Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » FRS replication problem in 2 DC
FRS replication problem in 2 DC [message #322080] Thu, 19 November 2009 03:10 Go to next message
shrikant  is currently offline shrikant
Messages: 19
Registered: August 2009
Junior Member
In virtual enviroment i have 2 domain controller like DC1 and DC2
DC1: has 1. all fsmo role.
2.dns server.
3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
4.primary domain controller.

DC2: has 1. domain controller.
2. 2 nic with >>>ip
192.168.121.6/255.255.255.0/dns:192.168.121.5
and >>>ip 192.168.122.11/255.255.255.0/ dns:192.168.121.5(for
proxy)

senario:A>by running NSLOOKUP all name resolution working properly for
network id 192.168.121.0/24. except network id 192.168.122.0/24.

problem :>>>DC1: 1. event id 1864:replication error.
2. event id 2092:replication warning.
3. event id 13508:NTFRS error.
>>>DC2:1. event id 1586:replication warning.
2. event id 1308:replication error.
3. event id 13508:NTFRS error.
unable to do replication from DC1 to DC2 and Domain Controller group
policies are unbale to apply but domain policies get appiled successfully on
other OU.
problem ouccur only among the DC.

please suggest.
Re: FRS replication problem in 2 DC [message #322106 is a reply to message #322080] Thu, 19 November 2009 04:31 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello shrikant,

Do never use 2 different ip addresses on a domain controller, this results
in multiple problems. Please reconfigure the second DC to one ip address
only and make sure to remove the second one also after reconfiguration from
all DNS zones.

After that reboot the second one and check again.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> In virtual enviroment i have 2 domain controller like DC1 and DC2
> DC1: has 1. all fsmo role.
> 2.dns server.
> 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> 4.primary domain controller.
> DC2: has 1. domain controller.
> 2. 2 nic with >>>ip
> 192.168.121.6/255.255.255.0/dns:192.168.121.5
and>>>> ip 192.168.122.11/255.255.255.0/ dns:192.168.121.5(for
and>>>>
> proxy)
> senario:A>by running NSLOOKUP all name resolution working properly for
> network id 192.168.121.0/24. except network id 192.168.122.0/24.
>
> problem :>>>DC1: 1. event id 1864:replication error.
> 2. event id 2092:replication warning.
> 3. event id 13508:NTFRS error.
>>>> DC2:1. event id 1586:replication warning.
>>>>
> 2. event id 1308:replication error.
> 3. event id 13508:NTFRS error.
> unable to do replication from DC1 to DC2 and Domain Controller group
> policies are unbale to apply but domain policies get appiled
> successfully on
> other OU.
> problem ouccur only among the DC.
> please suggest.
>
Re: FRS replication problem in 2 DC [message #322180 is a reply to message #322080] Thu, 19 November 2009 06:39 Go to previous messageGo to next message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
DC's should never be multihomed. Disable one of the two nic's on DC2.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"shrikant" <shrikant@discussions.microsoft.com> wrote in message
news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
> In virtual enviroment i have 2 domain controller like DC1 and DC2
> DC1: has 1. all fsmo role.
> 2.dns server.
> 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> 4.primary domain controller.
>
> DC2: has 1. domain controller.
> 2. 2 nic with >>>ip
> 192.168.121.6/255.255.255.0/dns:192.168.121.5
> and >>>ip 192.168.122.11/255.255.255.0/
> dns:192.168.121.5(for
> proxy)
>
> senario:A>by running NSLOOKUP all name resolution working properly for
> network id 192.168.121.0/24. except network id 192.168.122.0/24.
>
> problem :>>>DC1: 1. event id 1864:replication error.
> 2. event id 2092:replication warning.
> 3. event id 13508:NTFRS error.
> >>>DC2:1. event id 1586:replication warning.
> 2. event id 1308:replication error.
> 3. event id 13508:NTFRS error.
> unable to do replication from DC1 to DC2 and Domain Controller group
> policies are unbale to apply but domain policies get appiled successfully
> on
> other OU.
> problem ouccur only among the DC.
>
> please suggest.
Re: FRS replication problem in 2 DC [message #322823 is a reply to message #322080] Thu, 19 November 2009 17:01 Go to previous messageGo to next message
Rahisuddin Shah  is currently offline Rahisuddin Shah  United States
Messages: 25
Registered: November 2009
Junior Member
Shrikant,
After removing second NIC I would suggest you to install DNS on second DC
for redundancy and point to its own IP address in DNS setting.

