服务器 Gind.cn
  1. 服务器 Gind.cn
  3. DC复制问题
Intereting Posts
ZFS:销毁和重新创build镜像zpool而不会丢失任何数据。 可能? configurationSSL后无法访问Nginx Web服务器 Plesk:启用mail.domain.tld作为传入/传出邮件服务器 Apache占用了太多的CPU 在Ubuntu上将Apache设置为LAN上的服务器子域 路由器是否caching通过它的数据包? 如何在RHEL 6上安装不带yum的Zabbix代理? 在租用线路上增加带宽时,通常代表ISP代表什么 如何防止邮件发送到postfix别名自动回复发送? Windows服务器失去连接 Windows 2012 R2 – 中级证书不断重新出现在根存储中 Snow Leopard Server PDC 10.6.2升级后无法再次对Windows XP客户端进行身份validation 把我的Windows Server 2016变成一个远程文件服务器 安装旧版本的mysql Linux:在串行控制台终止后注销用户

DC复制问题

我似乎有与我们的控制器之间的复制问题,设置如下;

一个域两个域控制器(2008)一个是虚拟的,一个是域控制器之间的物理同一站点的ping是好的。

好的,所以基本上我必须做一个bios升级到托pipe虚拟机的服务器(域控制器是虚拟机之一)。 更新之后,我们发现cisco交换机出现问题,因为已启用智能端口,并停止所有虚拟机与包含所有其他物理机的物理networking之间的通信。

现在我们通过禁用2960上的智能端口来解决这个问题,所有虚拟机都可以和物理机器成功通信,一切正常。 然而; 当我们启动域控制器的虚拟机时,花了很长的时间来启动(我知道AD / DNS常见问题)。 当它终于启动我login,并立即尝试ping第二个DC。 平反应良好,一切都好networking明智。 但突然之间,域控制器不同步。 我试过repadmin / syncall和错误来了,我试了dcdiag / q,我也得到错误。 RPC服务无法与FSMO持有者进行通信(简而言之)。

我检查和dfsr服务运行良好。 我切换任何防火墙和防病毒,但仍然不能沟通,除了与平。 什么都没有改变?

有人能指出我从哪里开始的正确方向吗? 出于testing的目的,我在第二个DC上创build了一个对象,并没有复制到第一个DC(FSMO支架)上。 

C:\Users\Administrator>dcdiag /q There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... IME-DC1 failed test DFSREvent [Replications Check,IME-DC1] A recent replication attempt failed: From IME-DC2 to IME-DC1 Naming Context: DC=ForestDnsZones,DC=XXX,DC=com The replication generated an error (1726): The remote procedure call failed. The failure occurred at 2013-10-02 21:11:34. The last success occurred at 2013-10-02 20:05:07. 2 failures have occurred since the last success. [Replications Check,IME-DC1] A recent replication attempt failed: From IME-DC2 to IME-DC1 Naming Context: DC=DomainDnsZones,DC=XXX,DC=com The replication generated an error (1726): The remote procedure call failed. The failure occurred at 2013-10-02 21:09:56. The last success occurred at 2013-10-02 20:04:39. 2 failures have occurred since the last success. [Replications Check,IME-DC1] A recent replication attempt failed: From IME-DC2 to IME-DC1 Naming Context: CN=Schema,CN=Configuration,DC=XXX,DC=com The replication generated an error (1726): The remote procedure call failed. The failure occurred at 2013-10-02 21:02:40. The last success occurred at 2013-10-02 17:55:42. 6 failures have occurred since the last success. [Replications Check,IME-DC1] A recent replication attempt failed: From IME-DC2 to IME-DC1 Naming Context: CN=Configuration,DC=XXX,DC=com The replication generated an error (1726): The remote procedure call failed. The failure occurred at 2013-10-02 20:57:56. The last success occurred at 2013-10-02 20:04:36. 3 failures have occurred since the last success. [Replications Check,IME-DC1] A recent replication attempt failed: From IME-DC2 to IME-DC1 Naming Context: DC=XXX,DC=com The replication generated an error (1726): The remote procedure call failed. The failure occurred at 2013-10-02 21:05:29. The last success occurred at 2013-10-02 20:05:10. 2 failures have occurred since the last success. ......................... IME-DC1 failed test Replications An Error Event occurred. EventID: 0x00000457 Time Generated: 10/02/2013 21:47:42 Event String: Driver Microsoft XPS Document Writer v4 required for printer Microso ft XPS Document Writer is unknown. Contact the administrator to install the driv er before you log in again. ......................... IME-DC1 failed test SystemLog C:\Users\Administrator>

我还包括来自活动目录日志的事件日志错误。 

 Log Name: Directory Service Source: Microsoft-Windows-ActiveDirectory_DomainService Date: 02/10/2013 22:13:33 Event ID: 1308 Task Category: Knowledge Consistency Checker Level: Warning Keywords: Classic User: ANONYMOUS LOGON Computer: IME-DC1.XXX.com Description: The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following directory service has consistently failed. Attempts: 7 Directory service: CN=NTDS Settings,CN=IME-DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXX,DC=com Period of time (minutes): 128 The Connection object for this directory service will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this directory service resumes, the temporary connection will be removed. Additional Data Error value: 1818 The remote procedure call was cancelled. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS KCC" /> <EventID Qualifiers="32768">1308</EventID> <Version>0</Version> <Level>3</Level> <Task>1</Task> <Opcode>0</Opcode> <Keywords>0x8080000000000000</Keywords> <TimeCreated SystemTime="2013-10-02T18:13:33.071Z" /> <EventRecordID>12274</EventRecordID> <Correlation /> <Execution ProcessID="652" ThreadID="1332" /> <Channel>Directory Service</Channel> <Computer>IME-DC1.XXX.com</Computer> <Security UserID="S-1-5-7" /> </System> <EventData> <Data>7</Data> <Data>CN=NTDS Settings,CN=IME-DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXX,DC=com</Data> <Data>128</Data> <Data>The remote procedure call was cancelled.</Data> <Data>1818</Data> </EventData> </Event>

很长的启动时间表明您已经在DC的networking适配器设置中订购了错误的DNS服务器。 这也会导致您看到的复制问题。 阅读此问题的答案并更正您的设置。 我想你以后可能会看到改善。

AD域控制器的DNS服务器顺序是什么?为什么?

如果这仍然不能解决您的问题,您需要找出为什么RPC不能在两台服务器之间工作。 这可能是由于networkingconfiguration问题,防火墙问题(硬件或基于主机)或任何其他原因。 简单地ping一个服务器并不能保证RPC能够成功的通信,这意味着ICMP在两者之间工作。