Question

Locked

Why does sysvol replication fail on new DC with errors listed here?

By itfix7 ·
Added second Windows Server 2003 DC (DC2) to single domain (AD, File Server, DNS Server, GC Role on both DCs) / (DCPROMO run)
Intended for DC2 to be replica of main DC (DC1) / same OS on both.
Same domain, same building, no firewall between, only a switch.
Different IP's, DC1 is primary in all cases. All DNS (pings, tests) pass: DC1 to DC2, and DC2 to DC1.
AD changes replicate quickly.
Contents of sysvol on DC1: 3 policy folders did not replicate to DC2.
DC2 created 1 policy which DID replicate to DC1 so now DC1 has all 4.

Many tests run, hundreds of pages, so only *test name* run and *failures* follow: (all DC2)
---------------------------------dcdiag (DC2)

Netlogons: "Unable to connect to the NETLOGONS share! (DC2\netlogon) An net use or LsaPolicy operation failed with error 1203. No network provider accepted the given network path"
-- Advertising test fails with "Warning: DsGetDcName returned information for DC1 when trying to reach DC2. Server is not responding or is not considered suitable.
---------------------------------
netdiag (DC2)

"Domain membership test.. failed. Warning: this system volume has not been completely replicated to the local machine. This machine is not working properly as a DC."
---------------------------------
dcdiag /test:dns (DC2)

TEST: Delegations (Del)
Warning: DNS server: domainserver.server.MYDOMAIN. IP: <Unavailable>
Failure:Missing glue A record
---------------------------------
netdiag /fix (DC2)

Domain membership test..: Failed
[WARNING] Ths system volume has not been completely replicated to the local machine. This machine is not working properly as a DC.
---------------------------------
dcdiag /v (DC2)

Starting test: NetLogons
* Network Logons Privileges Check
Unable to connect to the NETLOGON share! (\\DOMAINSERVER2\netlogon)
[DOMAINSERVER2] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path..
DOMAINSERVER2 failed test Netlogons

Starting test: Advertising
Warning: DsGetDcName returned information for \\DomainServer.MYDOMAIN.COM, when we were trying to reach DOMAINSERVER2.
Server is not responding or is not considered suitable.
The DC DOMAINSERVER2 is advertising itself as a DC and having a DS.
The DC DOMAINSERVER2 is advertising as an LDAP server
The DC DOMAINSERVER2 is advertising as having a writeable directory
The DC DOMAINSERVER2 is advertising as a Key Distribution Center
The DC DOMAINSERVER2 is advertising as a time server
The DS DOMAINSERVER2 is advertising as a GC. ............
DOMAINSERVER2 failed test Advertising
---------------------------------
repadmin /showreps (DC2)

Has these failures:

DC=MYDOMAIN,DC=COM
Default-First-Site-Name\DOMAINSERVER via RPC
DC object GUID: de66c2d3-eda2-4ab2-a393-fdea108ad439
Last attempt @ 2010-01-28 18:53:24 failed, result 8453 (0x2105):
Replication access was denied.
193 consecutive failure(s).
Last success @ 2010-01-28 11:11:43. AND:

Source: Default-First-Site-Name\DOMAINSERVER
******* 193 CONSECUTIVE FAILURES since 2010-01-28 11:11:43
Last error: 8453 (0x2105):
Replication access was denied.
---------------------------------
To resolve some of the above:

Stop/ Restart Netlogon Service

DNS - Tried "ipconfig /flushdns"
follow by "ipconfig /registerdns" on several occassions
--------------
Thanks for reviewing this post.

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Re: replication failure

by christianshiflet In reply to Why does sysvol replicati ...

I know that you stated there is no firewall between the 2, but is there a possibility that the Windows firewall on the new DC is turned on? I saw very similar errors following the promotion of a server. After the initial reboot, the firewall defaults to enabled which causes replication problems. Let me know.

Collapse -

Firewalls are still off.

by itfix7 In reply to Re: replication failure

I double-checked again. Windows firewalls are both turned off.

Collapse -

sysvol and netlogon shares on DC2

by CG IT In reply to Why does sysvol replicati ...
Back to Networks Forum
4 total posts (Page 1 of 1)  

Hardware Forums