none
DC will not replicate in sites/services RRS feed

  • Question

  • I have a new 2008 r2 DC that is also holding user profiles that will not replicate in sites and services..

    I am getting 1865/1311/1566 AD KCC errors.

    trying to replicate manually in sites and services gives me THe Remote Procedure call failed and did not execute

    It runs / resolves users get their profiles etc. however

    I have actually tried to dcpromo to remove it from the domain but I get an error on reaching the main DC.

    I checked dns, flushed/registered the cache.

    trying to repadmin /bind to another server gives me an ldap 81 error

    ANyone been thru this mess?

    Help! Thanks :-D

    Monday, February 25, 2013 9:36 PM

Answers

All replies

  • All DNS entrie are there

    No Orphaned DCs

    I did recently decommission the original FSMO DC but all went smoothly. However when checking schema ops master on this machine (only one with a problem)

    It says FSMO server is offline. 

    I cannot ntdsutil bind to any other server as well.

    Tuesday, February 26, 2013 2:10 PM
  • Ok - 

    Its been a long and painful day.

    I belielve I have everything back to normal.

    Being that I could get no AD communicatoin I force-ably removed this DC from the domain

    Cleaned everything up AD/DNS wise

    Then tried t o rerun dcpromo.

    I got 3/4 way through and got a "no computer account found in this domain" error.

    All AD entries were ok so another stumbling block.

    What I would up doing was manully addding this DC/server into the default domain policies rights and also the abiltiy to access over the network.

    Restarted  / joined the domain / and all is replicating.

    Hope this helps someone else.

    Tuesday, February 26, 2013 9:25 PM
  • Ok so this was all a false positive. Looks like all is replicating at first but really not. 

    Still have the same issues. Here is some info that may help someone help me find the issue.

    I cannot run netdom query fsmo, dcdiag /fix errors, and repadmin /showrepl here as well.

    I can run these on all other DC's without issue. The problem DC and the FSMO DC actually sit right next to each other. Same site same subnet.

    Any help is really appreciated

    ***************************************

    ****************************************

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Users\administrator.MYDOMAIN>netdom query fsmo
    The remote procedure call failed and did not execute.

    The command failed to complete successfully.


    C:\Users\administrator.MYDOMAIN>



    *******************************************************
    *******************************************************

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Users\administrator.MYDOMAIN>dcdiag /fix

