服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Server 2008 DFS复制问题
Intereting Posts
virt-viewer比virt-manager慢 无法SFTP(但可以SSH) – 使用22以外的端口 一台服务器可以为域名和子域名执行DNS吗? 一个安装点和两个或多个磁盘? 港口在哪个方向打开? ulimit,launchctl,sysctl之间的区别? 用rrdtool或其他语言计算每5个样本的平均值 Windows Server 2012 R2 – 服务器没有可用的会话 具有容错和持久消息存储的Websockets服务器 Debian存储库的GPG密钥是否应该由其维护者共享? 在arp-scan的输出中有相同MAC地址的重复IP太多 每个人都拥有IPv6的全球可访问IP是一种安全的噩梦? 清漆和RAM数量不足 在本地Macnetworking上设置中央git回购 Windows中的什么旋钮可以打开以允许用户创build本地组?

Server 2008 DFS复制问题

我的networking上有两个域控制器,win2k8dc1和win2k8dc2。

我遇到了DFS复制无法与复制伙伴进行通信的事件日志错误。 此事件logging在DC2上:

DFS复制服务无法与复制组“域系统卷”的伙伴WIN2K8DC1进行通信。 伙伴不能识别连接或复制组configuration。
合作伙伴DNS地址:WIN2K8DC1.JEWELS.LOCAL可选数据(如果可用):合作伙伴WINS地址:WIN2K8DC1合作伙伴IP地址:192.168.1.254服务将定期重试连接。 附加信息:错误:9026(连接无效)连接ID:F26BEC3F-1EB7-4002-BE66-6204485CDC8C复制组ID:E0260157-9085-41F7-8912-F1A02026A0A5

这些错误不会在DC1上生成。 两台机器都可以通过ip,fqdn和一个logging进行ping。

活动目录似乎复制完美。 如果在一台服务器上创build了一个对象或ou,它将被复制到另一台服务器上。 DNS复制似乎也很好。

运行DCDIAG我收到以下错误: 

Starting test: DFSREvent The DFS Replication Event Log. There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. An error event occurred. EventID: 0xC0001394 Time Generated: 01/04/2012 17:00:45 Event String: The DFS Replication service failed to communicate with partner WIN2K8DC2 for replication group Domain System Volume. The partner did not recognize the connection or the replication group configuration. Partner DNS Address: WIN2K8DC2.JEWELS.LOCAL Optional data if available: Partner WINS Address: WIN2K8DC2 Partner IP Address: 192.168.1.253 The service will retry the connection periodically. Additional Information: Error: 9026 (The connection is invalid) Connection ID: 04854E9E-07E3-4A3E-BA6C-F3FBAB67B21F Replication Group ID: E0260157-9085-41F7-8912-F1A02026A0A5 An error event occurred. EventID: 0xC0001394 Time Generated: 01/05/2012 03:00:42 ......................... WIN2K8DC1 failed test DFSREvent

我检查了域控制器的属性:msDFSR-ComputerReferenceBL。 每个DC都有一个值,CN等于它自己。 msDFSR-MemberReferenceBL值为空。 我无法手动编辑这两个值中的任何一个。

DCDIAG输出中的另一个错误是NCSecDesctesting,如果不使用RODC,研究表明忽略。 两台服务器都通过了这个testing

两台服务器都有一个DCOM错误报告,说明DCOM无法使用任何已configuration的协议与计算机进行通信。 我可以ping出出货代理的IP地址。

所有DNStesting结果都通过了dcdiag。

我运行的dcdiag属性是: dcdiag / v / c / d / e / s:win2k8dc1> c:\ dcdiag.txt和win2k8dc2一样。

FRSDiag实用程序在DC1上返回以下错误: 

 Checking for errors in debug logs ... ERROR on NtFrs_0004.log : "ERROR_ACCESS_DENIED" : <SndCsMain: 3580: 904: S0: 12:33:01> :SR: Cmd 00388bb0, CxtG f26bec3f, WS ERROR_ACCESS_DENIED, To WIN2K8DC1.JEWELS.LOCAL Len: (544) [SndFail - Send Penalty] ERROR on NtFrs_0004.log : "ERROR_ACCESS_DENIED" : <SndCsMain: 260: 877: S0: 12:33:01> :SR: Cmd 00388130, CxtG 04854e9e, WS ERROR_ACCESS_DENIED, To WIN2K8DC1.JEWELS.LOCAL Len: (376) [SndFail - rpc call] ERROR on NtFrs_0004.log : "ERROR_ACCESS_DENIED" : <SndCsMain: 260: 904: S0: 12:33:01> :SR: Cmd 00388130, CxtG 04854e9e, WS ERROR_ACCESS_DENIED, To WIN2K8DC1.JEWELS.LOCAL Len: (376) [SndFail - Send Penalty] Found 8 ERROR_ACCESS_DENIED error(s)! Latest ones (up to 3) listed above ......... failed with 8 error entries

当试图从DC1运行FRSDiag对DC2我得到以下错误: 

  Processing ntfrsutl ds....NTFRSUTL ERROR - Cannot RPC to computer, win2k8dc2; 000006d9 (1753)... Make sure you are logged on as a Domain Admin! Skipping!

