Discussion:
Event id 2042 /2041 (Directory service) + 12292/11 (VSS)
(too old to reply)
Hemal
2008-10-15 19:11:02 UTC
Permalink
Hi,

I am getting lots of event logs in all 3 domain controllers recently.

First of all in Directory service, I am getting these event id 2042 & 2041
as below:

{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
Description:
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
Time of last successful replication:
2008-06-25 01:26:15
Invocation ID of source:
07b0f6c8-f6b8-07b0-0100-000000000000
Name of source:
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
Tombstone lifetime (days):
60

The replication operation has failed.

User Action:

Determine which of the two machines was disconnected from the forest and is
now out of date. You have three options:

1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}


{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Description:
Duplicate event log entries were suppressed.

See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time of the
previous event to the time of this event.

Event Code:
c00007fa
Number of duplicate entries:
3

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}

Secondly I am unable to use Backup utility in all 3 domain contrlloers. Also
I can't take system state backup even with backup utility. I am getting the
same error message on all 3 domain controllers when I try to use backup
utility to backup anything:

{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"

Volume shadow copy creation: Attempt 1.

Error returned while creating the volume shadow copy:0x8004230f.

Error returned while creating the volume shadow copy:8004230f
Aborting Backup.

----------------------

The operation did not successfully complete.}

Last, I am also getting these volume shadow copy event id : 12292, 11 on
all 3 domain controllers as below:

{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Description:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 20 43 6f 64 65 3a 20 - Code:
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0018: 2d 20 43 61 6c 6c 3a 20 - Call:
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0030: 2d 20 50 49 44 3a 20 20 - PID:
0038: 30 30 30 30 34 34 38 30 00004480
0040: 2d 20 54 49 44 3a 20 20 - TID:
0048: 30 30 30 30 30 37 30 30 00000700
0050: 2d 20 43 4d 44 3a 20 20 - CMD:
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0078: 2d 20 55 73 65 72 3a 20 - User:
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
0098: 2d 20 53 69 64 3a 20 20 - Sid:
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}

{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Description:
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 20 43 6f 64 65 3a 20 - Code:
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0018: 2d 20 43 61 6c 6c 3a 20 - Call:
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0030: 2d 20 50 49 44 3a 20 20 - PID:
0038: 30 30 30 30 34 34 38 30 00004480
0040: 2d 20 54 49 44 3a 20 20 - TID:
0048: 30 30 30 30 30 37 30 30 00000700
0050: 2d 20 43 4d 44 3a 20 20 - CMD:
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0078: 2d 20 55 73 65 72 3a 20 - User:
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
0098: 2d 20 53 69 64 3a 20 20 - Sid:
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}

Sorry for the long post as I wanted to give every information so that
someone can help me.

I really appreciate any reply. Thanks in advance.

With best regards,
Hemal
Anthony [MVP]
2008-10-15 19:50:07 UTC
Permalink
Hi Hemal,
Your domain is not functioning correctly. What was the question?
Anthony,
http://www.airdesk.com
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042 & 2041
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest and is
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time of the
previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain contrlloers. Also
I can't take system state backup even with backup utility. I am getting the
same error message on all 3 domain controllers when I try to use backup
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292, 11 on
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Hemal
2008-10-15 20:01:01 UTC
Permalink
Hi,

I don't see any problem with the domain right now. Users have no problem to
access network resouces. I want to get rid of these events from my domain. I
really don't know much about ADS troubleshooting, I thought someone will
guide me to correct these all events.

Thank you for your help,
Hemal
Post by Anthony [MVP]
Hi Hemal,
Your domain is not functioning correctly. What was the question?
Anthony,
http://www.airdesk.com
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042 & 2041
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest and is
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time of the
previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain contrlloers. Also
I can't take system state backup even with backup utility. I am getting the
same error message on all 3 domain controllers when I try to use backup
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292, 11 on
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Meinolf Weber
2008-10-15 20:41:24 UTC
Permalink
Hello Hemal,

Your biggest problem is this which has to be solved ASAP:
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
Description:
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
Time of last successful replication:
2008-06-25 01:26:15
Invocation ID of source:
07b0f6c8-f6b8-07b0-0100-000000000000
Name of source:
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
Tombstone lifetime (days):
60


You have a replication problem between your DC's, they have not replicated
over the tombstone lifetime. Did you follow the steps in the event id?

See also here:
http://technet.microsoft.com/en-us/library/cc738415.aspx

http://technet.microsoft.com/en-us/library/cc757610.aspx

http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx

http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-objects.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:1
Hemal
2008-10-15 20:52:00 UTC
Permalink
Hi Meinolf,

Thanks for your reply. I didn't follow the steps in the event id as I was
not sure from where I have to start? Now I will try to follow the links you
sent and try to see if it can fix this NTDS replication message.

Thank you again and I will post the outcome once it will be done.

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
You have a replication problem between your DC's, they have not replicated
over the tombstone lifetime. Did you follow the steps in the event id?
http://technet.microsoft.com/en-us/library/cc738415.aspx
http://technet.microsoft.com/en-us/library/cc757610.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-objects.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
Meinolf Weber
2008-10-15 20:57:14 UTC
Permalink
Hello Hemal,

How many DC's do you have and how are they located/connected, one site or
multiple? Please post an unedited ipconfig /all

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Thanks for your reply. I didn't follow the steps in the event id as I
was not sure from where I have to start? Now I will try to follow the
links you sent and try to see if it can fix this NTDS replication
message.
Thank you again and I will post the outcome once it will be done.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
You have a replication problem between your DC's, they have not
replicated over the tombstone lifetime. Did you follow the steps in
the event id?
http://technet.microsoft.com/en-us/library/cc738415.aspx
http://technet.microsoft.com/en-us/library/cc757610.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-obj
ects.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:1
Hemal
2008-10-15 21:58:00 UTC
Permalink
Hi Meinolf,

