806 Posts
    Blog Entries
    4
    Rep Power
    516
    Okay, so they're both currently global catalogs, which is good.

    But those options on DC1 means it's considered itself out of date, and stopped replication after being restored. If you're confident everything else is working properly, you can remove those options and see if it replicates properly with "repadmin /options <DC NAME> -DISABLE_OUTBOUND_REPL" and "repadmin /options <DC NAME> -DISABLE_INBOUND_REPL"

  7. Thanks to Domino from:

    jonathon28 (1st July 2014)

  8. #7

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10
    Sorry Domino, 'remove those options' by running those commands?

  9. #8

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,107
    Thank Post
    217
    Thanked 1,310 Times in 806 Posts
    Blog Entries
    4
    Rep Power
    516
    Yes, those commands will remove the replication disable on DC1, where <DCNAME> is the server FQDN for DC1

  10. #9

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10
    Ok. So I've entered the commands you stated and I think everything is back to normal.

    Is there a way I can check the replication is now working. Other than I have noticed that AD has now sync'd across and PCs are now joining the domain correctly.

  11. #10

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,107
    Thank Post
    217
    Thanked 1,310 Times in 806 Posts
    Blog Entries
    4
    Rep Power
    516
    if you run "repadmin /replsummary" it'll tell you the current delta, but likely be skewed by the large amount of fails lately - and 'repadmin /showrepl' will tell you the last replication results

  12. Thanks to Domino from:

    jonathon28 (1st July 2014)

  13. #11

    Join Date
    Oct 2010
    Location
    Birmingham
    Posts
    92
    Thank Post
    9
    Thanked 11 Times in 11 Posts
    Rep Power
    10
    That's great, Looks as if it's working. Thank you very much for your help. I imagined it being a lot worse and having 300 computers to re-add to a domain!

SHARE:
+ Post New Thread

Similar Threads

  1. Weird sysvol replication issue
    By CHR1S in forum Windows Server 2012
    Replies: 8
    Last Post: 3rd December 2013, 03:05 PM
  2. replication issues (i suspect its ipv6 related)
    By sted in forum Windows Server 2008 R2
    Replies: 17
    Last Post: 12th June 2013, 12:03 PM
  3. DFS Replication issues
    By mrbios in forum Windows Server 2008 R2
    Replies: 1
    Last Post: 29th November 2012, 10:42 AM
  4. DC Replication Issue
    By JHeaton in forum Windows Server 2008 R2
    Replies: 2
    Last Post: 18th September 2011, 03:10 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •