Share via

DC replication failed

Kenny McMaster 0 Reputation points
2023-11-01T18:29:49.2733333+00:00

I have a virtual DC (PDC, FSMO & DNS) - vDC & physical DC - DRDC. Both are 2008 R2.

There was an issue with the PDC and it was restored from a snapshot. Since this replication has failed.

repadmin /showrepl - destination server currently rejecting requests

I cannot add a server to the domain - the specified network name is no longer available.

My plan is to replace the servers with 2019 versions but I dont know how to get the current setup working first - please help

Thank you

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-11-02T14:00:43.92+00:00
    • FSNI-VDC01 add the server's own static ip address (16.183.112.15) as primary and loopback (127.0.0.1) as secondary and remove the unknown addresses. The do an ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service.
    • FSNI-DRDC01 add the server's own static ip address (16.183.112.44) as primary and loopback (127.0.0.1) as secondary and remove the unknown addresses. The do an ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service.
    • w32time Service is stopped on [FSNI-VDC01]
    • NETLOGON Service is paused on [FSNI-VDC01]

    start these services

    • don't know much about FSNI-DRDC01 as nothing was captured for this one
    • FRS replication has problems that may be related to above, but check the FRS Replication and System event logs for more details
    • user did not have permissions to complete all dcdiag tests
    • forwarders and root hints unreachable (not a big issue for active directory, maybe these servers are air gapped?)

    After above corrections and if problems persist then do two things.

    1. clear out the System and FRS Replication event logs
    2. put up a new set of files to look at but make sure to run with elevated credentials

    --please don't forget to close up the thread here by marking answer if the reply is helpful--

    Was this answer helpful?

  2. Anonymous
    2023-11-02T01:41:23.14+00:00

    Hello Kenny McMaster,

    Thank you for posting in Q&A forum.

    1.Please check if you can see Event 2095 on PDC.
    Domain Controllers log Directory Services Event 2095 in the Directory Services event log when they detect a USN rollback.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/detect-and-recover-from-usn-rollback

    2.Please run commands below on PDC and check the result or provide the result.

    repadmin /showrepl >C:\rep1.txt

    repadmin /replsum >C:\rep2.txt

    repadmin /showrepl * /csv >c:\repsum.csv

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    Was this answer helpful?

  3. Anonymous
    2023-11-01T18:36:03.54+00:00

    Restoring domain controllers and snapshots are never a good idea when there are multiple domain controllers. Please run;

    Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log (run on PDC emulator)
    repadmin /showrepl >C:\repl.txt (run on any domain controller)
    ipconfig /all > C:\%computername%.txt (run on EVERY domain controller)

    Also check the domain controller System and Replication (DFS or FRS) event logs for errors since last boot. Post the Event Source and Event IDs of any found. (no evtx files)

    then put unzipped text files up on OneDrive and share a link.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.