I have windows 2003 server domain controllers at one location. Following it
the unedited ipconfig/all for all of them:

1. Win2003 R2 with SP1 has all 4 FSMO Roles

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : HPSERVER
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : 00-21-5A-A5-D6-A0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.197
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.197

C:\Documents and Settings\Administrator.KBGCA>

2. Win2003 R2 with SP1

(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Dellserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local

Ethernet adapter Team 1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-19-B9-B5-3E-56
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.200
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.200

C:\Documents and Settings\Administrator.KBGCA>

3. Win2003 standard with SP2


Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : mainserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT X 2 Express Team
#1
Physical Address. . . . . . . . . : 00-07-E9-2E-58-BC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.199
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.235
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :

C:\Documents and Settings\Administrator.KBGCA>

4. Win2003 standard with SP2

C:\Documents and Settings\Administrator.KBGCA>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : ibmserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : IBM Netfinity 10/100 Ethernet
Security Adapter 2
Physical Address. . . . . . . . . : 00-02-55-AA-E3-F6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.201
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199
10.0.0.201

C:\Documents and Settings\Administrator.KBGCA>


Please let me know if you need more information..

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
How many DC's do you have and how are they located/connected, one site or
multiple? Please post an unedited ipconfig /all
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Thanks for your reply. I didn't follow the steps in the event id as I
was not sure from where I have to start? Now I will try to follow the
links you sent and try to see if it can fix this NTDS replication
message.
Thank you again and I will post the outcome once it will be done.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
You have a replication problem between your DC's, they have not
replicated over the tombstone lifetime. Did you follow the steps in
the event id?
http://technet.microsoft.com/en-us/library/cc738415.aspx
http://technet.microsoft.com/en-us/library/cc757610.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-obj
ects.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
Hemal
2008-10-15 22:01:02 UTC
Permalink
Hi Meinolf,

I forgot to tell you that I have 4 domain controllers and I have posted the
ipconfig/all for all of them in the last post..

Thanks again,
Hemal
Post by Hemal
Hi Meinolf,
I have windows 2003 server domain controllers at one location. Following it
1. Win2003 R2 with SP1 has all 4 FSMO Roles
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : HPSERVER
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : 00-21-5A-A5-D6-A0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.197
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.197
C:\Documents and Settings\Administrator.KBGCA>
2. Win2003 R2 with SP1
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Dellserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-19-B9-B5-3E-56
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.200
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.200
C:\Documents and Settings\Administrator.KBGCA>
3. Win2003 standard with SP2
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : mainserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT X 2 Express Team
#1
Physical Address. . . . . . . . . : 00-07-E9-2E-58-BC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.199
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.235
Subnet Mask . . . . . . . . . . . : 255.255.255.255
C:\Documents and Settings\Administrator.KBGCA>
4. Win2003 standard with SP2
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ibmserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : IBM Netfinity 10/100 Ethernet
Security Adapter 2
Physical Address. . . . . . . . . : 00-02-55-AA-E3-F6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.201
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199
10.0.0.201
C:\Documents and Settings\Administrator.KBGCA>
Please let me know if you need more information..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
How many DC's do you have and how are they located/connected, one site or
multiple? Please post an unedited ipconfig /all
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Thanks for your reply. I didn't follow the steps in the event id as I
was not sure from where I have to start? Now I will try to follow the
links you sent and try to see if it can fix this NTDS replication
message.
Thank you again and I will post the outcome once it will be done.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
You have a replication problem between your DC's, they have not
replicated over the tombstone lifetime. Did you follow the steps in
the event id?
http://technet.microsoft.com/en-us/library/cc738415.aspx
http://technet.microsoft.com/en-us/library/cc757610.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-obj
ects.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
Meinolf Weber
2008-10-15 22:11:20 UTC
Permalink
Hello Hemal,

Hopefully it has 5 FSMO roles, check with "netdom query fsmo" from command
line, if you get an error install the suptools.msi form the installation
disk support/tools folder.

The 4 servers are all DNS servers and point mostly to itself and not to a
secondary one, except ibmserver and mainserver?

What kind of DNS zones do you use, AD integrated?

Using a Domain controller as a RRAS server is not a good solution.

Please run repadmin /showrepl and post the output here.

Also post the output from dcdiag /v and netdiag /v from all Dellserver, because
this one causes the error about tombstone lifetime, even the output is a lot.

Just a small remark, with using the 255.0.0.0 subnet you create really big
broadcast domain for one network, normally you use 255.255.255.0 as subnet
mask for one site.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
I have windows 2003 server domain controllers at one location.
1. Win2003 R2 with SP1 has all 4 FSMO Roles
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : HPSERVER
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : 00-21-5A-A5-D6-A0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.197
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.197
C:\Documents and Settings\Administrator.KBGCA>
2. Win2003 R2 with SP1
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Dellserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-19-B9-B5-3E-56
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.200
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.200
C:\Documents and Settings\Administrator.KBGCA>
3. Win2003 standard with SP2
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : mainserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT X 2
Express Team
#1
Physical Address. . . . . . . . . : 00-07-E9-2E-58-BC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.199
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.235
Subnet Mask . . . . . . . . . . . : 255.255.255.255
C:\Documents and Settings\Administrator.KBGCA>
4. Win2003 standard with SP2
C:\Documents and Settings\Administrator.KBGCA>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ibmserver
Primary Dns Suffix . . . . . . . : kbgca.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kbgca.local
Description . . . . . . . . . . . : IBM Netfinity 10/100 Ethernet
Security Adapter 2
Physical Address. . . . . . . . . : 00-02-55-AA-E3-F6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.201
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.50
DNS Servers . . . . . . . . . . . : 10.0.0.199
10.0.0.201
C:\Documents and Settings\Administrator.KBGCA>
Please let me know if you need more information..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
How many DC's do you have and how are they located/connected, one
site or multiple? Please post an unedited ipconfig /all
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Thanks for your reply. I didn't follow the steps in the event id as
I was not sure from where I have to start? Now I will try to follow
the links you sent and try to see if it can fix this NTDS
replication message.
Thank you again and I will post the outcome once it will be done.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
You have a replication problem between your DC's, they have not
replicated over the tombstone lifetime. Did you follow the steps in
the event id?
http://technet.microsoft.com/en-us/library/cc738415.aspx
http://technet.microsoft.com/en-us/library/cc757610.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-o
bj ects.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
Hemal
2008-10-15 22:53:07 UTC
Permalink
Hi Meinolf,

