D
Dhev Kollannur
Multi domain environment. 5 domains total. Had to move
all the servers to another room. shutdown all the
servers. Moved it and restarted all the server starting
from the root.
One of the child domains have problems replicating. There
are four DC's in this child domain. Two of them have sp3
and other sp4. One of the servers has the three domain
level fsmo roles and two servers that are gc's. On this
server you can log on with the enterprise admin account.
However on the other three you cannot logon the same
account. I have tried reseting the secure channel
password on the problem dc's using netdom and rebooted
the server no luck. I also did a forced dcpromo on one of
the dc's, cleaned up the meta data and joined it back to
the domain and did a dcpromo on it again. I tried using
the enterprise admin account to join it back but I got an
error so then I used the domain admin account to join it
back. I ran mps_reports I get this warning in netdiag
########################
[WARNING] Failed to query SPN registration on DC 'XX-
dhs-dc-02.dhs.XXXXXXXX'.
########################
Here is an extract from the dcdiag
#########################
[Replications Check,YYY-LRC-DC-01] A recent replication
attempt failed:
From XX-DHS-DC-02 to YYY-LRC-DC-01
Naming Context: DC=dhs,DC=XXXXX,DC=XXX
The replication generated an error (5):
Access is denied.
XX-DHS-DC-02 is the one with the fsmo roles.
#########################
There is an event in the app event log which I think is
related to this
########################
1000 Userenv NT AUTHORITY\SYSTEM YYY-LRC-
DC-01
Windows cannot obtain the domain controller name for your
computer network. Return value (59)
########################
System log
########################
5719 NETLOGON N/A DHSAD-DC-01
No Windows NT or Windows 2000 Domain Controller is
available for domain DHS..US. The following error
occurred: %%1311
all the servers to another room. shutdown all the
servers. Moved it and restarted all the server starting
from the root.
One of the child domains have problems replicating. There
are four DC's in this child domain. Two of them have sp3
and other sp4. One of the servers has the three domain
level fsmo roles and two servers that are gc's. On this
server you can log on with the enterprise admin account.
However on the other three you cannot logon the same
account. I have tried reseting the secure channel
password on the problem dc's using netdom and rebooted
the server no luck. I also did a forced dcpromo on one of
the dc's, cleaned up the meta data and joined it back to
the domain and did a dcpromo on it again. I tried using
the enterprise admin account to join it back but I got an
error so then I used the domain admin account to join it
back. I ran mps_reports I get this warning in netdiag
########################
[WARNING] Failed to query SPN registration on DC 'XX-
dhs-dc-02.dhs.XXXXXXXX'.
########################
Here is an extract from the dcdiag
#########################
[Replications Check,YYY-LRC-DC-01] A recent replication
attempt failed:
From XX-DHS-DC-02 to YYY-LRC-DC-01
Naming Context: DC=dhs,DC=XXXXX,DC=XXX
The replication generated an error (5):
Access is denied.
XX-DHS-DC-02 is the one with the fsmo roles.
#########################
There is an event in the app event log which I think is
related to this
########################
1000 Userenv NT AUTHORITY\SYSTEM YYY-LRC-
DC-01
Windows cannot obtain the domain controller name for your
computer network. Return value (59)
########################
System log
########################
5719 NETLOGON N/A DHSAD-DC-01
No Windows NT or Windows 2000 Domain Controller is
available for domain DHS..US. The following error
occurred: %%1311