Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » SYSVOL replication and LDAP errors
SYSVOL replication and LDAP errors [message #159460] Thu, 30 July 2009 01:43 Go to next message
jpen  is currently offline jpen  United States
Messages: 1
Registered: July 2009
Junior Member
Hello. I have inherited a domain that has Windows 2k3 server as a member
server and a windows 2k3 sbs as a pdc, both servers serve logins and
there is some problems with sysvols replicating, netlogon replicates
just fine. The problems occur when users login to workstations, some of
them get wrong group policys that were made time before me. The history
behind these servers are that the w2k3 used to be pdc but was demoted to
member server because of the limitations of w2k3sbs. I think that the
sysvol replication problem is because of some missing LDAP connection.
Since the old admin told me that he had "disabled some not so useful
services from starting" and I recently found out by poking around that
when I started intersite messaging -service on both servers the event
viewers frs log gave me this:

> Event Type: Information
> Event Source: NtFrs
> Event Category: None
> Event ID: 13516
> Date: 27.7.2009
> Time: 10:59:36
> User: N/A
> Computer: SILMASRV2
> Description:
> The File Replication Service is no longer preventing the computer
> SILMASRV2 from becoming a domain controller. The system volume has been
> successfully initialized and the Netlogon service has been notified that
> the system volume is now ready to be shared as SYSVOL.
>
> Type "net share" to check for the SYSVOL share.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.

But alas, the sysvol doesn't replicate properly. I have ran various
tests against both servers and googled around with the errors, but no
working results. The repadmin /showreps %upstreamcomputer% (and
downstreamcomputer) gives this:

> (w2k3sbs)
> [d:\nt\ds\ds\src\util\repadmin\repbind.c, 154] LDAP error 81 (Server
> Down) Win32 Err 58.
>
> (w2k3)
> [d:\srv03rtm\ds\ds\src\util\repadmin\repbind.c, 154] LDAP error 81
> (Server Down) Win32 Err 58.

Sonar shows only the w2k3sbs as a member, I get only one dcdiag error
and it is against the w2k3 server:

>
> Some objects relating to the DC SILMASRV have problems:
>
> [1] Problem: Missing Expected Value
> Base Object:
> CN=NTDS
> Settings,CN=SILMASRV,CN=Servers,CN=Silmasairaala,CN=Sites,CN =Configuration,DC=silmasairaala,DC=com
>
> Base Object Description: "DSA Object"
>
> Value Object Attribute Name: serverReferenceBL
>
> Value Object Description: "SYSVOL FRS Member Object"
>
> Recommended Action: See Knowledge Base Article: Q312862
>
> ......................... SILMASRV failed test
> VerifyReferences

Also maybe worth mentioning is that IUSR_[servername] password had been
changed and because of it some of IIS services were not working, but
that is now fixed with IIS metabase explorer. God only knows what else
has been tempered with.


--
jpen
------------------------------------------------------------ ------------
jpen's Profile: http://forums.techarena.in/members/119627.htm
View this thread: http://forums.techarena.in/active-directory/1223246.htm

http://forums.techarena.in
Re: SYSVOL replication and LDAP errors [message #159462 is a reply to message #159460] Thu, 30 July 2009 03:19 Go to previous messageGo to next message
iena  is currently offline iena  Italy
Messages: 2
Registered: July 2009
Junior Member
Hi, since they demoted the 2k3 to member server they DON'T have to
replicate SYSVOL anymore...

it seems you have some dirty AD db here, you can clean metadata with
the metadata cleanup procedure.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
http://technet.microsoft.com/en-us/library/cc731035(WS.10).aspx


But, you have to remove the 2k3 from the domain first, then you can
rejoin.