Thanks for all your reply & valuable suggestions.

1. First of all I checked about FSMO Roles and following is the output:

C:\Documents and Settings\Administrator.KBGCA>netdom query fsmo
Schema owner HPSERVER.kbgca.local

Domain role owner HPSERVER.kbgca.local

PDC role HPSERVER.kbgca.local

RID pool manager HPSERVER.kbgca.local

Infrastructure owner HPSERVER.kbgca.local

The command completed successfully.

2. You are right. The 4 servers are all DNS servers and point mostly to
itself and not to a secondary one, except ibmserver and mainserver.

Can you suggest the best practices for managing these if you don't mind?

3. Domain controller is setup as a RRAS server but I will change it once
everything will be fixed. Thanks for suggestion.

4. Following is the output of repadmin /showrepl command on my hpserver:

{ Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\HPSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
DC invocationID: 7a0a1b8c-f76b-4e2c-8e42-21f5b56b8220

==== INBOUND NEIGHBORS ======================================

DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-15 18:08:02 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
912 consecutive failure(s).
Last success @ 2008-06-25 01:18:42.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-15 18:15:42 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
652 consecutive failure(s).
Last success @ 2008-06-25 10:39:40.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-15 18:24:02 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
765 consecutive failure(s).
Last success @ 2008-06-25 10:37:45.

CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-15 17:56:25 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
250 consecutive failure(s).
Last success @ 2008-06-25 01:11:05.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-15 18:26:42 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
254 consecutive failure(s).
Last success @ 2008-06-25 10:34:55.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-15 18:27:08 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
248 consecutive failure(s).
Last success @ 2008-06-25 10:34:55.

CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-15 17:53:17 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
105 consecutive failure(s).
Last success @ 2008-06-25 10:34:56.
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-15 17:53:17 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
106 consecutive failure(s).
Last success @ 2008-06-25 00:51:03.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-15 17:53:17 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
105 consecutive failure(s).
Last success @ 2008-06-25 10:34:56.

Source: Default-First-Site-Name\MAINSERVER
******* 765 CONSECUTIVE FAILURES since 2008-06-25 10:37:45
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Source: Default-First-Site-Name\IBMSERVER
******* 912 CONSECUTIVE FAILURES since 2008-06-25 01:18:42
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Source: Default-First-Site-Name\DELLSERVER
******* 652 CONSECUTIVE FAILURES since 2008-06-25 10:39:40
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.


C:\Documents and Settings\Administrator.KBGCA> }

5. Output of Dellsevver for Dcdiag /v


{C:\Program Files\Support Tools>dcdiag /v

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine Dellserver, is a DC.
* Connecting to directory service on server Dellserver.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 4 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DELLSERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... DELLSERVER passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DELLSERVER
Starting test: Replications
* Replications Check
[Replications Check,DELLSERVER] A recent replication attempt failed:
From IBMSERVER to DELLSERVER
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:14:17.
107 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt failed:
From MAINSERVER to DELLSERVER
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:14:17.
107 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt failed:
From MAINSERVER to DELLSERVER
Naming Context: CN=Configuration,DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:19:51.
256 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt failed:
From IBMSERVER to DELLSERVER
Naming Context: CN=Configuration,DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:19:57.
251 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt failed:
From MAINSERVER to DELLSERVER
Naming Context: DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 10:37:51.
764 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt failed:
From IBMSERVER to DELLSERVER
Naming Context: DC=kbgca,DC=local
The replication generated an error (8614):
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 10:40:08.
871 failures have occurred since the last success.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
DELLSERVER: Current time is 2008-10-15 18:47:09.
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Last replication recieved from HPSERVER at 2008-06-25 01:14:18.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from IBMSERVER at 2008-06-25
01:14:17.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
01:14:17.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 11 entries in the vector were ignored.
11 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=kbgca,DC=local
Last replication recieved from HPSERVER at 2008-06-25 01:14:17.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from IBMSERVER at 2008-06-25
01:19:57.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
01:19:51.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 11 entries in the vector were ignored.
11 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=kbgca,DC=local
Last replication recieved from IBMSERVER at 2008-06-25
01:26:15.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
10:37:48.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... DELLSERVER passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DELLSERVER.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=kbgca,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=kbgca,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=kbgca,DC=local
(Domain,Version 2)
......................... DELLSERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DELLSERVER\netlogon
Verified share \\DELLSERVER\sysvol
......................... DELLSERVER passed test NetLogons
Starting test: Advertising
The DC DELLSERVER is advertising itself as a DC and having a DS.
The DC DELLSERVER is advertising as an LDAP server
The DC DELLSERVER is advertising as having a writeable directory
The DC DELLSERVER is advertising as a Key Distribution Center
The DC DELLSERVER is advertising as a time server
The DS DELLSERVER is advertising as a GC.
......................... DELLSERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
......................... DELLSERVER passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 9103 to 1073741823
* HPSERVER.kbgca.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 5103 to 5602
* rIDPreviousAllocationPool is 5103 to 5602
* rIDNextRID: 5181
......................... DELLSERVER passed test RidManager
Starting test: MachineAccount
Checking machine account for DC DELLSERVER on DC DELLSERVER.
* SPN found :LDAP/Dellserver.kbgca.local/kbgca.local
* SPN found :LDAP/Dellserver.kbgca.local
* SPN found :LDAP/DELLSERVER
* SPN found :LDAP/Dellserver.kbgca.local/KBGCA
* SPN found
:LDAP/b8141bfc-46fa-4345-884c-34be3d92f968._msdcs.kbgca.local
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/b8141bfc-46fa-4345-884c-34be3d92f968/kbgca.local
* SPN found :HOST/Dellserver.kbgca.local/kbgca.local
* SPN found :HOST/Dellserver.kbgca.local
* SPN found :HOST/DELLSERVER
* SPN found :HOST/Dellserver.kbgca.local/KBGCA
* SPN found :GC/Dellserver.kbgca.local/kbgca.local
......................... DELLSERVER passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DELLSERVER passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
DELLSERVER is in domain DC=kbgca,DC=local
Checking for CN=DELLSERVER,OU=Domain Controllers,DC=kbgca,DC=local
in domain DC=kbgca,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local
in domain CN=Configuration,DC=kbgca,DC=local on 1 servers
Object is up-to-date on all servers.
......................... DELLSERVER passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DELLSERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after
the SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 10/15/2008 16:27:52
(Event String could not be retrieved)
......................... DELLSERVER failed test frsevent
Starting test: kccevent
* The KCC Event log test
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:26
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:51
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 10/15/2008 18:41:51
Event String: The attempt to establish a replication link for
the following writable directory partition
failed.

Directory partition:
CN=Configuration,DC=kbgca,DC=local
Source domain controller:
CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local

Source domain controller address:
009fa382-6fcc-46d1-b3db-7ae24701415e._msdcs.kbgca.local

Intersite transport (if any):


This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.

User Action
Verify if the source domain controller is
accessible or network connectivity is available.

Additional Data
Error value:
8614
The Active Directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime.

An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:51
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 10/15/2008 18:41:51
Event String: The attempt to establish a replication link for
the following writable directory partition
failed.

Directory partition:
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source domain controller:
CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local

Source domain controller address:
009fa382-6fcc-46d1-b3db-7ae24701415e._msdcs.kbgca.local

Intersite transport (if any):


This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.

User Action
Verify if the source domain controller is
accessible or network connectivity is available.

Additional Data
Error value:
8614
The Active Directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime.

An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:44:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
......................... DELLSERVER failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 10/15/2008 18:44:31
(Event String could not be retrieved)
......................... DELLSERVER failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DELLSERVER,OU=Domain Controllers,DC=kbgca,DC=local and backlink on
CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local are correct.
The system object reference (frsComputerReferenceBL)
CN=DELLSERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=kbgca,DC=local and backlink on
CN=DELLSERVER,OU=Domain Controllers,DC=kbgca,DC=local are correct.
The system object reference (serverReferenceBL)
CN=DELLSERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=kbgca,DC=local and backlink on
CN=NTDS
Settings,CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=kbgca,DC=local are correct.
......................... DELLSERVER passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : kbgca
Starting test: CrossRefValidation
......................... kbgca passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... kbgca passed test CheckSDRefDom

Running enterprise tests on : kbgca.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the
scope provided by the command line arguments provided.
......................... kbgca.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
PDC Name: \\HPSERVER.kbgca.local
Locator Flags: 0xe00003f9
Time Server Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\HPSERVER.kbgca.local
Locator Flags: 0xe00003f9
KDC Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
......................... kbgca.local passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS

C:\Program Files\Support Tools>}

Output of Netdiag /v I am going to post it in next post as it's too long..

6. Thanks for Subnet mask suggestion.. I never thought about it as it was
implemented like that before. But you are 100% right, I will surely change
that to 255.255.255.0.

Thanks again for your great help.

With regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Hopefully it has 5 FSMO roles, check with "netdom query fsmo" from command
line, if you get an error install the suptools.msi form the installation
disk support/tools folder.
The 4 servers are all DNS servers and point mostly to itself and not to a
secondary one, except ibmserver and mainserver?
What kind of DNS zones do you use, AD integrated?
Using a Domain controller as a RRAS server is not a good solution.
Please run repadmin /showrepl and post the output here.
Also post the output from dcdiag /v and netdiag /v from all Dellserver, because
this one causes the error about tombstone lifetime, even the output is a lot.
Just a small remark, with using the 255.0.0.0 subnet you create really big
broadcast domain for one network, normally you use 255.255.255.0 as subnet
mask for one site.
Best regards
Hemal
2008-10-15 23:03:01 UTC
Permalink
Hi Meinolf,
The output of Netdiag /v is really very large. I have attached what I got:
{
Bindings test. . . . . . . . . . . : Passed
Component Name : Broadcom Advanced Server Program Driver
Bind Name: Blfp
Binding Paths:
Owner of the binding path : Broadcom Advanced Server Program Driver
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: BASP Virtual Adapter

Owner of the binding path : Broadcom Advanced Server Program Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : Broadcom Advanced Server Program Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2


Component Name : Point to Point Protocol Over Ethernet
Bind Name: RasPppoe
Binding Paths:
Owner of the binding path : Point to Point Protocol Over Ethernet
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: BASP Virtual Adapter