我开始陷入困境,因为这已经越过了我的头。 在进行下一步之前,想要检查这里,并联系MS AD技术支持..

补充:UACclosures。 两台服务器都没有防火墙。 function级别是Windows Server 2008。

dfsrdiag dumpadcfg输出: 

 LDAP Bind : WIN2K8DC1.JEWELS.LOCAL SitesDn : cn=sites,cn=configuration,dc=jewels,dc=local ServicesDn : cn=services,cn=configuration,dc=jewels,dc=local SystemDn : cn=system,DC=JEWELS,DC=LOCAL DefaultNcDn : DC=JEWELS,DC=LOCAL ComputersDn : cn=computers,DC=JEWELS,DC=LOCAL DomainCtlDn : ou=domain controllers,DC=JEWELS,DC=LOCAL SchemaDn : CN=Schema,CN=Configuration,DC=JEWELS,DC=LOCAL COMPUTER: WIN2K8DC1 DN : cn=win2k8dc1,ou=domain controllers,dc=jewels,dc=local GUID : 53A64969-227C-40AA-BD93-3C46782765DA DNS : win2k8dc1.jewels.local Server BL : cn=win2k8dc1,cn=servers,cn=default-first-site-name,cn=sites,cn =configuration,dc=jewels,dc=local Server Ref : (null) USN Changed : 5682458 When Created : Tuesday, August 10, 2010 3:02:33 PM When Changed : Wednesday, January 04, 2012 6:30:57 PM LOCAL SETTINGS: DFSR-LOCALSETTINGS DN : cn=dfsr-localsettings,cn=win2k8dc1,ou=domain controllers,dc= jewels,dc=local GUID : 6EE6D3C7-09C4-4A9E-BFCF-A4D5CE129320 Version : 1.0.0.0 USN Changed : 5685331 When Created : Wednesday, January 04, 2012 8:58:32 PM When Changed : Wednesday, January 04, 2012 9:00:49 PM SUBSCRIBER: DOMAIN SYSTEM VOLUME DN : cn=domain system volume,cn=dfsr-localsettings,cn=win2k8dc1 ,ou=domain controllers,dc=jewels,dc=local GUID : 2C9380BE-39BE-49C9-87CA-82AA8483A5C8 Member Ref : cn=win2k8dc1,cn=topology,cn=domain system volume,cn=dfsr-g lobalsettings,cn=system,dc=jewels,dc=local USN Changed : 5685297 When Created : Wednesday, January 04, 2012 8:58:33 PM When Changed : Wednesday, January 04, 2012 8:58:33 PM SUBSCRIPTION: SYSVOL SUBSCRIPTION DN : cn=sysvol subscription,cn=domain system volume,cn=dfsr-l ocalsettings,cn=win2k8dc1,ou=domain controllers,dc=jewels,dc=local GUID : 3A9F879D-CB16-4484-8F22-703B8ACF3B11 ContentSetGuid: 0E31CFFA-FCD2-4A5D-8739-9277B0EF8478 Root Path : c:\windows\sysvol_dfsr\domain Root Size : (null) (MB) Staging Path : (null) Staging Size : (null) (MB) Conflict Path : (null) Conflict Size : (null) (MB) USN Changed : 5685489 When Created : Wednesday, January 04, 2012 8:58:33 PM When Changed : Wednesday, January 04, 2012 9:05:34 PM GLOBAL SETTINGS: DFSR-GLOBALSETTINGS DN : cn=dfsr-globalsettings,cn=system,dc=jewels,dc=local GUID : 30E9760E-6020-4DFD-A975-134F2C809A4D USN Changed : 5685310 When Created : Wednesday, January 04, 2012 8:57:53 PM When Changed : Wednesday, January 04, 2012 8:59:39 PM REPLICATION GROUP: DOMAIN SYSTEM VOLUME DN : cn=domain system volume,cn=dfsr-globalsettings,cn=system,dc= jewels,dc=local GUID : E0260157-9085-41F7-8912-F1A02026A0A5 Type : 1 (SYSVOL) USN Changed : 5685278 When Created : Wednesday, January 04, 2012 8:57:53 PM When Changed : Wednesday, January 04, 2012 8:57:53 PM CONTENT: CONTENT DN : cn=content,cn=domain system volume,cn=dfsr-globalsettings, cn=system,dc=jewels,dc=local GUID : 776B3EE9-6FF6-4929-A0B5-DC1256C330FE USN Changed : 5685279 When Created : Wednesday, January 04, 2012 8:57:53 PM When Changed : Wednesday, January 04, 2012 8:57:53 PM CONTENT SET: SYSVOL SHARE DN : cn=sysvol share,cn=content,cn=domain system volume,cn=df sr-globalsettings,cn=system,dc=jewels,dc=local GUID : 0E31CFFA-FCD2-4A5D-8739-9277B0EF8478 File Filter : (null) Compression Excl : (null) Dir Filter : DO_NOT_REMOVE_NtFrs_PreInstall_Directory,NtFrs_PreExisti ng___See_EventLog USN Changed : 5685280 When Created : Wednesday, January 04, 2012 8:57:53 PM When Changed : Wednesday, January 04, 2012 8:57:53 PM TOPOLOGY: TOPOLOGY DN : cn=topology,cn=domain system volume,cn=dfsr-globalsettings ,cn=system,dc=jewels,dc=local GUID : DB1E6BF2-9745-4B04-AD15-19E559502D4B USN Changed : 5685281 When Created : Wednesday, January 04, 2012 8:57:53 PM When Changed : Wednesday, January 04, 2012 8:57:53 PM MEMBER: WIN2K8DC1 DN : cn=win2k8dc1,cn=topology,cn=domain system volume,cn=dfsr -globalsettings,cn=system,dc=jewels,dc=local GUID : BCAFE60C-2DFF-4BC0-85A4-22F66C96B043 Server Ref : cn=ntds settings,cn=win2k8dc1,cn=servers,cn=default-firs t-site-name,cn=sites,cn=configuration,dc=jewels,dc=local Computer Ref : cn=win2k8dc1,ou=domain controllers,dc=jewels,dc=local Keywords : (null) Computer DNS : win2k8dc1.jewels.local USN Changed : 5685293 When Created : Wednesday, January 04, 2012 8:58:32 PM When Changed : Wednesday, January 04, 2012 8:58:32 PM CXTION: D0736C4D-B39D-4521-B4AF-5D8B7E627280 DN : cn=d0736c4d-b39d-4521-b4af-5d8b7e627280,cn=ntds settin gs,cn=win2k8dc1,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration, dc=jewels,dc=local GUID : 04854E9E-07E3-4A3E-BA6C-F3FBAB67B21F Inbound : true Partner DN : cn=win2k8dc2,cn=topology,cn=domain system volume,cn=df sr-globalsettings,cn=system,dc=jewels,dc=local USN Changed : 2830713 When Created : Wednesday, April 13, 2011 8:12:57 PM When Changed : Friday, August 19, 2011 1:02:17 PM CXTION: C21C575F-EEB2-44E9-A464-85E4833963B5 DN : cn=c21c575f-eeb2-44e9-a464-85e4833963b5,cn=ntds settin gs,cn=win2k8dc2,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration, dc=jewels,dc=local GUID : F26BEC3F-1EB7-4002-BE66-6204485CDC8C Inbound : false Partner DN : cn=win2k8dc2,cn=topology,cn=domain system volume,cn=df sr-globalsettings,cn=system,dc=jewels,dc=local USN Changed : 4927588 When Created : Wednesday, April 13, 2011 8:12:40 PM When Changed : Tuesday, December 13, 2011 9:41:33 PM MEMBER: WIN2K8DC2 DN : cn=win2k8dc2,cn=topology,cn=domain system volume,cn=dfsr -globalsettings,cn=system,dc=jewels,dc=local GUID : 1AF9DFAD-9793-4B3D-BE1B-5A497857C4E6 Server Ref : cn=ntds settings,cn=win2k8dc2,cn=servers,cn=default-firs t-site-name,cn=sites,cn=configuration,dc=jewels,dc=local Computer Ref : cn=win2k8dc2,ou=domain controllers,dc=jewels,dc=local Keywords : (null) Computer DNS : win2k8dc2.jewels.local USN Changed : 5685434 When Created : Wednesday, January 04, 2012 9:01:29 PM When Changed : Wednesday, January 04, 2012 9:01:45 PM Operation Succeeded

关于用于SYSVOL复制的FRS – 这个域是从2003年升级的吗? SYSVOL可能仍然使用FRS进行复制,除非将其迁移到升级后的DFS-R复制。

您可以使用“ SYSVOL复制迁移指南”将其从FRS移至DFS-R

关于防火墙,只是因为他们在同一个本地networking上,本地Windows防火墙也可能阻塞连接。