Guest Peter Lawton Posted October 28, 2008 Posted October 28, 2008 I've got a domain with two W2008 domain controllers and AD replication seems to be broken, I'm seeing the following log errors:- The DFS Replication service encountered an error communicating with partner SERVERNAME for replication group Domain System Volume. Partner DNS address: servername.domain.com Optional data if available: Partner WINS Address: servername Partner IP Address: xxx.xxx.xxx.xxx The service will retry the connection periodically. Additional Information: Error: 1753 (There are no more endpoints available from the endpoint mapper.) Connection ID: C1447DFA-1EFB-4D08-B15C-FE28ABC82864 Replication Group ID: 92BA06E1-B8E5-4D2D-96F3-E479B8ED8742 Anyone come across this before? Thanks Peter Lawton
Guest Meinolf Weber Posted October 28, 2008 Posted October 28, 2008 Re: AD replication error with W2008 Hello Peter, Make sure you can ping between the DC's with ip address, computername and FQDN. Also make sure that you use only domain internal ip addresses on the NIC settings, no externals like your ISP's DNS server. Then run repadmin /showrepl and dcdiag /v and post the output here. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > I've got a domain with two W2008 domain controllers and AD replication > seems to be broken, I'm seeing the following log errors:- > > The DFS Replication service encountered an error communicating with > partner SERVERNAME for replication group Domain System Volume. > > Partner DNS address: servername.domain.com > > Optional data if available: > Partner WINS Address: servername > Partner IP Address: xxx.xxx.xxx.xxx > The service will retry the connection periodically. > > Additional Information: > Error: 1753 (There are no more endpoints available from the endpoint > mapper.) > Connection ID: C1447DFA-1EFB-4D08-B15C-FE28ABC82864 > Replication Group ID: 92BA06E1-B8E5-4D2D-96F3-E479B8ED8742 > Anyone come across this before? > > Thanks > > Peter Lawton >
Guest Peter Lawton Posted October 28, 2008 Posted October 28, 2008 Re: AD replication error with W2008 Thanks, looks like I had a DNS registration issue which I think i've fixed now, but the error I'm still seeing with dcdiag is:- Starting test: NCSecDesc * Security Permissions check for all NC's on DC server1. The forest is not ready for RODC. Will skip checking ERODC ACEs. * Security Permissions Check for DC=ForestDnsZones,DC=domain,DC=co,DC=uk (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDnsZones,DC=domain,DC=co,DC=uk * Security Permissions Check for DC=DomainDnsZones,DC=domain,DC=co,DC=uk (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=DomainDnsZones,DC=domain,DC=co,DC=uk * Security Permissions Check for CN=Schema,CN=Configuration,DC=domain,DC=co,DC=uk (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=domain,DC=co,DC=uk (Configuration,Version 3) * Security Permissions Check for DC=domain,DC=co,DC=uk (Domain,Version 3) ......................... server1 failed test NCSecDesc
Guest Isaac Oben [MCITP, MCSE] Posted October 29, 2008 Posted October 29, 2008 Re: AD replication error with W2008 Peter, try a netdiag /fix or dcdaig /fix see if it helps to resolve the issue
Guest Meinolf Weber Posted October 29, 2008 Posted October 29, 2008 Re: AD replication error with W2008 Hello Peter, "The forest is not ready for RODC. Will skip checking ERODC ACEs." You use RODC's, if i read this message correct? Is the forest prepared for them with adprep /rodcprep? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > The forest is not ready for RODC. Will skip checking ERODC ACEs >
Guest Peter Lawton Posted October 29, 2008 Posted October 29, 2008 Re: AD replication error with W2008 No we don't use RODC's so it looks like everything's OK now. Replication has started again and is working Many thanks for all the help Peter Lawton "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message news:ff16fb66c2518cb07b9a4c041e0@msnews.microsoft.com... > Hello Peter, > > "The forest is not ready for RODC. Will skip checking ERODC ACEs." You use > RODC's, if i read this message correct? Is the forest prepared for them > with adprep /rodcprep? > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and > confers no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > >> The forest is not ready for RODC. Will skip checking ERODC ACEs >> > >
Recommended Posts