Owner of the binding path : Point to Point Protocol Over Ethernet
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : Point to Point Protocol Over Ethernet
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)


Component Name : Point to Point Tunneling Protocol
Bind Name: mspptp
Binding Paths:

Component Name : Layer 2 Tunneling Protocol
Bind Name: msl2tp
Binding Paths:

Component Name : Remote Access NDIS WAN Driver
Bind Name: NdisWan
Binding Paths:
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswanasync
Upper Component: Remote Access NDIS WAN Driver
Lower Component: RAS Async Adapter

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: Direct Parallel

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPPOE)

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPTP)

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (L2TP)


Component Name : NDIS Usermode I/O Protocol
Bind Name: Ndisuio
Binding Paths:
Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: BASP Virtual Adapter

Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)


Component Name : Message-oriented TCP/IP Protocol (SMB session)
Bind Name: NetbiosSmb
Binding Paths:

Component Name : WINS Client(TCP/IP) Protocol
Bind Name: NetBT
Binding Paths:
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter

Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Internet Protocol (TCP/IP)
Bind Name: Tcpip
Binding Paths:
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter

Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Client for Microsoft Networks
Bind Name: LanmanWorkstation
Binding Paths:
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios_smb
Upper Component: Client for Microsoft Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB session)

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : WebClient
Bind Name: WebClient
Binding Paths:

Component Name : Wireless Configuration
Bind Name: wzcsvc
Binding Paths:

Component Name : Network Load Balancing
Bind Name: Wlbs
Binding Paths:
Owner of the binding path : Network Load Balancing
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: BASP Virtual Adapter

Owner of the binding path : Network Load Balancing
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : Network Load Balancing
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)


Component Name : Steelhead
Bind Name: RemoteAccess
Binding Paths:

Component Name : Dial-Up Server
Bind Name: msrassrv
Binding Paths:

Component Name : Remote Access Connection Manager
Bind Name: RasMan
Binding Paths:

Component Name : Dial-Up Client
Bind Name: msrascli
Binding Paths:

Component Name : File and Printer Sharing for Microsoft Networks
Bind Name: LanmanServer
Binding Paths:
Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios_smb
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB session)

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Generic Packet Classifier
Bind Name: Gpc
Binding Paths:

Component Name : Application Layer Gateway
Bind Name: ALG
Binding Paths:

Component Name : NetBIOS Interface
Bind Name: NetBIOS
Binding Paths:
Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter

Owner of the binding path : NetBIOS Interface
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2

Owner of the binding path : NetBIOS Interface
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)

Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : BASP Virtual Adapter
Bind Name: {F9202B74-16E8-4C45-B48F-9C6E9F513286}
Binding Paths:

Component Name : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2
Bind Name: {AACBC468-03AD-4A10-BC88-E365670FB2B2}
Binding Paths:

Component Name : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)
Bind Name: {7AFC5314-DAF4-44D4-9F78-E71A203B4950}
Binding Paths:

Component Name : RAS Async Adapter
Bind Name: {7063473C-D5F3-46B1-A26E-D0557E2D8FCB}
Binding Paths:

Component Name : WAN Miniport (IP)
Bind Name: NdisWanIp
Binding Paths:

Component Name : Direct Parallel
Bind Name: {80DACF12-87A5-4D8C-9F12-1EFD8842B039}
Binding Paths:

Component Name : WAN Miniport (PPPOE)
Bind Name: {79B808AD-4E79-43D5-A2C1-6185908EB0A8}
Binding Paths:

Component Name : WAN Miniport (PPTP)
Bind Name: {87EB1098-C04D-44CA-80B3-65CC73DB5077}
Binding Paths:

Component Name : WAN Miniport (L2TP)
Bind Name: {0589E8D5-12E2-448F-B58B-F6F3CB3087F2}
Binding Paths:



WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Program Files\Support Tools>}

Thanks,
Hemal
Meinolf Weber
2008-10-16 07:41:05 UTC
Permalink
Hello Hemal,

If you got an output that is too long for the command window, you can pipe
it to a textfile:

