none
RODC Replication Error - LDAP error 1 (Operations Error) Win32 Err 110

    Question

  • Hello,

    I lost access to one of my RODC. When i try to log to it authentication fails. It looks like AD synchronization error. I'm sure that network and firewalls are configured correctly.  I used dcdiag and repadmin to get some information about error, but can't find any useful information what to do with it. Maybe someone have an idea?

    Log from my PDC

    C:\Windows\system32>repadmin /replsummary
    Replication Summary Start Time: 2017-02-09 10:33:16

    Beginning data collection for replication summary, this may take awhile:
      ........


    Source DSA          largest delta    fails/total %%   error
     DC0                       45m:12s    0 /  15    0
     DC1                       45m:12s    0 /  15    0


    Destination DSA     largest delta    fails/total %%   error
     DC0                       33m:32s    0 /   5    0
     DC1                       38m:58s    0 /   5    0
     DC2                       45m:15s    0 /  10    0
     DC4                       37m:42s    0 /  10    0


    Experienced the following operational errors trying to retrieve replication info
    rmation:
             110 - DC3

    C:\Windows\system32>repadmin /showrepl DC3
    LDAP error 1 (Operations Error) Win32 Err 110.


    C:\Windows\system32>dcdiag /test:advertising /v /s:DC3

    Directory Server Diagnosis

    Performing initial setup:
       * Connecting to directory service on server DC3.
       * Identified AD Forest.
       FATAL FAILURE: PROBLEM IN AD ENVIROMNET: Search for Root dse attributes faile
    d with error = 110


    Thursday, February 9, 2017 9:39 AM

Answers

  • Can you still get into RDP with an account whose password was previously cached and haven't been changed since issue occurred? If yes you can 1) check Directory Service event logs. 2) check the secure channel between DC3 and its replication partner (nltest)

    Lastly Maybe give it a reboot if you haven't done so yet?

    Thursday, February 9, 2017 3:29 PM

All replies

  • when you said "login failed", what error msg you got? What lead you to think it's replication issue? Which DC is your RODC?
    Thursday, February 9, 2017 2:41 PM
  • - when you said "login failed", what error msg you got?

    "The logon attempt failed" in mstsc, "Login or password incorrect" in psexec for example

    - What lead you to think it's replication issue?

    Host is up and replies for pings. I tested my credentials with mstsc, psexec , cifs and tasklist. That followed me to dcdiag and repladmin

    - Which DC is your RODC?

    I'm not sure i fully understand this question.

    DC0 and DC1 are normal AD DCs

    DC2,DC3,DC4 are RODCs and DC3 is the problematic one.


    Thursday, February 9, 2017 3:08 PM
  • Can you still get into RDP with an account whose password was previously cached and haven't been changed since issue occurred? If yes you can 1) check Directory Service event logs. 2) check the secure channel between DC3 and its replication partner (nltest)

    Lastly Maybe give it a reboot if you haven't done so yet?

    Thursday, February 9, 2017 3:29 PM
  • Hi,

    Just checking in to see if the information provided was helpful. And if the replies as above are helpful, we would appreciate you to mark them as answers, please let us know if you would like further assistance.

    Best Regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, February 13, 2017 9:34 AM
    Moderator
  • Hi,

    Finally we could reboot this problematic RODC server and it helped.

    Thank you!

    Monday, February 27, 2017 2:48 PM