none
AD Replication Not Working - Last error: 1256 (0x4e8):

    Question

  • Hi,

    We have one DC and ADC which is running on the same premises.  Few days back the ADC got power failure and after that long it thrown an error of some services are not started.  We checked the event viewer to find out the service failed but not found the same.  In Services all the services are in started mode.  Restarted server serval time.  Still the replication not happening with DC.  If any one can help me out to find out the real issue will very helpful.

    Pasting Below dciag and showrepl results ,

    repadmin running command /showrepl against server localhost




    Default-First-Site-Name\BACKUPDC

    DC Options: (none)

    Site Options: (none)

    DC object GUID: bcbf105f-e755-4c24-b846-01d447834480

    DC invocationID: da4dec2a-3c22-4b5f-8f36-586ee3969ea2



    ==== INBOUND NEIGHBORS ======================================



    DC=bannaridc,DC=com

        Default-First-Site-Name\DC via RPC

            DC object GUID: 2a328743-72f5-48c7-b932-cbe8f957a580

            Last attempt @ 2014-06-30 12:28:05 failed, result 5 (0x5):

                Access is denied.

            1479 consecutive failure(s).

            Last success @ 2014-05-12 09:42:25.



    CN=Configuration,DC=bannaridc,DC=com

        Default-First-Site-Name\DC via RPC

            DC object GUID: 2a328743-72f5-48c7-b932-cbe8f957a580

            Last attempt @ 2014-06-30 12:28:06 failed, result 5 (0x5):

                Access is denied.

            1182 consecutive failure(s).

            Last success @ 2014-05-12 09:23:26.



    CN=Schema,CN=Configuration,DC=bannaridc,DC=com

        Default-First-Site-Name\DC via RPC

            DC object GUID: 2a328743-72f5-48c7-b932-cbe8f957a580

            Last attempt @ 2014-06-30 12:28:06 failed, result 5 (0x5):

                Access is denied.

            1182 consecutive failure(s).

            Last success @ 2014-05-12 09:23:26.



    DC=DomainDnsZones,DC=bannaridc,DC=com

        Default-First-Site-Name\DC via RPC

            DC object GUID: 2a328743-72f5-48c7-b932-cbe8f957a580

            Last attempt @ 2014-06-30 12:28:05 failed, result 1256 (0x4e8):

                The remote system is not available. For information about network troubleshooting, see Windows Help.

            1182 consecutive failure(s).

            Last success @ 2014-05-12 09:33:40.



    DC=ForestDnsZones,DC=bannaridc,DC=com

        Default-First-Site-Name\DC via RPC

            DC object GUID: 2a328743-72f5-48c7-b932-cbe8f957a580

            Last attempt @ 2014-06-30 12:28:05 failed, result 1256 (0x4e8):

                The remote system is not available. For information about network troubleshooting, see Windows Help.

            1182 consecutive failure(s).

            Last success @ 2014-05-12 09:23:27.



    Source: Default-First-Site-Name\DC

    ******* 1479 CONSECUTIVE FAILURES since 2014-05-12 09:42:25

    Last error: 1256 (0x4e8):

                The remote system is not available. For information about network troubleshooting, see Windows Help.


    Replication Summary Start Time: 2014-06-30 12:49:41



    Beginning data collection for replication summary, this may take awhile:

      .....





    Source DC           largest delta  fails/total  %%  error

     BACKUPDC          49d.03h:30m:38s    5 /   5  100  (2148074274) The target principal name is incorrect.

     DC                49d.03h:26m:15s    5 /   5  100  (5) Access is denied.





    Destination DC    largest delta    fails/total  %%  error

     BACKUPDC          49d.03h:26m:16s    5 /   5  100  (5) Access is denied.

     DC                49d.03h:30m:39s    5 /   5  100  (2148074274) The target principal name is incorrect.




    Domain Controller Diagnosis

    Performing initial setup:
       Done gathering initial info.