netdiag /v >c:\netdiag.log

Then it is complete.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
{
Bindings test. . . . . . . . . . . : Passed
Component Name : Broadcom Advanced Server Program Driver
Bind Name: Blfp
Owner of the binding path : Broadcom Advanced Server Program
Driver
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: BASP Virtual Adapter
Owner of the binding path : Broadcom Advanced Server Program
Driver
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : Broadcom Advanced Server Program
Driver
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Broadcom Advanced Server Program Driver
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Component Name : Point to Point Protocol Over Ethernet
Bind Name: RasPppoe
Owner of the binding path : Point to Point Protocol Over
Ethernet
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: BASP Virtual Adapter
Owner of the binding path : Point to Point Protocol Over
Ethernet
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : Point to Point Protocol Over
Ethernet
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Component Name : Point to Point Tunneling Protocol
Bind Name: mspptp
Component Name : Layer 2 Tunneling Protocol
Bind Name: msl2tp
Component Name : Remote Access NDIS WAN Driver
Bind Name: NdisWan
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
-Interface Name: ndiswanasync
Upper Component: Remote Access NDIS WAN Driver
Lower Component: RAS Async Adapter
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: Direct Parallel
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPPOE)
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPTP)
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (L2TP)
Component Name : NDIS Usermode I/O Protocol
Bind Name: Ndisuio
Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: BASP Virtual Adapter
Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Component Name : Message-oriented TCP/IP Protocol (SMB session)
Bind Name: NetbiosSmb
Component Name : WINS Client(TCP/IP) Protocol
Bind Name: NetBT
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: No
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: No
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)
Component Name : Internet Protocol (TCP/IP)
Bind Name: Tcpip
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)
Component Name : Client for Microsoft Networks
Bind Name: LanmanWorkstation
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
-Interface Name: netbios_smb
Upper Component: Client for Microsoft Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB
session)
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: No
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: No
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)
Component Name : WebClient
Bind Name: WebClient
Component Name : Wireless Configuration
Bind Name: wzcsvc
Component Name : Network Load Balancing
Bind Name: Wlbs
Owner of the binding path : Network Load Balancing
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: BASP Virtual Adapter
Owner of the binding path : Network Load Balancing
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : Network Load Balancing
Binding Enabled: No
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Component Name : Steelhead
Bind Name: RemoteAccess
Component Name : Dial-Up Server
Bind Name: msrassrv
Component Name : Remote Access Connection Manager
Bind Name: RasMan
Component Name : Dial-Up Client
Bind Name: msrascli
Component Name : File and Printer Sharing for Microsoft Networks
Bind Name: LanmanServer
Owner of the binding path : File and Printer Sharing for
Microsoft
Networks
Binding Enabled: Yes
-Interface Name: netbios_smb
Upper Component: File and Printer Sharing for Microsoft
Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB
session)
Owner of the binding path : File and Printer Sharing for
Microsoft
Networks
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft
Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter
Owner of the binding path : File and Printer Sharing for
Microsoft
Networks
Binding Enabled: No
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft
Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : File and Printer Sharing for
Microsoft
Networks
Binding Enabled: No
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft
Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : File and Printer Sharing for
Microsoft
Networks
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft
Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)
Component Name : Generic Packet Classifier
Bind Name: Gpc
Component Name : Application Layer Gateway
Bind Name: ALG
Component Name : NetBIOS Interface
Bind Name: NetBIOS
Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: BASP Virtual Adapter
Owner of the binding path : NetBIOS Interface
Binding Enabled: No
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client) #2
Owner of the binding path : NetBIOS Interface
Binding Enabled: No
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD
Client)
Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)
Component Name : BASP Virtual Adapter
Bind Name: {F9202B74-16E8-4C45-B48F-9C6E9F513286}
Component Name : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client) #2
Bind Name: {AACBC468-03AD-4A10-BC88-E365670FB2B2}
Component Name : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD
Client)
Bind Name: {7AFC5314-DAF4-44D4-9F78-E71A203B4950}
Component Name : RAS Async Adapter
Bind Name: {7063473C-D5F3-46B1-A26E-D0557E2D8FCB}
Component Name : WAN Miniport (IP)
Bind Name: NdisWanIp
Component Name : Direct Parallel
Bind Name: {80DACF12-87A5-4D8C-9F12-1EFD8842B039}
Component Name : WAN Miniport (PPPOE)
Bind Name: {79B808AD-4E79-43D5-A2C1-6185908EB0A8}
Component Name : WAN Miniport (PPTP)
Bind Name: {87EB1098-C04D-44CA-80B3-65CC73DB5077}
Component Name : WAN Miniport (L2TP)
Bind Name: {0589E8D5-12E2-448F-B58B-F6F3CB3087F2}
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed
information
The command completed successfully
C:\Program Files\Support Tools>}
Thanks,
Hemal
Meinolf Weber
2008-10-16 07:41:13 UTC
Permalink
Hello Hemal,

The FSMO output looks fine.

Best practise for DNS:
http://support.microsoft.com/kb/825036

RRAS should better run on member servers. DC's with more then one ip can
create a lot of problems.

Do you have also problems with hpserver and the tombstone lifetime? Because
the repadmin output si form the hpserver not from dellserver. Please check
that also on the other DC's.


Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Thanks for all your reply & valuable suggestions.
C:\Documents and Settings\Administrator.KBGCA>netdom query fsmo Schema
owner HPSERVER.kbgca.local
Domain role owner HPSERVER.kbgca.local
PDC role HPSERVER.kbgca.local
RID pool manager HPSERVER.kbgca.local
Infrastructure owner HPSERVER.kbgca.local
The command completed successfully.
2. You are right. The 4 servers are all DNS servers and point mostly
to itself and not to a secondary one, except ibmserver and
mainserver.
Can you suggest the best practices for managing these if you don't mind?
3. Domain controller is setup as a RRAS server but I will change it
once everything will be fixed. Thanks for suggestion.
4. Following is the output of repadmin /showrepl command on my
{ Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl
repadmin running command /showrepl against server localhost
Default-First-Site-Name\HPSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
DC invocationID: 7a0a1b8c-f76b-4e2c-8e42-21f5b56b8220
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
912 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
652 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
765 consecutive failure(s).
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
250 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
254 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
248 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
105 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
106 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
105 consecutive failure(s).
Source: Default-First-Site-Name\MAINSERVER
******* 765 CONSECUTIVE FAILURES since 2008-06-25 10:37:45
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Source: Default-First-Site-Name\IBMSERVER
******* 912 CONSECUTIVE FAILURES since 2008-06-25 01:18:42
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Source: Default-First-Site-Name\DELLSERVER
******* 652 CONSECUTIVE FAILURES since 2008-06-25 10:39:40
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
C:\Documents and Settings\Administrator.KBGCA> }
5. Output of Dellsevver for Dcdiag /v
{C:\Program Files\Support Tools>dcdiag /v
Domain Controller Diagnosis
* Verifying that the local machine Dellserver, is a DC.
* Connecting to directory service on server Dellserver.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 4 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DELLSERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... DELLSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DELLSERVER
Starting test: Replications
* Replications Check
[Replications Check,DELLSERVER] A recent replication attempt
From IBMSERVER to DELLSERVER
CN=Schema,CN=Configuration,DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:14:17.
107 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt
From MAINSERVER to DELLSERVER
CN=Schema,CN=Configuration,DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:14:17.
107 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt
From MAINSERVER to DELLSERVER
Naming Context: CN=Configuration,DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:19:51.
256 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt
From IBMSERVER to DELLSERVER
Naming Context: CN=Configuration,DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 01:19:57.
251 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt
From MAINSERVER to DELLSERVER
Naming Context: DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 10:37:51.
764 failures have occurred since the last success.
[Replications Check,DELLSERVER] A recent replication attempt
From IBMSERVER to DELLSERVER
Naming Context: DC=kbgca,DC=local
The Active Directory cannot replicate with this server
because
the time since the last replication with this server has exceeded the
tombstone lifetime.
The failure occurred at 2008-10-15 18:46:57.
The last success occurred at 2008-06-25 10:40:08.
871 failures have occurred since the last success.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
DELLSERVER: Current time is 2008-10-15 18:47:09.
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Last replication recieved from HPSERVER at 2008-06-25
01:14:18.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Last replication recieved from IBMSERVER at 2008-06-25
01:14:17.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
01:14:17.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Latency information for 11 entries in the vector were
ignored.
read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=kbgca,DC=local
Last replication recieved from HPSERVER at 2008-06-25
01:14:17.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Last replication recieved from IBMSERVER at 2008-06-25
01:19:57.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
01:19:51.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Latency information for 11 entries in the vector were
ignored.
read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=kbgca,DC=local
Last replication recieved from IBMSERVER at 2008-06-25
01:26:15.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Last replication recieved from MAINSERVER at 2008-06-25
10:37:48.
WARNING: This latency is over the Tombstone Lifetime
of 60
days!
Latency information for 9 entries in the vector were
ignored.
read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... DELLSERVER passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DELLSERVER.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=kbgca,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=kbgca,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=kbgca,DC=local
(Domain,Version 2)
......................... DELLSERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DELLSERVER\netlogon
Verified share \\DELLSERVER\sysvol
......................... DELLSERVER passed test NetLogons
Starting test: Advertising
The DC DELLSERVER is advertising itself as a DC and having a
DS.
The DC DELLSERVER is advertising as an LDAP server
The DC DELLSERVER is advertising as having a writeable
directory
The DC DELLSERVER is advertising as a Key Distribution Center
The DC DELLSERVER is advertising as a time server
The DS DELLSERVER is advertising as a GC.
......................... DELLSERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
......................... DELLSERVER passed test
KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 9103 to 1073741823
* HPSERVER.kbgca.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 5103 to 5602
* rIDPreviousAllocationPool is 5103 to 5602
* rIDNextRID: 5181
......................... DELLSERVER passed test RidManager
Starting test: MachineAccount
Checking machine account for DC DELLSERVER on DC DELLSERVER.
* SPN found :LDAP/Dellserver.kbgca.local/kbgca.local
* SPN found :LDAP/Dellserver.kbgca.local
* SPN found :LDAP/DELLSERVER
* SPN found :LDAP/Dellserver.kbgca.local/KBGCA
* SPN found
:LDAP/b8141bfc-46fa-4345-884c-34be3d92f968._msdcs.kbgca.local
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/b8141bfc-46fa-4345-884c-34be3d92
f968/kbgca.local
* SPN found :HOST/Dellserver.kbgca.local/kbgca.local
* SPN found :HOST/Dellserver.kbgca.local
* SPN found :HOST/DELLSERVER
* SPN found :HOST/Dellserver.kbgca.local/KBGCA
* SPN found :GC/Dellserver.kbgca.local/kbgca.local
......................... DELLSERVER passed test
MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DELLSERVER passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
DELLSERVER is in domain DC=kbgca,DC=local
Checking for CN=DELLSERVER,OU=Domain
Controllers,DC=kbgca,DC=local
in domain DC=kbgca,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=kbgca,DC=local
in domain CN=Configuration,DC=kbgca,DC=local on 1 servers
Object is up-to-date on all servers.
......................... DELLSERVER passed test
ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DELLSERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours
after
the SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 10/15/2008 16:27:52
(Event String could not be retrieved)
......................... DELLSERVER failed test frsevent
Starting test: kccevent
* The KCC Event log test
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:26
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:51
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 10/15/2008 18:41:51
Event String: The attempt to establish a replication link
for
the following writable directory partition
failed.
CN=Configuration,DC=kbgca,DC=local
CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
009fa382-6fcc-46d1-b3db-7ae24701415e._msdcs.kbgca.local
This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.
User Action
Verify if the source domain controller is
accessible or network connectivity is available.
Additional Data
8614
The Active Directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime.
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:41:51
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 10/15/2008 18:41:51
Event String: The attempt to establish a replication link
for
the following writable directory partition
failed.
CN=Schema,CN=Configuration,DC=kbgca,DC=local
CN=NTDS
Settings,CN=HPSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
=Configuration,DC=kbgca,DC=local
009fa382-6fcc-46d1-b3db-7ae24701415e._msdcs.kbgca.local
This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.
User Action
Verify if the source domain controller is
accessible or network connectivity is available.
Additional Data
8614
The Active Directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime.
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:44:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00007FA
Time Generated: 10/15/2008 18:46:57
(Event String could not be retrieved)
......................... DELLSERVER failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000455
Time Generated: 10/15/2008 18:44:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 10/15/2008 18:44:31
(Event String could not be retrieved)
......................... DELLSERVER failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DELLSERVER,OU=Domain Controllers,DC=kbgca,DC=local and backlink on
CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config
uration,DC=kbgca,DC=local are correct.
The system object reference (frsComputerReferenceBL)
CN=DELLSERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replication
Service,CN=System,DC=kbgca,DC=local and backlink on
CN=DELLSERVER,OU=Domain Controllers,DC=kbgca,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=DELLSERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replication
Service,CN=System,DC=kbgca,DC=local and backlink on
CN=NTDS
Settings,CN=DELLSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=kbgca,DC=local are correct.
......................... DELLSERVER passed test
VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : kbgca
Starting test: CrossRefValidation
......................... kbgca passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... kbgca passed test CheckSDRefDom
Running enterprise tests on : kbgca.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside
the
scope provided by the command line arguments provided.
......................... kbgca.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
PDC Name: \\HPSERVER.kbgca.local
Locator Flags: 0xe00003f9
Time Server Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\HPSERVER.kbgca.local
Locator Flags: 0xe00003f9
KDC Name: \\Dellserver.kbgca.local
Locator Flags: 0xe00001fc
......................... kbgca.local passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
C:\Program Files\Support Tools>}
Output of Netdiag /v I am going to post it in next post as it's too long..
6. Thanks for Subnet mask suggestion.. I never thought about it as it
was implemented like that before. But you are 100% right, I will
surely change that to 255.255.255.0.
Thanks again for your great help.
With regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Hopefully it has 5 FSMO roles, check with "netdom query fsmo" from
command line, if you get an error install the suptools.msi form the
installation disk support/tools folder.
The 4 servers are all DNS servers and point mostly to itself and not
to a secondary one, except ibmserver and mainserver?
What kind of DNS zones do you use, AD integrated?
Using a Domain controller as a RRAS server is not a good solution.
Please run repadmin /showrepl and post the output here.
Also post the output from dcdiag /v and netdiag /v from all
Dellserver, because this one causes the error about tombstone
lifetime, even the output is a lot.
Just a small remark, with using the 255.0.0.0 subnet you create
really big broadcast domain for one network, normally you use
255.255.255.0 as subnet mask for one site.
Best regards
Hemal
2008-10-16 14:03:00 UTC
Permalink
Hi Meinolf,