    Directory Server Diagnosis

    Performing initial setup:
       Trying to find home server...
       Home Server = WH4SVR2
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\WH4SVR2
          Starting test: Connectivity
             ......................... WH4SVR2 passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\WH4SVR2
          Starting test: Advertising
             Warning: DsGetDcName returned information for \\WH4SVR1.MYDOMAIN.com,
             when we were trying to reach WH4SVR2.
             SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... WH4SVR2 failed test Advertising
          Starting test: FrsEvent
             There are warning or error events within the last 24 hours after the
             SYSVOL has been shared.  Failing SYSVOL replication problems may cause
             Group Policy problems.
             ......................... WH4SVR2 passed test FrsEvent
          Starting test: DFSREvent
             ......................... WH4SVR2 passed test DFSREvent
          Starting test: SysVolCheck
             ......................... WH4SVR2 passed test SysVolCheck
          Starting test: KccEvent
             A warning event occurred.  EventID: 0x8000061E
                Time Generated: 02/27/2013   08:27:34
                Event String:
                All directory servers in the following site that can replicate the d
    irectory partition over this transport are currently unavailable.
             An error event occurred.  EventID: 0xC000051F
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) has detected problems with t
    he following directory partition.
             A warning event occurred.  EventID: 0x80000749
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) was unable to form a complet
    e spanning tree network topology. As a result, the following list of sites canno
    t be reached from the local site.
             A warning event occurred.  EventID: 0x8000061E
                Time Generated: 02/27/2013   08:27:34
                Event String:
                All directory servers in the following site that can replicate the d
    irectory partition over this transport are currently unavailable.
             An error event occurred.  EventID: 0xC000051F
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) has detected problems with t
    he following directory partition.
             A warning event occurred.  EventID: 0x80000749
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) was unable to form a complet
    e spanning tree network topology. As a result, the following list of sites canno
    t be reached from the local site.
             A warning event occurred.  EventID: 0x8000061E
                Time Generated: 02/27/2013   08:27:34
                Event String:
                All directory servers in the following site that can replicate the d
    irectory partition over this transport are currently unavailable.
             An error event occurred.  EventID: 0xC000051F
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) has detected problems with t
    he following directory partition.
             A warning event occurred.  EventID: 0x80000749
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) was unable to form a complet
    e spanning tree network topology. As a result, the following list of sites canno
    t be reached from the local site.
             A warning event occurred.  EventID: 0x8000061E
                Time Generated: 02/27/2013   08:27:34
                Event String:
                All directory servers in the following site that can replicate the d
    irectory partition over this transport are currently unavailable.
             An error event occurred.  EventID: 0xC000051F
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) has detected problems with t
    he following directory partition.
             A warning event occurred.  EventID: 0x80000749
                Time Generated: 02/27/2013   08:27:34
                Event String:
                The Knowledge Consistency Checker (KCC) was unable to form a complet
    e spanning tree network topology. As a result, the following list of sites canno
    t be reached from the local site.
             A warning event occurred.  EventID: 0x80000785
                Time Generated: 02/27/2013   08:28:12
                Event String:
                The attempt to establish a replication link for the following writab
    le directory partition failed.
             ......................... WH4SVR2 failed test KccEvent
          Starting test: KnowsOfRoleHolders







    **********************************************************************************
    ************************************************************************************


    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Users\administrator.MYDOMAIN>repadmin /showrepl

    Repadmin: running command /showrepl against full DC localhost
    Default-First-Site-Name\WH4SVR2
    DSA Options: IS_GC
    Site Options: (none)
    DSA object GUID: 1ac940a0-5202-4bd7-abce-ef5486bf06b2
    DSA invocationID: fd4dfefa-c601-4994-914d-6cc69c142b18

    ==== INBOUND NEIGHBORS ======================================

    DC=MYDOMAIN,DC=com
        Default-First-Site-Name\WH4SVR1 via RPC
            DSA object GUID: 1c9aaad5-f30e-4d36-aa54-05027a326ced
            Last attempt @ 2013-02-27 08:42:12 failed, result 1727 (0x6bf):
                The remote procedure call failed and did not execute.
            639 consecutive failure(s).
            Last success @ 2013-02-26 16:37:45.

    CN=Configuration,DC=MYDOMAIN,DC=com
        Default-First-Site-Name\WH4SVR1 via RPC
            DSA object GUID: 1c9aaad5-f30e-4d36-aa54-05027a326ced
            Last attempt @ 2013-02-27 08:40:18 failed, result 1727 (0x6bf):
                The remote procedure call failed and did not execute.
            107 consecutive failure(s).
            Last success @ 2013-02-26 16:37:48.

    CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com
        Default-First-Site-Name\WH4SVR1 via RPC
            DSA object GUID: 1c9aaad5-f30e-4d36-aa54-05027a326ced
            Last attempt @ 2013-02-27 07:51:25 failed, result 1727 (0x6bf):
                The remote procedure call failed and did not execute.
            18 consecutive failure(s).
            Last success @ 2013-02-26 15:59:02.

    DC=DomainDnsZones,DC=MYDOMAIN,DC=com
        Default-First-Site-Name\WH4SVR1 via RPC
            DSA object GUID: 1c9aaad5-f30e-4d36-aa54-05027a326ced
            Last attempt @ 2013-02-27 07:50:09 failed, result 1256 (0x4e8):
                The remote system is not available. For information about network tr
    oubleshooting, see Windows Help.
            17 consecutive failure(s).
            Last success @ (never).