rahisuddin shah


"shrikant" <shrikant@discussions.microsoft.com> wrote in message
news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
> In virtual enviroment i have 2 domain controller like DC1 and DC2
> DC1: has 1. all fsmo role.
> 2.dns server.
> 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> 4.primary domain controller.
>
> DC2: has 1. domain controller.
> 2. 2 nic with >>>ip
> 192.168.121.6/255.255.255.0/dns:192.168.121.5
> and >>>ip 192.168.122.11/255.255.255.0/
> dns:192.168.121.5(for
> proxy)
>
> senario:A>by running NSLOOKUP all name resolution working properly for
> network id 192.168.121.0/24. except network id 192.168.122.0/24.
>
> problem :>>>DC1: 1. event id 1864:replication error.
> 2. event id 2092:replication warning.
> 3. event id 13508:NTFRS error.
> >>>DC2:1. event id 1586:replication warning.
> 2. event id 1308:replication error.
> 3. event id 13508:NTFRS error.
> unable to do replication from DC1 to DC2 and Domain Controller group
> policies are unbale to apply but domain policies get appiled successfully
> on
> other OU.
> problem ouccur only among the DC.
>
> please suggest.
Re: FRS replication problem in 2 DC [message #326080 is a reply to message #322823] Mon, 23 November 2009 22:58 Go to previous messageGo to next message
shrikant  is currently offline shrikant
Messages: 19
Registered: August 2009
Junior Member
hi,
i am not sure about this , but in event viewer i get error of event id 1864
and 2092 which predict the problem of replication.

1. when i run nslookup on any DC i get result as; for DC2 i get 2 ips when
run nslookup for resolving, i.e. 192.168.121.6, 192.168.122.11,
is that create problem of replication between 2 domian controller?

2. when i create domain user in main dc i.e. DC1 which handles all FSMO
role, it also shown in DC2 after given specific period, but when i set the
group policy for domin controller it's doesn't get followed by DC2 from DC1.

so, 1.domain group policy do not work but it shows the problem of replication.

please suggest.


"Rahisuddin Shah" wrote:

> Shrikant,
> After removing second NIC I would suggest you to install DNS on second DC
> for redundancy and point to its own IP address in DNS setting.
>
> rahisuddin shah
>
>
> "shrikant" <shrikant@discussions.microsoft.com> wrote in message
> news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
> > In virtual enviroment i have 2 domain controller like DC1 and DC2
> > DC1: has 1. all fsmo role.
> > 2.dns server.
> > 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> > 4.primary domain controller.
> >
> > DC2: has 1. domain controller.
> > 2. 2 nic with >>>ip
> > 192.168.121.6/255.255.255.0/dns:192.168.121.5
> > and >>>ip 192.168.122.11/255.255.255.0/
> > dns:192.168.121.5(for
> > proxy)
> >
> > senario:A>by running NSLOOKUP all name resolution working properly for
> > network id 192.168.121.0/24. except network id 192.168.122.0/24.
> >
> > problem :>>>DC1: 1. event id 1864:replication error.
> > 2. event id 2092:replication warning.
> > 3. event id 13508:NTFRS error.
> > >>>DC2:1. event id 1586:replication warning.
> > 2. event id 1308:replication error.
> > 3. event id 13508:NTFRS error.
> > unable to do replication from DC1 to DC2 and Domain Controller group
> > policies are unbale to apply but domain policies get appiled successfully
> > on
> > other OU.
> > problem ouccur only among the DC.
> >
> > please suggest.
>
> .
>
Re: FRS replication problem in 2 DC [message #326092 is a reply to message #326080] Mon, 23 November 2009 23:17 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello shrikant,