    Doing initial required tests
       
       Testing server: Default-First-Site-Name\BACKUPDC
          Starting test: Connectivity
             ......................... BACKUPDC passed test Connectivity

    Doing primary tests
       
       Testing server: Default-First-Site-Name\BACKUPDC
          Starting test: Replications
             [Replications Check,BACKUPDC] A recent replication attempt failed:
                From DC to BACKUPDC
                Naming Context: DC=ForestDnsZones,DC=bannaridc,DC=com
                The replication generated an error (1256):
                The remote system is not available. For information about network troubleshooting, see Windows Help.
                The failure occurred at 2014-06-30 11:28:05.
                The last success occurred at 2014-05-12 09:23:27.
                1181 failures have occurred since the last success.
             REPLICATION LATENCY WARNING
             ERROR: Expected notification link is missing.
             Source DC
             Replication of new changes along this path will be delayed.
             This problem should self-correct on the next periodic sync.
             [Replications Check,BACKUPDC] A recent replication attempt failed:
                From DC to BACKUPDC
                Naming Context: DC=DomainDnsZones,DC=bannaridc,DC=com
                The replication generated an error (1256):
                The remote system is not available. For information about network troubleshooting, see Windows Help.
                The failure occurred at 2014-06-30 11:28:05.
                The last success occurred at 2014-05-12 09:33:40.
                1181 failures have occurred since the last success.
             REPLICATION LATENCY WARNING
             ERROR: Expected notification link is missing.
             Source DC
             Replication of new changes along this path will be delayed.
             This problem should self-correct on the next periodic sync.
             [Replications Check,BACKUPDC] A recent replication attempt failed:
                From DC to BACKUPDC
                Naming Context: CN=Schema,CN=Configuration,DC=bannaridc,DC=com
                The replication generated an error (5):
                Access is denied.
                The failure occurred at 2014-06-30 11:28:05.
                The last success occurred at 2014-05-12 09:23:26.
                1181 failures have occurred since the last success.
             [Replications Check,BACKUPDC] A recent replication attempt failed:
                From DC to BACKUPDC
                Naming Context: CN=Configuration,DC=bannaridc,DC=com
                The replication generated an error (5):
                Access is denied.
                The failure occurred at 2014-06-30 11:28:05.
                The last success occurred at 2014-05-12 09:23:26.
                1181 failures have occurred since the last success.
             REPLICATION LATENCY WARNING
             ERROR: Expected notification link is missing.
             Source DC
             Replication of new changes along this path will be delayed.
             This problem should self-correct on the next periodic sync.
             [Replications Check,BACKUPDC] A recent replication attempt failed:
                From DC to BACKUPDC
                Naming Context: DC=bannaridc,DC=com
                The replication generated an error (5):
                Access is denied.
                The failure occurred at 2014-06-30 11:28:05.
                The last success occurred at 2014-05-12 09:42:25.
                1477 failures have occurred since the last success.
             REPLICATION LATENCY WARNING
             ERROR: Expected notification link is missing.
             Source DC
             Replication of new changes along this path will be delayed.
             This problem should self-correct on the next periodic sync.
             REPLICATION-RECEIVED LATENCY WARNING
             BACKUPDC:  Current time is 2014-06-30 12:20:45.
                DC=ForestDnsZones,DC=bannaridc,DC=com
                   Last replication recieved from DC at 2014-05-12 09:23:27.
                DC=DomainDnsZones,DC=bannaridc,DC=com
                   Last replication recieved from DC at 2014-05-12 09:33:40.
                CN=Schema,CN=Configuration,DC=bannaridc,DC=com
                   Last replication recieved from DC at 2014-05-12 09:23:26.
                CN=Configuration,DC=bannaridc,DC=com
                   Last replication recieved from DC at 2014-05-12 09:23:26.
                DC=bannaridc,DC=com
                   Last replication recieved from DC at 2014-05-12 09:42:25.
             ......................... BACKUPDC passed test Replications
          Starting test: NCSecDesc
             ......................... BACKUPDC passed test NCSecDesc
          Starting test: NetLogons
             ......................... BACKUPDC passed test NetLogons
          Starting test: Advertising
             ......................... BACKUPDC passed test Advertising
          Starting test: KnowsOfRoleHolders
             ......................... BACKUPDC passed test KnowsOfRoleHolders
          Starting test: RidManager
             ......................... BACKUPDC passed test RidManager
          Starting test: MachineAccount
             ......................... BACKUPDC passed test MachineAccount
          Starting test: Services
             ......................... BACKUPDC passed test Services
          Starting test: ObjectsReplicated
             ......................... BACKUPDC passed test ObjectsReplicated
          Starting test: frssysvol
             ......................... BACKUPDC passed test frssysvol
          Starting test: frsevent
             ......................... BACKUPDC passed test frsevent
          Starting test: kccevent
             ......................... BACKUPDC passed test kccevent
          Starting test: systemlog
             ......................... BACKUPDC passed test systemlog
          Starting test: VerifyReferences
             ......................... BACKUPDC passed test VerifyReferences
       