HTH.
Diego Castelli
Re: SYSVOL replication and LDAP errors [message #159463 is a reply to message #159462] Thu, 30 July 2009 03:21 Go to previous messageGo to next message
iena  is currently offline iena  Italy
Messages: 2
Registered: July 2009
Junior Member
On 30 Lug, 11:19, iena <iena...@gmail.com> wrote:
> Hi, since they demoted the 2k3 to member server they DON'T have to
> replicate SYSVOL anymore...
>
> it seems you have some dirty AD db here, you can clean metadata with
> the metadata cleanup procedure.
>
> http://www.petri.co.il/delete_failed_dcs_from_ad.htmhttp://t echnet.microsoft.com/en-us/library/cc731035(WS.10).aspx
>
> But, you have to remove the 2k3 from the domain first, then you can
> rejoin.
>
> HTH.
> Diego Castelli

Ah, be sure all the FSMO roles are on the SBS now and that is GC
Re: SYSVOL replication and LDAP errors [message #159471 is a reply to message #159460] Thu, 30 July 2009 05:07 Go to previous message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello jpen,

For SBS related question i strongly suggest to use the SBS newsgroup, too
many thinks are different from 'normal' server versions:
microsoft.public.windows.server.sbs

http://www.microsoft.com/communities/newsgroups/list/en-us/d efault.aspx?dg=microsoft.public.windows.server.sbs

https://connect.microsoft.com/sbs08/community/discussion/ric hui/default.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello. I have inherited a domain that has Windows 2k3 server as a
> member server and a windows 2k3 sbs as a pdc, both servers serve
> logins and there is some problems with sysvols replicating, netlogon
> replicates just fine. The problems occur when users login to
> workstations, some of them get wrong group policys that were made time
> before me. The history behind these servers are that the w2k3 used to
> be pdc but was demoted to member server because of the limitations of
> w2k3sbs. I think that the sysvol replication problem is because of
> some missing LDAP connection. Since the old admin told me that he had
> "disabled some not so useful services from starting" and I recently
> found out by poking around that when I started intersite messaging
> -service on both servers the event viewers frs log gave me this:
>
>> Event Type: Information
>> Event Source: NtFrs
>> Event Category: None
>> Event ID: 13516
>> Date: 27.7.2009
>> Time: 10:59:36
>> User: N/A
>> Computer: SILMASRV2
>> Description:
>> The File Replication Service is no longer preventing the computer
>> SILMASRV2 from becoming a domain controller. The system volume has
>> been
>> successfully initialized and the Netlogon service has been notified
>> that
>> the system volume is now ready to be shared as SYSVOL.
>> Type "net share" to check for the SYSVOL share.
>>
>> For more information, see Help and Support Center at
>> http://go.microsoft.com/fwlink/events.asp.
>>
> But alas, the sysvol doesn't replicate properly. I have ran various
> tests against both servers and googled around with the errors, but no
> working results. The repadmin /showreps %upstreamcomputer% (and
> downstreamcomputer) gives this:
>
>> (w2k3sbs)
>> [d:\nt\ds\ds\src\util\repadmin\repbind.c, 154] LDAP error 81 (Server
>> Down) Win32 Err 58.
>> (w2k3)
>> [d:\srv03rtm\ds\ds\src\util\repadmin\repbind.c, 154] LDAP error 81
>> (Server Down) Win32 Err 58.
> Sonar shows only the w2k3sbs as a member, I get only one dcdiag error
> and it is against the w2k3 server:
>
>> Some objects relating to the DC SILMASRV have problems:
>>
>> [1] Problem: Missing Expected Value
>> Base Object:
>> CN=NTDS
>> Settings,CN=SILMASRV,CN=Servers,CN=Silmasairaala,CN=Sites,CN =Configur
>> ation,DC=silmasairaala,DC=com
>> Base Object Description: "DSA Object"
>>
>> Value Object Attribute Name: serverReferenceBL
>>
>> Value Object Description: "SYSVOL FRS Member Object"
>>
>> Recommended Action: See Knowledge Base Article: Q312862
>>
>> ......................... SILMASRV failed test
>> VerifyReferences
> Also maybe worth mentioning is that IUSR_[servername] password had
> been changed and because of it some of IIS services were not working,
> but that is now fixed with IIS metabase explorer. God only knows what
> else has been tempered with.
>
> http://forums.techarena.in
>
Previous Topic:Error while launching Users and Computers snap in
Next Topic:ADMT question
Goto Forum:
  


Current Time: Thu Jan 18 20:44:40 MST 2018

Total time taken to generate the page: 0.04026 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software