Did you make the suggested changes and remove the second ip address and check
in DNS zones that the removed one is deleted in all zones? Please post an
unedited ipconfig /all from both DCs.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> hi,
> i am not sure about this , but in event viewer i get error of event
> id 1864
> and 2092 which predict the problem of replication.
> 1. when i run nslookup on any DC i get result as; for DC2 i get 2 ips
> when run nslookup for resolving, i.e. 192.168.121.6, 192.168.122.11,
> is that create problem of replication between 2 domian controller?
>
> 2. when i create domain user in main dc i.e. DC1 which handles all
> FSMO role, it also shown in DC2 after given specific period, but when
> i set the group policy for domin controller it's doesn't get followed
> by DC2 from DC1.
>
> so, 1.domain group policy do not work but it shows the problem of
> replication.
>
> please suggest.
>
> "Rahisuddin Shah" wrote:
>
>> Shrikant,
>> After removing second NIC I would suggest you to install DNS on
>> second DC
>> for redundancy and point to its own IP address in DNS setting.
>> rahisuddin shah
>>
>> "shrikant" <shrikant@discussions.microsoft.com> wrote in message
>> news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
>>
>>> In virtual enviroment i have 2 domain controller like DC1 and DC2
>>> DC1: has 1. all fsmo role.
>>> 2.dns server.
>>> 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
>>> 4.primary domain controller.
>>> DC2: has 1. domain controller.
>>> 2. 2 nic with >>>ip
>>> 192.168.121.6/255.255.255.0/dns:192.168.121.5
>>> and >>>ip 192.168.122.11/255.255.255.0/
>>> dns:192.168.121.5(for
>>> proxy)
>>> senario:A>by running NSLOOKUP all name resolution working properly
>>> for network id 192.168.121.0/24. except network id 192.168.122.0/24.
>>>
>>> problem :>>>DC1: 1. event id 1864:replication error.
>>> 2. event id 2092:replication warning.
>>> 3. event id 13508:NTFRS error.
>>>>>> DC2:1. event id 1586:replication warning.
>>>>>>
>>> 2. event id 1308:replication error.
>>> 3. event id 13508:NTFRS error.
>>> unable to do replication from DC1 to DC2 and Domain Controller group
>>> policies are unbale to apply but domain policies get appiled
>>> successfully
>>> on
>>> other OU.
>>> problem ouccur only among the DC.
>>> please suggest.
>>>
>> .
>>
Re: FRS replication problem in 2 DC [message #326103 is a reply to message #326080] Mon, 23 November 2009 23:32 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"shrikant" <shrikant@discussions.microsoft.com> wrote in message
news:F3B64638-1E4F-4EB2-8252-15D3038F75B7@microsoft.com...
> hi,
> i am not sure about this , but in event viewer i get error of event id
> 1864
> and 2092 which predict the problem of replication.
>
> 1. when i run nslookup on any DC i get result as; for DC2 i get 2 ips when
> run nslookup for resolving, i.e. 192.168.121.6, 192.168.122.11,
> is that create problem of replication between 2 domian controller?
>
> 2. when i create domain user in main dc i.e. DC1 which handles all FSMO
> role, it also shown in DC2 after given specific period, but when i set the
> group policy for domin controller it's doesn't get followed by DC2 from
> DC1.
>
> so, 1.domain group policy do not work but it shows the problem of
> replication.
>
> please suggest.
>

As Meinolf mentioned, the problem appears to be DC2 is multihomed (either
more than one NIC, more than one IP, and/or RRAS is installed). A multihomed
DC is exteremely problematic. I would follow his suggestions to disable one
of the NICs and clean up DNS.

If you want more information regarding what kind of problems a multihomed DC
can cause, why it's happening, as well as if you absolutely need to continue
to have two NICs, please read the following link.

Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihom ed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx

Otherwise, the simple fix is to make the DC only have one NIC and one IP.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Re: FRS replication problem in 2 DC [message #346470 is a reply to message #326103] Thu, 17 December 2009 07:16 Go to previous messageGo to next message
shrikant  is currently offline shrikant
Messages: 19
Registered: August 2009
Junior Member
dear all,

After the long R and D i have one way to shutout this problem as follow;

1 i check the replication by configuring firewall and allowing some port
which is need for replication of active directory and the replication working
correctly as i observered and shocked to see when the replication is working
even i define two different network ip ie 192.168.121.6/24 and
192.168.122.11/24, is that normal?

2. now problem is that tombstone time.
on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2) is
out of tombstone period, should i incrase the tombstone period by using
adsiedit.msc ?
is that safe? is there any other way to overcome this problem?

i want your all's suggestion!!!!


"Ace Fekay [MCT]" wrote:

> "shrikant" <shrikant@discussions.microsoft.com> wrote in message
> news:F3B64638-1E4F-4EB2-8252-15D3038F75B7@microsoft.com...
> > hi,
> > i am not sure about this , but in event viewer i get error of event id
> > 1864
> > and 2092 which predict the problem of replication.
> >
> > 1. when i run nslookup on any DC i get result as; for DC2 i get 2 ips when
> > run nslookup for resolving, i.e. 192.168.121.6, 192.168.122.11,
> > is that create problem of replication between 2 domian controller?
> >
> > 2. when i create domain user in main dc i.e. DC1 which handles all FSMO
> > role, it also shown in DC2 after given specific period, but when i set the
> > group policy for domin controller it's doesn't get followed by DC2 from
> > DC1.
> >
> > so, 1.domain group policy do not work but it shows the problem of
> > replication.
> >
> > please suggest.
> >
>
> As Meinolf mentioned, the problem appears to be DC2 is multihomed (either
> more than one NIC, more than one IP, and/or RRAS is installed). A multihomed
> DC is exteremely problematic. I would follow his suggestions to disable one
> of the NICs and clean up DNS.
>
> If you want more information regarding what kind of problems a multihomed DC
> can cause, why it's happening, as well as if you absolutely need to continue
> to have two NICs, please read the following link.
>
> Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
> http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihom ed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
>
> Otherwise, the simple fix is to make the DC only have one NIC and one IP.
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Please reply back to the newsgroup or forum for collaboration benefit among
> responding engineers, and to help others benefit from your resolution.
>
> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
> 2003/2000, MCSA Messaging 2003
> Microsoft Certified Trainer
>
> For urgent issues, please contact Microsoft PSS directly. Please check
> http://support.microsoft.com for regional support phone numbers.
>
>
> .
>
Re: FRS replication problem in 2 DC [message #346477 is a reply to message #322106] Thu, 17 December 2009 07:18 Go to previous messageGo to next message
shrikant  is currently offline shrikant
Messages: 19
Registered: August 2009
Junior Member
dear all,

After the long R and D i have one way to shutout this problem as follow;

1 i check the replication by configuring firewall and allowing some port
which is need for replication of active directory and the replication working
correctly as i observered and shocked to see when the replication is working
even i define two different network ip ie 192.168.121.6/24 and
192.168.122.11/24, is that normal?

2. now problem is that tombstone time.
on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2) is
out of tombstone period, should i incrase the tombstone period by using
adsiedit.msc ?
is that safe? is there any other way to overcome this problem?

i want your all's suggestion!!!!

"Meinolf Weber [MVP-DS]" wrote:

> Hello shrikant,
>
> Do never use 2 different ip addresses on a domain controller, this results
> in multiple problems. Please reconfigure the second DC to one ip address
> only and make sure to remove the second one also after reconfiguration from
> all DNS zones.
>
> After that reboot the second one and check again.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > In virtual enviroment i have 2 domain controller like DC1 and DC2
> > DC1: has 1. all fsmo role.
> > 2.dns server.
> > 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> > 4.primary domain controller.
> > DC2: has 1. domain controller.
> > 2. 2 nic with >>>ip
> > 192.168.121.6/255.255.255.0/dns:192.168.121.5
> and>>>> ip 192.168.122.11/255.255.255.0/ dns:192.168.121.5(for
> and>>>>
> > proxy)
> > senario:A>by running NSLOOKUP all name resolution working properly for
> > network id 192.168.121.0/24. except network id 192.168.122.0/24.
> >
> > problem :>>>DC1: 1. event id 1864:replication error.
> > 2. event id 2092:replication warning.
> > 3. event id 13508:NTFRS error.
> >>>> DC2:1. event id 1586:replication warning.
> >>>>
> > 2. event id 1308:replication error.
> > 3. event id 13508:NTFRS error.
> > unable to do replication from DC1 to DC2 and Domain Controller group
> > policies are unbale to apply but domain policies get appiled
> > successfully on
> > other OU.
> > problem ouccur only among the DC.
> > please suggest.
> >
>
>
> .
>
Re: FRS replication problem in 2 DC [message #346478 is a reply to message #322180] Thu, 17 December 2009 07:21 Go to previous messageGo to next message
shrikant  is currently offline shrikant
Messages: 19
Registered: August 2009
Junior Member
dear all,

After the long R and D i have one way to shutout this problem as follow;

1 i check the replication by configuring firewall and allowing some port
which is need for replication of active directory and the replication working
correctly as i observered and shocked to see when the replication is working
even i define two different network ip ie 192.168.121.6/24 and
192.168.122.11/24or it is multihomed, is that normal?