    Source: Default-First-Site-Name\WH4SVR1
    ******* 54 CONSECUTIVE FAILURES since 2013-02-26 16:40:03
    Last error: 1727 (0x6bf):
                The remote procedure call failed and did not execute.

    Naming Context: DC=ForestDnsZones,DC=MYDOMAIN,DC=com
    Source: Default-First-Site-Name\WH4SVR1
    ******* WARNING: KCC could not add this REPLICA LINK due to error.


    C:\Users\administrator.MYDOMAIN>

    Wednesday, February 27, 2013 1:42 PM
  • HEre is a port qry from the problem dc to the fsmo server

    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 135 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 135 (epmap service): LISTENING

    Using ephemeral source port
    Querying Endpoint Mapper Database...
    Server's response:

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
    ncacn_ip_tcp:10.50.1.3[49152]

    UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076 
    ncacn_ip_tcp:10.50.1.3[49229]

    UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48 Remote Fw APIs
    ncacn_ip_tcp:10.50.1.3[49180]

    UUID: 12345678-1234-abcd-ef00-0123456789ab IPSec Policy agent endpoint
    ncacn_ip_tcp:10.50.1.3[49180]

    UUID: 367abb81-9844-35f1-ad32-98f038001003 
    ncacn_ip_tcp:10.50.1.3[49174]

    UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
    ncacn_ip_tcp:10.50.1.3[49165]

    UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
    ncacn_ip_tcp:10.50.1.3[49165]

    UUID: a00c021c-2be2-11d2-b678-0000f87a8f8e PERFMON SERVICE
    ncacn_ip_tcp:10.50.1.3[49165]

    UUID: 6bffd098-a112-3610-9833-46c3f874532d 
    ncacn_ip_tcp:10.50.1.3[49164]

    UUID: 5b821720-f63b-11d0-aad2-00c04fc324db 
    ncacn_ip_tcp:10.50.1.3[49164]

    UUID: eb107bd0-c461-11cf-9522-00805fd4a309 CpqRcmc
    ncacn_np:10.50.1.3[\\pipe\\cpqrcmc]

    UUID: 76f03f96-cdfd-44fc-a22c-64950a001209 Spooler function endpoint
    ncacn_np:10.50.1.3[\\pipe\\spoolss]

    UUID: 76f03f96-cdfd-44fc-a22c-64950a001209 Spooler function endpoint
    ncacn_ip_tcp:10.50.1.3[49159]

    UUID: ae33069b-a2a8-46ee-a235-ddfd339be281 Spooler base remote object endpoint
    ncacn_np:10.50.1.3[\\pipe\\spoolss]

    UUID: ae33069b-a2a8-46ee-a235-ddfd339be281 Spooler base remote object endpoint
    ncacn_ip_tcp:10.50.1.3[49159]

    UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 Spooler function endpoint
    ncacn_np:10.50.1.3[\\pipe\\spoolss]

    UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 Spooler function endpoint
    ncacn_ip_tcp:10.50.1.3[49159]

    UUID: 4a452661-8290-4b36-8fbe-7f4093a94978 Spooler function endpoint
    ncacn_np:10.50.1.3[\\pipe\\spoolss]

    UUID: 4a452661-8290-4b36-8fbe-7f4093a94978 Spooler function endpoint
    ncacn_ip_tcp:10.50.1.3[49159]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_http:10.50.1.3[49157]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_http:10.50.1.3[49157]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_http:10.50.1.3[49157]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_http:10.50.1.3[49157]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_ip_tcp:10.50.1.3[49158]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_http:10.50.1.3[49157]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_ip_tcp:10.50.1.3[49158]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_np:10.50.1.3[\\pipe\\lsass]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_np:10.50.1.3[\\PIPE\\protected_storage]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_ip_tcp:10.50.1.3[49155]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_http:10.50.1.3[49157]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_ip_tcp:10.50.1.3[49158]

    UUID: 3473dd4d-2e88-4006-9cba-22570909dd10 WinHttp Auto-Proxy Service
    ncacn_np:10.50.1.3[\\PIPE\\W32TIME_ALT]