       Running partition tests on : ForestDnsZones
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
       
       Running partition tests on : DomainDnsZones
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
       
       Running partition tests on : Schema
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
       
       Running partition tests on : Configuration
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
       
       Running partition tests on : bannaridc
          Starting test: CrossRefValidation
             ......................... bannaridc passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... bannaridc passed test CheckSDRefDom
       
       Running enterprise tests on : bannaridc.com
          Starting test: Intersite
             ......................... bannaridc.com passed test Intersite
          Starting test: FsmoCheck
             ......................... bannaridc.com passed test FsmoCheck


    Domain Controller Diagnosis

    Performing initial setup:
       Done gathering initial info.

    Doing initial required tests
       
       Testing server: Default-First-Site-Name\DC
          Starting test: Connectivity
             ......................... DC passed test Connectivity

    Doing primary tests
       
       Testing server: Default-First-Site-Name\DC

    DNS Tests are running and not hung. Please wait a few minutes...
       
       Running partition tests on : ForestDnsZones
       
       Running partition tests on : DomainDnsZones
       
       Running partition tests on : Schema
       
       Running partition tests on : Configuration
       
       Running partition tests on : bannaridc
       
       Running enterprise tests on : bannaridc.com
          Starting test: DNS
             ......................... bannaridc.com passed test DNS

    Monday, June 30, 2014 7:36 AM

Answers

  • Hello,

    BEFORE doing any kind of restore!!!

    Please arrange ip settings on the DCs as:

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : backupdc
       Primary Dns Suffix  . . . . . . . : bannaridc.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : bannaridc.com

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
     VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-D4-AF-AC
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.11
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
                                                   172.16.4.11   Primary WINS Server . . . . . . . : 172.16.4.11

    AND

     Host Name . . . . . . . . . . . . : DC

       Primary Dns Suffix  . . . . . . . : bannaridc.com

       Node Type . . . . . . . . . . . . : Hybrid

       IP Routing Enabled. . . . . . . . : No

       WINS Proxy Enabled. . . . . . . . : No

       DNS Suffix Search List. . . . . . : bannaridc.com



    Ethernet adapter Local Area Connection 2:
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-25-A0-6A
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.1
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
                                                   172.16.4.11
       Primary WINS Server . . . . . . . : 172.16.4.11

    After the changes reboot "backupDC" and after that run ipconfig /flushdns and ipconfig /registerdns and restart the netlogon service on "DC".

    Now let it run some hours and then provide the following output files via SkyDrive:

    ipconfig /all >c:\ipconfig.log [from each DC/DNS Server]
    dcdiag /v /c /d /e /s:dcname >c:\dcdiag.log
    repadmin /showrepl dc* /verbose /all /intersite >c:\repl.log  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
    dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)
    ADREPLSTATUS http://www.microsoft.com/en-us/download/details.aspx?id=30005 can also be exported to file.

    As the output will become large, DON'T post them into the thread, please use Windows OneDrive (onedrive.live.com) [with open access!] and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, July 5, 2014 3:57 PM

All replies

  • adding the result from the failed adc for test dns


    Domain Controller Diagnosis

    Performing initial setup:
       Done gathering initial info.

    Doing initial required tests
       
       Testing server: Default-First-Site-Name\BACKUPDC
          Starting test: Connectivity
             ......................... BACKUPDC passed test Connectivity

    Doing primary tests
       
       Testing server: Default-First-Site-Name\BACKUPDC

    DNS Tests are running and not hung. Please wait a few minutes...
       
