Replication error root/child domain


  • Hi,

    We had some replication issues during our root and child domain.

    Repadmin /showreps show me: Last error 5 - access denied. DNS and time are fine and no additional errors in the eventlog or at the BPA.

    The error started at 11am at the morning when user from our child domain could not verfied. On GC is located in our site in Hamburg. As a result it could not be a WAN problem. The domain trust looks fine too.

    After we restarted all DC in the child domain everthing comes up fine after a few minutes.

    What could the reason for such a issue?

    Thanks in advance to some lightning errors!

    Best regards


    viernes, 30 de marzo de 2012 19:31


  • Christian,

     Replication Error 5 "access denied" Can be caused due to multiple reasons like ,

    1. SMB signing Mismatch between Source and Destination domain controllers ,

    2.Antivirus software blocking some communications

    3.Port Blockage on Firewall , Etc.

    Refer below link which explains this behaviour , Its causes and resolution for that.

    you can use PortQry Tool to check the necessary ports are open are not.

    Below is the link which you can refer to,

    How to use PortQry tool to troubleshoot Active directory connectivity problems.

    Also make sure the account you are using to run repadmin command line has appropraite administrator permission on it.

    If nothing of the above works as sandesh suggested , Post Dcdaig and repadmin /replsum and Ipconfig /all details.



    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    sábado, 31 de marzo de 2012 6:10
  • If rebooting resolves your issue then it might be either server was hanged or there is memory leak issue. Have you checked event log, what it says? Also, i would recommend to run a health check of your AD/domain to find out whats going wrong behind the scenes.There can also be a network network which have triggered it or antivirus creating issues.

    Even though trust for the parent and child domain automatically gets created during during configuration of the child domain, but its good idea to check the trust between parent/child domain using Nltest tool.

    Awinish Vishwakarma - MVP-DS

    My Blog:

    DisclaimerThis posting is provided AS-IS with no warranties/guarantees and confers no rights.

    sábado, 31 de marzo de 2012 7:40
  • Hi,

    Access Denied Replication Error indicates the domain controller failed to authenticate against its replication partner. This typically happens when the secure channel is broken, means its computer account password is not synchronized with the computer account password that is stored in the Active Directory of its replication.

    Check this for resolution:

    Also check for antivirus applications, some of them are with a 'network protect' feature that causes trouble.

    If issue reoccurs post the dcdiag /q and repadmin /replsum result.

    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    sábado, 31 de marzo de 2012 10:31

Todas las respuestas