none
adprep /foresprep and adprep /domainprep just when subdomain get problems with VPN tunnel RRS feed

  • Pregunta

  • Hello,

    We explain the situation. We have a domain xxx.net on one subnet and two subdomains (yyy.xxx.net and zzz.xxx.net) on other two subnets. We have VPN tunnels to connect these three subnets between them to permit AD replication process.

    Initially, xxx.net domain had three WS2008R2 DCs, yyy.xxx.net had 1 WS2003 DC and zzz.xxx.net had 1 WS2003 DC.

    On 2<sup>nd</sup> October we planned to install new WS2012R2 DC on xxx.net. When we promoted the new DC WS20012R2 on xxx.net domain we didn’t know that VPN tunnel between xxx.net and yyy.xxx.net was broken. After this promotion we checked zzz.xxx.net and xxx.net DCs upgrade its schema version to 69 schema version (the schema version of WS2012R2). The problem appeared on yyy.xxx.net DC, that not updated its schema version and remain with the old schema version 47 (and System Schema Version 30 due to WS2003 OS).

    After we repaired VPN tunnel, we executed a repadmin /showrepl command, getting the following error (partial result).

    CN=Configuration,DC=xxx,DC=net

        DC via RPC

            DC object GUID: 2ac78c89-cbb9-43d4-b8cf-be7604286cc8

            Last attempt @ 2013-10-21 15:26:36 failed, result 1722 (0x6ba):

                Can't retrieve message string 1722 (0x6ba), error 1815.

            2985 consecutive failure(s).

            Last success @ 2013-09-20 12:56:15.

    We have tried to force the adprep /domainprep on domain yyy.xxx.net to force the update schema of yyy.xxx.net DC, but we get the following error:

    adprep /domainprep /domain yyy.xxx.net /forcereplicate

    D:\support\adprep>adprep /domainprep /domain yyy.xxx..net /forcereplicate

    Replicating from Domain Controller (DC) DC.xxx.net to Domain Controller

     (DC) DC.yyy.xxx.net ...

    Adprep was unable to replicate from Domain Controller (DC) DC.xxx.net to Domain Controller (DC) DC.yyy.xxx.net. Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20131021143237 directory for possible cause of failure.

    Adprep encountered a Win32 error.

    Error code: 0x774 Error message: Could not find the domain controller for this domain.

    From the log we have got the following data:

    [2013/10/21:14:02:58.930]

    Adprep was unable to replicate the Naming Context (NC) CN=Schema,CN=Configuration,DC=xxx,DC=net from Domain Controller (DC) DC.xxx.net to Domain Controller (DC) DC.yyy.xxx.net.

    [2013/10/21:14:02:58.930]

    Adprep encountered a Win32 error.

    Error code: 0x774 Error message: Could not find the domain controller for this domain.

    DSID Info:

    DSID: 0x180e1155

    winerror = 0x774

    NT BUILD: 9600

    NT BUILD: 16384

    Anyone know how can I resolve this situation?

    Regards and thanks in advance.


    jprieto

    lunes, 21 de octubre de 2013 15:16

Respuestas

  • Hi José,

    you could try to connect affected DC, edit NIC settings and configure only one DNS server. Then open cmd and execute netdiag /fix. You sould also repeat those steps on the schema master DC.

    On schema master also perform followin steps:

    • Open Active Directory Sites and Services
    • Expand the site that the Schema Master is in
    • Right click on the NTDS settings under the Schema Master and choose All Tasks\Check Replication topology.
    • Refresh the view
    • Right click on each replication object and attempt a replication

    Hope this helps!!


    Twitter 

    • Marcado como respuesta Uriel Almendra viernes, 15 de noviembre de 2013 21:37
    martes, 22 de octubre de 2013 7:45