    UUID: 1ff70682-0a51-30e8-076d-740be8cee98b 
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f 
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c 
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c 
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:10.50.1.3[\\PIPE\\srvsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:10.50.1.3[\\PIPE\\srvsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:10.50.1.3[\\PIPE\\srvsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_np:10.50.1.3[\\PIPE\\atsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_ip_tcp:10.50.1.3[49154]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_np:10.50.1.3[\\PIPE\\srvsvc]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_np:10.50.1.3[\\pipe\\eventlog]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_ip_tcp:10.50.1.3[49153]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_np:10.50.1.3[\\pipe\\eventlog]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_ip_tcp:10.50.1.3[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_np:10.50.1.3[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_ip_tcp:10.50.1.3[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_np:10.50.1.3[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_ip_tcp:10.50.1.3[49153]

    UUID: 76f226c3-ec14-4325-8a99-6a46348418af 
    ncacn_np:10.50.1.3[\\PIPE\\InitShutdown]

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
    ncacn_np:10.50.1.3[\\PIPE\\InitShutdown]

    Total endpoints found: 75



    ==== End of RPC Endpoint Mapper query response ====
    portqry.exe -n 10.50.1.3 -e 135 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 389 -p BOTH ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 389 (ldap service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 389...

    LDAP query response:


    currentdate: 02/27/2013 14:27:25 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com
    dsServiceName: CN=NTDS Settings,CN=WH4SVR1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com
    namingContexts: DC=MYDOMAIN,DC=com
    defaultNamingContext: DC=MYDOMAIN,DC=com
    schemaNamingContext: CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com
    configurationNamingContext: CN=Configuration,DC=MYDOMAIN,DC=com
    rootDomainNamingContext: DC=MYDOMAIN,DC=com
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 711579
    supportedSASLMechanisms: GSSAPI
    dnsHostName: WH4SVR1.MYDOMAIN.com
    ldapServiceName: MYDOMAIN.com:wh4svr1$@MYDOMAIN.COM
    serverName: CN=WH4SVR1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 2
    forestFunctionality: 0
    domainControllerFunctionality: 4


    ======== End of LDAP query response ========

    UDP port 389 (unknown service): LISTENING or FILTERED

    Using ephemeral source port
    Sending LDAP query to UDP port 389...

    LDAP query to port 389 failed
    Server did not respond to LDAP query

    portqry.exe -n 10.50.1.3 -e 389 -p BOTH exits with return code 0x00000001.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 636 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 636 (ldaps service): LISTENING
    portqry.exe -n 10.50.1.3 -e 636 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 3268 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 3268 (msft-gc service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 3268...

    LDAP query response:


    currentdate: 02/27/2013 14:27:49 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com
    dsServiceName: CN=NTDS Settings,CN=WH4SVR1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com
    namingContexts: DC=MYDOMAIN,DC=com
    defaultNamingContext: DC=MYDOMAIN,DC=com
    schemaNamingContext: CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com
    configurationNamingContext: CN=Configuration,DC=MYDOMAIN,DC=com
    rootDomainNamingContext: DC=MYDOMAIN,DC=com
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 711581
    supportedSASLMechanisms: GSSAPI
    dnsHostName: WH4SVR1.MYDOMAIN.com
    ldapServiceName: MYDOMAIN.com:wh4svr1$@MYDOMAIN.COM
    serverName: CN=WH4SVR1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 2
    forestFunctionality: 0
    domainControllerFunctionality: 4


    ======== End of LDAP query response ========
    portqry.exe -n 10.50.1.3 -e 3268 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 3269 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 3269 (msft-gc-ssl service): LISTENING
    portqry.exe -n 10.50.1.3 -e 3269 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 53 -p BOTH ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 53 (domain service): LISTENING

    UDP port 53 (domain service): LISTENING
    portqry.exe -n 10.50.1.3 -e 53 -p BOTH exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 88 -p BOTH ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 88 (kerberos service): LISTENING

    UDP port 88 (kerberos service): LISTENING or FILTERED
    portqry.exe -n 10.50.1.3 -e 88 -p BOTH exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 445 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 445 (microsoft-ds service): LISTENING
    portqry.exe -n 10.50.1.3 -e 445 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 137 -p UDP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    UDP port 137 (netbios-ns service): LISTENING or FILTERED

    Using ephemeral source port
    Attempting NETBIOS adapter status query to UDP port 137...