       Running partition tests on : ForestDnsZones
       
       Running partition tests on : DomainDnsZones
       
       Running partition tests on : Schema
       
       Running partition tests on : Configuration
       
       Running partition tests on : bannaridc
       
       Running enterprise tests on : bannaridc.com
          Starting test: DNS
             Test results for domain controllers:
                
                DC: backupdc.bannaridc.com
                Domain: bannaridc.com

                      
                   TEST: Basic (Basc)
                      Warning: The Active Directory zone on this DC/DNS server was not found (probably a misconfiguration)
             
             Summary of DNS test results:
             
                                                Auth Basc Forw Del  Dyn  RReg Ext  
                   ________________________________________________________________
                Domain: bannaridc.com
                   backupdc                     PASS WARN n/a  n/a  n/a  n/a  n/a  
             
             ......................... bannaridc.com passed test DNS

    Monday, June 30, 2014 7:40 AM
  • Can you post an ipConfig /all from both DC's?

    It appears like backupdc.bannaridc.com's dns may not be working? 

    It is odd it tells you it passed DNS yet the zone is missing.  Look at the DNS zone that backupdc.bannaridc.com is pointing at.  Does the zone exist on this DC?


    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security, BS CSci
    2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
    Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
    Please no e-mails, any questions should be posted in the NewsGroup.
    This posting is provided AS IS with no warranties, and confers no rights.

    Monday, June 30, 2014 11:56 AM
    Moderator

  • Windows IP Configuration
       Host Name . . . . . . . . . . . . : backupdc
       Primary Dns Suffix  . . . . . . . : bannaridc.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : bannaridc.com
    Ethernet adapter Local Area Connection 2:
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-D4-AF-AC
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.11
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.1
       DNS Servers . . . . . . . . . . . : 172.16.4.1
       Primary WINS Server . . . . . . . : 172.16.4.11


    Windows IP Configuration



       Host Name . . . . . . . . . . . . : DC

       Primary Dns Suffix  . . . . . . . : bannaridc.com

       Node Type . . . . . . . . . . . . : Hybrid

       IP Routing Enabled. . . . . . . . : No

       WINS Proxy Enabled. . . . . . . . : No

       DNS Suffix Search List. . . . . . : bannaridc.com



    Ethernet adapter Local Area Connection 2:
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-25-A0-6A
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.1
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
       Primary WINS Server . . . . . . . : 172.16.4.11



    Ethernet adapter Local Area Connection:
      Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)
       Physical Address. . . . . . . . . : 00-1A-64-25-A0-68
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Autoconfiguration IP Address. . . : 169.XXX.XXX.XX
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 

    ***Please note the second  adapter is  not connected to any network.


    • Edited by Surenekr Wednesday, July 2, 2014 8:04 AM
    Wednesday, July 2, 2014 5:02 AM
  • Hello,

    "backupdc" uses the default gateway as DNS server according to:

    Windows IP Configuration
       Host Name . . . . . . . . . . . . : backupdc
       Primary Dns Suffix  . . . . . . . : bannaridc.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : bannaridc.com
    Ethernet adapter Local Area Connection 2:
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-D4-AF-AC
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.11
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.1
       DNS Servers . . . . . . . . . . . : 172.16.4.1
       Primary WINS Server . . . . . . . : 172.16.4.11

    So please check the configured DNS server.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Wednesday, July 2, 2014 10:17 AM
  • Hi,

    Thanks for your reply.    Both these servers are on the same network.

    BACKUP DC eventviewer I am getting the Error 4000 & 4013.

    Directory Service EVENT  : 1586, 1864, 2093 in Backupdc

       

    The local domain controller has not recently received replication information from a number of domain controllers.   The count of domain controllers is shown, divided into the following intervals. 

    More than 24 hours:

    More than a week:

    More than one month:

    More than two months:

    More than a tombstone lifetime:

    Tombstone lifetime (days):
    60 
     Domain controllers that do not replicate in a timely manner may encounter errors. It may miss password changes and be unable to authenticate. A DC that has not replicated in a tombstone lifetime may have missed the deletion of some objects, and may be automatically blocked from future replication until it is reconciled. 

    To identify the domain controllers by name, install the support tools included on the installation  CD and run dcdiag.exe. 
    You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest.   The command is "repadmin /showvector /latency <partition-dn>".

