Jump to content

11 posts in this topic

Posted

Hi All,

I've been scratching my head for the last few hours trying to resolve an issue with a DC.

First a bit of background, I have 3 DCs, all globe catalogues, the server that is having the following problems doesn't have any of the FSMO roles, it doesn't have DHCP or DNS roles although it did a few months ago. All the other servers appear to be working fine. The domain is windows server 2008 R2.

I have the following error in my error log:

[CODE]
The DFS Replication service detected invalid msDFSR-Subscriber object data while polling for configuration information.

Additional Information:
Object DN: CN=Domain System Volume,CN=DFSR-LocalSettings,CN=**DC NAME**,OU=Domain Controllers,DC=**DOMAIN NAME**,DC=local
Attribute Name: msDFSR-MemberReference
Domain Controller: **DC NAME**.**DOMAIN NAME**
Polling Cycle: 60 minutes[/CODE]

AD replication is fine, running REPADMIN /SHOWREPL * /CSV shows no errors and the last success was within the last few minutes and several tests I've done show that replication is fine.

Everything in ASDI looks ok, does anyone have an suggestions on where to look next?

Share this post


Link to post
Share on other sites

Posted

Is this server a Domain Controller? If it is, you really should have dns on it. TCP/IP properties should have the primary pointing to its static IP address, secondary should be pointing to one of the other domain controllers.

Share this post


Link to post
Share on other sites

Posted

as sc302 said, if that's a DC I would strongly suggest you have DNS installed on it as well. Can you even dcpromo without installing the DNS role? :\ Whens the last time DFS worked as it should? Did it recently stop working or has it been done for a month or two?

http://social.technet.microsoft.com/Forums/en/winserverfiles/thread/0f1a131f-d657-4edd-b5d2-6d61f5ccbed1

Share this post


Link to post
Share on other sites

Posted

Thanks for the replies people, looking at the logs it has been doing it for a few months, should probably have realised sooner but hey.

I've reinstalled DNS on the box, DNS is replicating as it should, but I've still got the issue of sysvol not replicating on that machine.

Share this post


Link to post
Share on other sites

Posted

After running dcdiag /q I have the following output:


[CODE]
Some objects relating to the DC **DC NAME** have problems:
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN=**DC NAME**,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=**DC NAME**,DC=local
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862

[1] Problem: Missing Expected Value
Base Object:
CN=**DC NAME**,OU=Domain Controllers,DC=**DC NAME**,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: msDFSR-ComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862

......................... **DC NAME** failed test VerifyReferences[/CODE]

Share this post


Link to post
Share on other sites

Posted

Are normal AD objects replicating then, I.E. User accounts?

If your sure its just sysvol thats broken you can rebuild it from one of the working DC's. In 2000+2003 this was done with the burflags regsitry keys but in 2008 there is a new method using ADSIEdit.


[url="http://technet.microsoft.com/en-us/library/cc816596(v=ws.10).aspx"]http://technet.microsoft.com/en-us/library/cc816596(v=ws.10).aspx[/url]

Share this post


Link to post
Share on other sites

Posted

What does the replication and active directory log look like.

Share this post


Link to post
Share on other sites

Posted

[quote name=']SK[' timestamp='1356613375' post='595417770']
Are normal AD objects replicating then, I.E. User accounts?

If your sure its just sysvol thats broken you can rebuild it from one of the working DC's. In 2000+2003 this was done with the burflags regsitry keys but in 2008 there is a new method using ADSIEdit.


[url="http://technet.microsoft.com/en-us/library/cc816596(v=ws.10).aspx"]http://technet.micro...6(v=ws.10).aspx[/url]
[/quote]

AD objects are replicating correctly, new users account etc. all replicate as expected.

I'll have a look at that technet article, thanks.

Share this post


Link to post
Share on other sites

Posted

You are having an issue with replication. Just because you see your AD objects doesn't mean your file objects are replicating properly. Your replication logs should have errors and possibly some in your ad event logs...these logs should have a ton of errors in them.

Share this post


Link to post
Share on other sites

Posted

[quote name='sc302' timestamp='1356621295' post='595417980']
You are having an issue with replication. Just because you see your AD objects doesn't mean your file objects are replicating properly. Your replication logs should have errors and possibly some in your ad event logs...these logs should have a ton of errors in them.
[/quote]

I am very well aware I am having a problem with replication, I was only answering ]SK[ question about AD object replication. I didn't dismiss your idea to look at he replication logs did I, I was going to have a look at them once I return home.

I'm probably reading to much into it but your post feels like you where attacking me for not replying to you.

Share this post


Link to post
Share on other sites

Posted

you are reading too much into it. if I were attacking you, there would be name calling and threats on the health of your fingers....like the asshat that keeps raising the temp to 90 degrees..

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.