When you run repadmin /replsummary Command this will display the current status of the Domain Controllers.
Seems like there are a couple of DC’s are not replicating and need to check this one by one. In this situation you can see that couple of sites were not synced for more than 60 days.
This can be happened because of coupe of issue. I have listed a few of them that comes to mind. Hope when you are reading this, you will also take this as a check list and verify your environment before going for the deep troubleshooting
1. Changes have done to the network.
2. New firewall rules added.
3. Initially two paths(or VPN) were there to communicate with the branch network and suddenly one failed.
4. New DNS Server added or new PDC added to the head office
5. Secondary Domain Controller was offline for couple of months.
6. VPN network is extremely slow and time to time connectivity issues also occurring.
If these kind of issues are there in the network then you should address those issues first. then can go deeper to the second level troubleshooting.
---------------------------------------------------------------------------------------------------------------------------------
Once you run repadmin /syncall command on one of that server you will get and information like below,
To troubleshoot the issue, First need to check whether this server is resolving the DNS.
Go to DNS setting and rite click on the Server name and go to Properties.
Check the Interfaces and the Forwarders. Under Interfaces you need to make sure the correct listing interface is configured and under forwarders need to add the correct DNS server which this server can resolve the FQDNs
Under interfaces, Sometime you will see couple of interfaces which is configured in the Server. Then you can select the correct listening interface by selecting the “Only the following IP address” Radio button.
Check whether the correct name servers are added.Go in to Forwarder Lookup Zone in DNS Manager. Right click on "Domainname.com" then select properties.
Under Name servers check whether the correct name server are there. If not add them
Under Forwarder check whether correct DNS Server is listed. If not add that and checked whether that IP address is resolving the FQDN
Once this done verify the startup value and service status for the is correct for the below mentioned Windows services.
Reference : https://support.microsoft.com/en-us/kb/2102154
Once this done you need to check the Correct Sites were added under site and services . This you need to check in PDC and the ADC.
You can right click on NTDSsettins and select New > Connection then add the correct Active Directory domain controller. Now new ADC connection was added.
Now you can run dcdiag /test:dns
The replication will take time and this will depend on the network connectivity. keep for couple of hours and restart the ADC and check the replication.
If you want to do the replication forcefully you can run,
repadmin /syncall /APed
If you still facing issues with the replication, you need to do a metadata cleanup on those two servers.
No comments:
Post a Comment