    For more information, see Help and Support Center at 

    he Windows NT 4.0 or earlier replication checkpoint with the PDC emulator master was unsuccessful. 
     
    A full synchronization of the security accounts manager (SAM) database to domain controllers running Windows NT 4.0 and earlier might take place if the PDC emulator master role is transferred to the local domain controller before the next successful checkpoint. 
     
    The checkpoint process will be tried again in four hours. 
     
    Additional Data 
    Error value:
    5 Access is denied.

    Regards,

    Surendranath M

    Thursday, July 3, 2014 7:28 AM
  • Hello,

    backupdc use a WRONG DNS Server on the NIC!!!!!


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Thursday, July 3, 2014 8:15 AM
  • Hi,

    Changed the Gateway to firewall IP. Also attach the error of repadmin /syncall.

    One more clarificaiton.  I have the system state of this server.  which is taken 10-15 days before this corruption happen. Restore will help?

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : backupdc
       Primary Dns Suffix  . . . . . . . : bannaridc.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : bannaridc.com

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
     VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-D4-AF-AC
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.11
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
       Primary WINS Server . . . . . . . : 172.16.4.11

    C:\Documents and Settings\administrator.BANNARIDC>repadmin /syncall
    CALLBACK MESSAGE: Error contacting server bcbf105f-e755-4c24-b846-01d447834480._
    msdcs.bannaridc.com (network error): -2146893022 (0x80090322):
        The target principal name is incorrect.

    SyncAll exited with fatal Win32 error: 8440 (0x20f8):
        The naming context specified for this replication operation is invalid.

    C:\Documents and Settings\administrator.BANNARIDC>

    Friday, July 4, 2014 4:00 AM
  • Hi,

    Restore should work as long as the backup wasn’t taken more than tombstone lifetime ago, in your case it’s 60 days.

    In addition, here is a KB article below about troubleshooting the error “2146893022: The target principal name is incorrect”.

    Troubleshooting AD Replication error -2146893022: The target principal name is incorrect.

    http://support.microsoft.com/kb/2090913

    Best Regards,

    Amy

    Friday, July 4, 2014 8:31 AM
    Moderator
  • Hello,

    BEFORE doing any kind of restore!!!

    Please arrange ip settings on the DCs as:

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : backupdc
       Primary Dns Suffix  . . . . . . . : bannaridc.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : bannaridc.com

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
     VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-D4-AF-AC
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.11
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
                                                   172.16.4.11   Primary WINS Server . . . . . . . : 172.16.4.11

    AND

     Host Name . . . . . . . . . . . . : DC

       Primary Dns Suffix  . . . . . . . : bannaridc.com

       Node Type . . . . . . . . . . . . : Hybrid

       IP Routing Enabled. . . . . . . . : No

       WINS Proxy Enabled. . . . . . . . : No

       DNS Suffix Search List. . . . . . : bannaridc.com



    Ethernet adapter Local Area Connection 2:
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
       Physical Address. . . . . . . . . : 00-1A-64-25-A0-6A
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.16.4.1
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 172.16.4.5
       DNS Servers . . . . . . . . . . . : 172.16.4.1
                                                   172.16.4.11
       Primary WINS Server . . . . . . . : 172.16.4.11

    After the changes reboot "backupDC" and after that run ipconfig /flushdns and ipconfig /registerdns and restart the netlogon service on "DC".

    Now let it run some hours and then provide the following output files via SkyDrive:

    ipconfig /all >c:\ipconfig.log [from each DC/DNS Server]
    dcdiag /v /c /d /e /s:dcname >c:\dcdiag.log
    repadmin /showrepl dc* /verbose /all /intersite >c:\repl.log  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
    dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)
    ADREPLSTATUS http://www.microsoft.com/en-us/download/details.aspx?id=30005 can also be exported to file.

    As the output will become large, DON'T post them into the thread, please use Windows OneDrive (onedrive.live.com) [with open access!] and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, July 5, 2014 3:57 PM
  • Hi

    It looks like your ADC got crashed. Either you can restore from the backup or just got metadata cleanup of the DC from the other live DC and install as fresh DC. Please make sure all the DNS records were removed for that crashed DC once you have done the metadata cleanup.

    Sunday, July 6, 2014 5:29 PM