2. now problem is that tombstone time.
on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2) is
out of tombstone period, should i incrase the tombstone period by using
adsiedit.msc ?
is that safe? is there any other way to overcome this problem?

i want your all's suggestion!!!!
------------------------------------------------------------ -------------------------------------------
"Paul Bergson [MVP-DS]" wrote:

> DC's should never be multihomed. Disable one of the two nic's on DC2.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
> Microsoft's Thrive IT Pro of the Month - June 2009
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "shrikant" <shrikant@discussions.microsoft.com> wrote in message
> news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
> > In virtual enviroment i have 2 domain controller like DC1 and DC2
> > DC1: has 1. all fsmo role.
> > 2.dns server.
> > 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
> > 4.primary domain controller.
> >
> > DC2: has 1. domain controller.
> > 2. 2 nic with >>>ip
> > 192.168.121.6/255.255.255.0/dns:192.168.121.5
> > and >>>ip 192.168.122.11/255.255.255.0/
> > dns:192.168.121.5(for
> > proxy)
> >
> > senario:A>by running NSLOOKUP all name resolution working properly for
> > network id 192.168.121.0/24. except network id 192.168.122.0/24.
> >
> > problem :>>>DC1: 1. event id 1864:replication error.
> > 2. event id 2092:replication warning.
> > 3. event id 13508:NTFRS error.
> > >>>DC2:1. event id 1586:replication warning.
> > 2. event id 1308:replication error.
> > 3. event id 13508:NTFRS error.
> > unable to do replication from DC1 to DC2 and Domain Controller group
> > policies are unbale to apply but domain policies get appiled successfully
> > on
> > other OU.
> > problem ouccur only among the DC.
> >
> > please suggest.
>
>
> .
>
Re: FRS replication problem in 2 DC [message #346501 is a reply to message #346477] Thu, 17 December 2009 07:44 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello shrikant,

As said before use only one ip address on the DCs. If the DC is over the
tombstone lifetime and you have a full running one, demote the out of time
DC and cleanup AD according to:
http://support.microsoft.com/kb/555846/en-us

Even if you change the default tombstone lifetime now, this will not bring
back the second DC to replication. Choose the above option and demote the
DC, if this will not work complete foloow the article to remove it complete
from the domain and reinstall it.

Do not forget to save needed data on it.

Also see this articles about the needed ports for AD replication.
http://support.microsoft.com/kb/555381

http://support.microsoft.com/kb/179442/

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> dear all,
>
> After the long R and D i have one way to shutout this problem as
> follow;
>
> 1 i check the replication by configuring firewall and allowing some
> port which is need for replication of active directory and the
> replication working correctly as i observered and shocked to see when
> the replication is working even i define two different network ip ie
> 192.168.121.6/24 and 192.168.122.11/24, is that normal?
>
> 2. now problem is that tombstone time.
> on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2)
> is
> out of tombstone period, should i incrase the tombstone period by
> using
> adsiedit.msc ?
> is that safe? is there any other way to overcome this problem?
> i want your all's suggestion!!!!
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello shrikant,
>>
>> Do never use 2 different ip addresses on a domain controller, this
>> results in multiple problems. Please reconfigure the second DC to one
>> ip address only and make sure to remove the second one also after
>> reconfiguration from all DNS zones.
>>
>> After that reboot the second one and check again.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> In virtual enviroment i have 2 domain controller like DC1 and DC2
>>> DC1: has 1. all fsmo role.
>>> 2.dns server.
>>> 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
>>> 4.primary domain controller.
>>> DC2: has 1. domain controller.
>>> 2. 2 nic with >>>ip
>>> 192.168.121.6/255.255.255.0/dns:192.168.121.5
>> and>>>> ip 192.168.122.11/255.255.255.0/ dns:192.168.121.5(for
>> and>>>>
>>
>>> proxy)
>>> senario:A>by running NSLOOKUP all name resolution working properly
>>> for
>>> network id 192.168.121.0/24. except network id 192.168.122.0/24.
>>> problem :>>>DC1: 1. event id 1864:replication error.
>>> 2. event id 2092:replication warning.
>>> 3. event id 13508:NTFRS error.
>>>>>> DC2:1. event id 1586:replication warning.
>>>>>>
>>> 2. event id 1308:replication error.
>>> 3. event id 13508:NTFRS error.
>>> unable to do replication from DC1 to DC2 and Domain Controller group
>>> policies are unbale to apply but domain policies get appiled
>>> successfully on
>>> other OU.
>>> problem ouccur only among the DC.
>>> please suggest.
>> .
>>
Re: FRS replication problem in 2 DC [message #346566 is a reply to message #346478] Thu, 17 December 2009 08:56 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"shrikant" <shrikant@discussions.microsoft.com> wrote in message
news:9C4B0BC1-DFD4-4E67-8C4B-24BCE1290565@microsoft.com...
> dear all,
>
> After the long R and D i have one way to shutout this problem as follow;
>
> 1 i check the replication by configuring firewall and allowing some port
> which is need for replication of active directory and the replication
> working
> correctly as i observered and shocked to see when the replication is
> working
> even i define two different network ip ie 192.168.121.6/24 and
> 192.168.122.11/24or it is multihomed, is that normal?
>
> 2. now problem is that tombstone time.
> on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2) is
> out of tombstone period, should i incrase the tombstone period by using
> adsiedit.msc ?
> is that safe? is there any other way to overcome this problem?
>
> i want your all's suggestion!!!!

