![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 57.99999999999999%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 81%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECT%3C/text%3E%3C/svg%3E)
Hello Tyler,
Thank you for posting question on Microsoft Windows Forum.
Based on the symptoms and the Event ID 1311 and 1925, it looks like Server C is able to **receive** replication but is failing to **send** it, which suggests a topology or DNS resolution issue from the perspective of Server A and B.
- For the Event ID 1311 (KCC) which indicates that the Knowledge Consistency Checker can't build a complete replication topology. This often points to missing site link connectivity, bridgehead misconfigurations, or disjoint site links. For more information about this Event https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/troubleshoot-event-id-1311-messages
- Regarding the Event ID 1925 which suggests that DNS lookup failed when trying to establish a replication link. This can happen if the source DC can't resolve the target DC’s name or locate its SRV records For more information about this Event https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/active-directory-replication-event-id-1925-dns-lookup As a result, you can try the following suggested troubleshooting steps.
1.Verify DNS Resolution from Problematic DCs.
- On Server A & B, run:
- nslookup ServerC.yourdomain.com
- nslookup -type=srv _ldap._tcp.yourdomain.com
- Ensure they resolve Server C's correct IP (not another DC's IP)
- Check reverse lookup (PTR) records exist for Server C
2.Check Replication Topology.
- Run repadmin /showrepl and repadmin /replsummary on all DCs to identify where replication is failing.
- Use repadmin /failcache to see which DCs are reporting failures and why
3.Bridgehead & Site Link Configuration.
- Ensure Server C is properly included in a site link and that site link bridging is correctly configured.
- If your network is not fully routed, disable “Bridge all site links” in Sites and Services and manually configure site link bridges.
4.Check for Preferred Bridgehead Conflicts.
- If you have manually set preferred bridgeheads, make sure Server C hosts the required naming contexts.
- Consider removing preferred bridgehead settings temporarily to let KCC auto-select.
5.Validate SPN Registration.
- On Server C. Running the below command
- setspn -L ServerC
- Verify that the HOST/ServerC and HOST/ServerC.yourdomain.com SPNs exist.
6.Check SYSVOL/Netlogon State.
- On Server C. Running the below command
- dcdiag /test:netlogons /test:services /test:replications
- If SYSVOL is not shared, run net share to verify
7.Check secure channel health.
- Check the health of secure channel by running the following commands
- nltest /sc_verify:DOMAIN\ServerC$
- Or Powershell command Test-ComputerSecureChannel –Verbose
8.Force KCC to Recalculate Topology.
- Let the KCC rebuild the topology by running the following command
- repadmin /kcc
You can refer to the following article for further troubleshooting information about this issue.
Hope the above information is helpful!