    Server's response: MAC address ac162dbeab5e
    UDP port: LISTENING
    portqry.exe -n 10.50.1.3 -e 137 -p UDP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 138 -p UDP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    UDP port 138 (netbios-dgm service): LISTENING or FILTERED
    portqry.exe -n 10.50.1.3 -e 138 -p UDP exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 139 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 139 (netbios-ssn service): LISTENING
    portqry.exe -n 10.50.1.3 -e 139 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.50.1.3 -e 42 -p TCP ...


    Querying target system called:

     10.50.1.3

    Attempting to resolve IP address to a name...


    IP address resolved to wh4svr1.MYDOMAIN.com

    querying...

    TCP port 42 (nameserver service): NOT LISTENING
    portqry.exe -n 10.50.1.3 -e 42 -p TCP exits with return code 0x00000001.

    Wednesday, February 27, 2013 2:28 PM
  • Ok So not getting any responses from the forum (which is disappointing) but ill keep posting anyway

    Running a repadmin /replsummary shows all other DCs ok with no errors. The DC in question does not show on the list but I get a "Experienced the following operational....error 58" in the msdcs zone with the FQDN that points to the problem server in question.

    Wednesday, February 27, 2013 7:05 PM
  • more info that may help as I continue to research the crazy issues.

    THe new DC's DC1 and DC2 are both HP 2008 r2 64

    DC1 now holds FSMO. I have been seeing intermittent pack drops on dc1 as well

    Both servers had nic teaming enabled. I have read this may cause issues in a DC. I dropped the team and uninstalled the HP config utility in the adapters properties.

    I am now curious if this also plays a role in all of this. 

    Wednesday, February 27, 2013 7:16 PM
  • You are correct NIC teaming is not recommended on DC.http://social.technet.microsoft.com/Forums/en/winserverDS/thread/f5dea401-5a3b-4ddb-8bb8-8d2b2e2db55b

    I would also recommend to disable AV.It could be due to AV or 3rd party security application?Many AVs (McAfee,Symantec, Trend, etc), seem to have a *trend,* so to speak, of causing AD and other communications problems with their new "protect network traffic" (or similar) feature that acts like a firewall.Disable the AV and check.

    Also, disable local windows firewall service, by default it is enabled in vista/windows 2008 and above. Check the network connectivity and latency.
    Disable Windows Firewall: http://technet.microsoft.com/en-us/library/cc766337(WS.10).aspx

    REMOTE PROCEDURE CALL failed and did not execute (1727)
    http://social.technet.microsoft.com/Forums/en-US/winserverManagement/thread/cc5f8da9-0540-4d3d-9753-af72ec66efc6/
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a8adbdf3-1fb5-4241-9d32-5e5a5763697c/

    Also the dcdiag output indicates as below.

    Warning: DsGetDcName returned information for \\WH4SVR1.MYDOMAIN.com,
             when we were trying to reach WH4SVR2.
             SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... WH4SVR2 failed test Advertising

    It seems that netlogon and sysvol share is missing.Ran net share command to check the same.Check the sysvol folder are the policies and script folder replicated or not.If it is not replicated you need to perfrom authorative and non authorative of sysvol folder to fix the same.
    Refer below link:http://support.microsoft.com/kb/290762.Take the backup of policies and script folder from all DC's and copy the same to alternate location before you proceed.

    Configuring the time service on the PDC Emulator FSMO role holder
    http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Wednesday, February 27, 2013 9:53 PM
  • Thanks for the reply,

    I have checked all the above.