As has been suggested by Meinolf and Paul, you should only have one NIC
and/or IP on the DC. If RRAS is on the DC, that is problematic. If I
understand your post correctly, it appears you also have ISA on the DC? If
ISA is on the DC, that is problematic for the DC, as well. These scenarios
are not recommended configurations for a DC.

The multiple NICs and/or IPs on the DC is what caused the problem. I
remember your name, and if I am not mistakened, you've posted a few months
ago with this issue, is that correct? If so, I believe we discussed this
scenario in the past.

If the tombstone time has been reached for the DC, then your only course of
action, which Meinolf and Paul also indicated, is to demote and then
re-promote it back to a DC.

If ISA is on it, too, I would suggest to move ISA installation to a non-DC.
If RRAS is on it too, I suggest to move that to a non-DC as well.

I hope that helps. If you have any further questions, please feel free to
ask.


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Re: FRS replication problem in 2 DC [message #347485 is a reply to message #346478] Fri, 18 December 2009 07:46 Go to previous message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
1 nic

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"shrikant" <shrikant@discussions.microsoft.com> wrote in message
news:9C4B0BC1-DFD4-4E67-8C4B-24BCE1290565@microsoft.com...
> dear all,
>
> After the long R and D i have one way to shutout this problem as follow;
>
> 1 i check the replication by configuring firewall and allowing some port
> which is need for replication of active directory and the replication
> working
> correctly as i observered and shocked to see when the replication is
> working
> even i define two different network ip ie 192.168.121.6/24 and
> 192.168.122.11/24or it is multihomed, is that normal?
>
> 2. now problem is that tombstone time.
> on Dc 1 which is my FSMO role main dc, it shows me that other dc (DC2) is
> out of tombstone period, should i incrase the tombstone period by using
> adsiedit.msc ?
> is that safe? is there any other way to overcome this problem?
>
> i want your all's suggestion!!!!
> ------------------------------------------------------------ -------------------------------------------
> "Paul Bergson [MVP-DS]" wrote:
>
>> DC's should never be multihomed. Disable one of the two nic's on DC2.
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>> Microsoft's Thrive IT Pro of the Month - June 2009
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup This
>> posting is provided "AS IS" with no warranties, and confers no rights.
>>
>> "shrikant" <shrikant@discussions.microsoft.com> wrote in message
>> news:331F6B7F-7FBC-474C-97FD-58D2A3A22208@microsoft.com...
>> > In virtual enviroment i have 2 domain controller like DC1 and DC2
>> > DC1: has 1. all fsmo role.
>> > 2.dns server.
>> > 3.1 nic with ip 192.168.121.5 subnet:255.255.255.0
>> > 4.primary domain controller.
>> >
>> > DC2: has 1. domain controller.
>> > 2. 2 nic with >>>ip
>> > 192.168.121.6/255.255.255.0/dns:192.168.121.5
>> > and >>>ip 192.168.122.11/255.255.255.0/
>> > dns:192.168.121.5(for
>> > proxy)
>> >
>> > senario:A>by running NSLOOKUP all name resolution working properly for
>> > network id 192.168.121.0/24. except network id 192.168.122.0/24.
>> >
>> > problem :>>>DC1: 1. event id 1864:replication error.
>> > 2. event id 2092:replication warning.
>> > 3. event id 13508:NTFRS error.
>> > >>>DC2:1. event id 1586:replication warning.
>> > 2. event id 1308:replication error.
>> > 3. event id 13508:NTFRS error.
>> > unable to do replication from DC1 to DC2 and Domain Controller group
>> > policies are unbale to apply but domain policies get appiled
>> > successfully
>> > on
>> > other OU.
>> > problem ouccur only among the DC.
>> >
>> > please suggest.
>>
>>
>> .
>>
Previous Topic:Event ID 5774
Next Topic:Time Sync Problem on AD 2003 domain
Goto Forum:
  


Current Time: Fri Jan 19 00:42:42 MST 2018

Total time taken to generate the page: 0.05615 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software