locked
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site. RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Also while running repadmin /showrepl, getting below error

     

    Source: DEOFF\DEOFF-DOM-05 ******* 19 CONSECUTIVE FAILURES since 2011-11-16 10:03:22 Last error: 1396 (0x574): Logon Failure: The target account name is incorrect.

    • Edited by Gautam Ji Wednesday, November 16, 2011 10:42 AM
    • Changed type Elytis Cheng Friday, November 18, 2011 1:34 AM
    • Changed type Elytis Cheng Friday, November 18, 2011 1:34 AM
    Wednesday, November 16, 2011 9:07 AM

Answers

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    You can try repadmin/replsum and then repadmin/syncall.. Do you have any replication issues going on..? 

    Also, please change this as a question and not a discussion bcos sometimes discussions are not noticed...

    Regards, Mohan R Sr. Administrator - Server Support
    Wednesday, November 16, 2011 9:09 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Kindly find the below output of the commands...
    C:\>
    C:\>
    C:\>
    C:\>
    C:\>repadmin /replsum
    Replication Summary Start Time: 2011-11-16 14:45:20

    Beginning data collection for replication summary, this may take awhile:
      ........


    Source DC           largest delta  fails/total  %%  error
     DEOFF-DOM-05          05h:20m:05s   10 /  10  100  (1396) Logon Failure: Th...
     GRATH-DOM-10              25m:32s    5 /  10   50  (1722) The RPC server is...
     INF-PR-ADSS-1         02h:24m:44s    0 /  15    0
     MAILADC                   13m:04s    0 /   5    0
     MDC                       25m:18s    0 /  15    0


    Destination DC    largest delta    fails/total  %%  error
     DEOFF-DOM-05          02h:12m:36s    0 /  10    0
     GRATH-DOM-10              25m:40s    0 /   5    0
     INF-PR-ADSS-1         05h:20m:05s    5 /  15   33  (1396) Logon Failure: Th...
     MAILADC                   13m:16s    0 /   5    0
     MDC                   04h:43m:03s   10 /  20   50  (1396) Logon Failure: Th...

     

    C:\>repadmin /syncall
    CALLBACK MESSAGE: The following replication is in progress:
        From: dfd677ef-1347-43b8-b727-8a17cb6ba997._msdcs.siroclinpharm.com
        To  : 4a0f75a4-da7c-4f6f-9b94-251916e50a84._msdcs.siroclinpharm.com
    CALLBACK MESSAGE: The following replication completed successfully:
        From: dfd677ef-1347-43b8-b727-8a17cb6ba997._msdcs.siroclinpharm.com
        To  : 4a0f75a4-da7c-4f6f-9b94-251916e50a84._msdcs.siroclinpharm.com
    CALLBACK MESSAGE: SyncAll Finished.
    SyncAll terminated with no errors.


    C:\>

    Wednesday, November 16, 2011 9:16 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Was there any network related problems between the sites where DC's DEOFF-DOM-05 and GRATH-DOM-10 are present?


    Regards, Mohan R Sr. Administrator - Server Support
    Wednesday, November 16, 2011 9:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You need to change the post type to question instead of discussion.

    Back to your issue, the error "he RPC server is unavailable" indicates issues with the ports being blocked on the firewall or connectivity issues with the DC's. You can use portquery tool which is free and can be downloaded and installed on the server to check port block. You also needs to verify there is min or no latency in the network.

    http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

    How to use portquery tool.

    http://www.windowsecurity.com/articles/mastering-portqryexe-part1.html

    http://support.microsoft.com/kb/832919

    Active Directory and Active Directory Domain Services Port Requirements

    http://technet.microsoft.com/en-us/library/dd772723%28WS.10%29.aspx

     

    Regards  

    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 16, 2011 9:29 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    THanks I'll check and update you ...

    By the way.. there is connecitivty issue going on as some time connecitivty up and some time connectivity down.

    Wednesday, November 16, 2011 9:40 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Yes and because of that, dc's are not reachable and you get error posted in your link. Without realizing, you answered your own question..:)

     

    Regards  

    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 16, 2011 9:44 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I still getting below error as connecitivty is restored..


    C:\>
    C:\>
    C:\>repadmin /replsummary
    Replication Summary Start Time: 2011-11-16 15:30:16

    Beginning data collection for replication summary, this may take awhile:
      ........


    Source DC           largest delta  fails/total  %%  error
     DEOFF-DOM-05          06h:05m:01s   10 /  10  100  (1396) Logon Failure: Th...
     GRATH-DOM-10              12m:57s    0 /  10    0
     INF-PR-ADSS-1             13m:00s    0 /  10    0
     MAILADC                   13m:00s    0 /   5    0
     MDC                       13m:12s    0 /  10    0

     


    Experienced the following operational errors trying to retrieve replication info
    rmation:
            8341 - DEOFF-DOM-05.siroclinpharm.com

    C:\>ping DEOFF-DOM-05

    Pinging DEOFF-DOM-05.siroclinpharm.com [10.49.10.47] with 32 bytes of data:

    Reply from 10.49.10.47: bytes=32 time=152ms TTL=126
    Reply from 10.49.10.47: bytes=32 time=150ms TTL=126
    Reply from 10.49.10.47: bytes=32 time=150ms TTL=126
    Reply from 10.49.10.47: bytes=32 time=155ms TTL=126

    Ping statistics for 10.49.10.47:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 150ms, Maximum = 155ms, Average = 151ms

    C:\>

    And i checked the error found one solution in the below link

     

    http://www.andymcdonald.co.uk/2010/07/29/1396-logon-failure-the-target-account-name-is-incorrect/

    kindly suggest, shall i got with this link ??

     

    Wednesday, November 16, 2011 10:05 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can use below cmd to reset the secure channel which is reference in the article posted by you. The cmd can be used on windows 2008 r2 even to reset the secure channel on the DC.

    http://support.microsoft.com/kb/260575

     

    Regards

    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 16, 2011 10:11 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Also getting Directory service events error:

     

    The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.

     

    Sites:

    CN=DEOFF,CN=Sites,CN=Configuration,DC=siroclinpharm,DC=com

     

     

    Wednesday, November 16, 2011 10:20 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    This is not a discussion, change the thread type to question. Take a look at below article.

    http://blogs.technet.com/b/askds/archive/2008/10/31/troubleshooting-kcc-event-log-errors.aspx

     

    Regards

    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 16, 2011 10:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

     

    We I m going to reset DC account password getting error "time is not matching with your pdc "..

     

    Actually, this DC "DOM" is situated in Germany location and my role holder Dc is in mumbai location..

     

    Wednesday, November 16, 2011 12:06 PM
  • Question
    Sign in to vote
    1
    Sign in to vote

    You need to sync your DC time with the PDC only.By default time skew of 5 min is fine but anything more or less creates problem in authentication with the DC.

    Time Server Role in Forest/Domain  

    http://awinish.wordpress.com/2011/10/07/time-server-role-in-forestdomain/ 

     

    Regards

    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    • Marked as answer by Elytis Cheng Friday, November 18, 2011 1:36 AM
    Wednesday, November 16, 2011 12:15 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks........... Its working now after reregister the w32time.........

     

    Thanks a lot for your blogs...

     

    Thursday, November 17, 2011 4:19 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Good to hear that issue has been resolved and link posted helped u.

     

    Regards  

    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com/

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Thursday, November 17, 2011 5:44 AM