    Made a lot of changes yesterday.

    No Nic Teaming

    No AV

    No firewall

    Sysvol has copied over.

    as of this morning here are the  errors I am seeing from the 2 DC's

    From the main fsmo DC

    Log Name:      Directory Service
    Source:        Microsoft-Windows-ActiveDirectory_DomainService
    Date:          2/28/2013 8:21:04 AM
    Event ID:      1925
    Task Category: Knowledge Consistency Checker
    Level:         Warning
    Keywords:      Classic
    User:          ANONYMOUS LOGON
    Computer:      WH4SVR1.MYDOMAIN.com
    Description:
    The attempt to establish a replication link for the following writable directory partition failed. 

    Directory partition: 
    CN=Configuration,DC=MYDOMAIN,DC=com 
    Source directory service: 
    CN=NTDS Settings,CN=WH4SVR2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com 
    Source directory service address: 
    1ac940a0-5202-4bd7-abce-ef5486bf06b2._msdcs.MYDOMAIN.com 
    Intersite transport (if any): 


    This directory service will be unable to replicate with the source directory service until this problem is corrected. 

    User Action 
    Verify if the source directory service is accessible or network connectivity is available. 

    Additional Data 
    Error value: 
    1726 The remote procedure call failed.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS KCC" />
        <EventID Qualifiers="32768">1925</EventID>
        <Version>0</Version>
        <Level>3</Level>
        <Task>1</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8080000000000000</Keywords>
        <TimeCreated SystemTime="2013-02-28T13:21:04.793673000Z" />
        <EventRecordID>2749</EventRecordID>
        <Correlation />
        <Execution ProcessID="516" ThreadID="1156" />
        <Channel>Directory Service</Channel>
        <Computer>WH4SVR1.MYDOMAIN.com</Computer>
        <Security UserID="S-1-5-7" />
      </System>
      <EventData>
        <Data>CN=Configuration,DC=MYDOMAIN,DC=com</Data>
        <Data>1ac940a0-5202-4bd7-abce-ef5486bf06b2._msdcs.MYDOMAIN.com</Data>
        <Data>The remote procedure call failed.</Data>
        <Data>CN=NTDS Settings,CN=WH4SVR2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=com</Data>
        <Data>
        </Data>
        <Data>1726</Data>
      </EventData>
    </Event>

    *************************************************************

    *************************************************************

    From the "problem" DC

    Log Name:      System
    Source:        Microsoft-Windows-DNS-Client
    Date:          2/28/2013 6:05:26 AM
    Event ID:      1014
    Task Category: None
    Level:         Warning
    Keywords:      
    User:          SYSTEM
    Computer:      WH4SVR2.MYDOMAIN.com
    Description:
    Name resolution for the name _msdcs.MYDOMAIN.com timed out after none of the configured DNS servers responded.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-DNS-Client" Guid="{1C95126E-7EEA-49A9-A3FE-A378B03DDB4D}" />
        <EventID>1014</EventID>
        <Version>0</Version>
        <Level>3</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2013-02-28T11:05:26.331174500Z" />
        <EventRecordID>57968</EventRecordID>
        <Correlation />
        <Execution ProcessID="516" ThreadID="4340" />
        <Channel>System</Channel>
        <Computer>WH4SVR2.MYDOMAIN.com</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="QueryName">_msdcs.MYDOMAIN.com</Data>
        <Data Name="AddressLength">16</Data>
        <Data Name="Address">020000350A3201030000000000000000</Data>
      </EventData>
    </Event>

    Thursday, February 28, 2013 1:35 PM
  • Hi,

    About Event ID 1014 Microsoft Windows DNS Client

    http://social.technet.microsoft.com/wiki/contents/articles/3336.event-id-1014-microsoft-windows-dns-client.aspx

    Regards.


    Vivian Wang
    TechNet Community Support


    Friday, March 1, 2013 9:22 AM
    Moderator