Thanks for your reply. I got the output of netdiag /v on HPserver in text
file as you recommended but as this post has limit of 30000 tax size and the
output is 114496 I may have to send it to you in diff posts or whatever way
you want.

I also have the same problems about the tombstone lifetime on all other
servers. Below is the output of repadmin /showrepl command on dellserver:

{repadmin running command /showrepl against server localhost



Default-First-Site-Name\DELLSERVER

DC Options: IS_GC

Site Options: (none)

DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968

DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef



==== INBOUND NEIGHBORS ======================================



DC=kbgca,DC=local

Default-First-Site-Name\MAINSERVER via RPC

DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81

Last attempt @ 2008-10-16 09:30:52 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

821 consecutive failure(s).

Last success @ 2008-06-25 10:37:51.

Default-First-Site-Name\IBMSERVER via RPC

DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5

Last attempt @ 2008-10-16 09:31:26 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

934 consecutive failure(s).

Last success @ 2008-06-25 10:40:08.

Default-First-Site-Name\HPSERVER via RPC

DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e

Last attempt @ 2008-10-16 09:34:23 was successful.



CN=Configuration,DC=kbgca,DC=local

Default-First-Site-Name\IBMSERVER via RPC

DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5

Last attempt @ 2008-10-16 09:26:25 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

286 consecutive failure(s).

Last success @ 2008-06-25 01:19:57.

Default-First-Site-Name\MAINSERVER via RPC

DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81

Last attempt @ 2008-10-16 09:26:48 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

291 consecutive failure(s).

Last success @ 2008-06-25 01:19:51.



CN=Schema,CN=Configuration,DC=kbgca,DC=local

Default-First-Site-Name\IBMSERVER via RPC

DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5

Last attempt @ 2008-10-16 08:48:50 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

121 consecutive failure(s).

Last success @ 2008-06-25 01:14:17.

Default-First-Site-Name\MAINSERVER via RPC

DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81

Last attempt @ 2008-10-16 08:48:50 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

121 consecutive failure(s).

Last success @ 2008-06-25 01:14:17.



Source: Default-First-Site-Name\HPSERVER

******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.



Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local

Source: Default-First-Site-Name\HPSERVER

******* WARNING: KCC could not add this REPLICA LINK due to error.



Naming Context: CN=Configuration,DC=kbgca,DC=local

Source: Default-First-Site-Name\HPSERVER

******* WARNING: KCC could not add this REPLICA LINK due to error.



Source: Default-First-Site-Name\MAINSERVER

******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.



Source: Default-First-Site-Name\IBMSERVER

******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.}

I will try to implement the things you suggest for RRAS, DNS.

Let me know.

Best regards,
Hemal
Hemal
2008-10-16 17:39:00 UTC
Permalink
Hi Meinolf,

Can you please tell me where should I start to resolve this issue?

Thanks for you help so far...

Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver in text
file as you recommended but as this post has limit of 30000 tax size and the
output is 114496 I may have to send it to you in diff posts or whatever way
you want.
I also have the same problems about the tombstone lifetime on all other
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Meinolf Weber
2008-10-16 18:03:20 UTC
Permalink
Hello Hemal,

Please post an output from all 4 DC's from repadmin /showrepl Never saw that
4 DC's together where over the tombstone lifetime.

Was there a crash on some of them before or did you install them from images
without sysprep them?

Or did you have shutdown some of them for a longer period of tiime?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver in
text file as you recommended but as this post has limit of 30000 tax
size and the output is 114496 I may have to send it to you in diff
posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Hemal
2008-10-16 18:29:00 UTC
Permalink
Hi Meinolf,

I restored a "System State" backup (was taken Oct 3) on Mainserver (on Oct
11) by using Directory Services Restore wizard (F8 Option) with Symantec
backup exec. Restoration was successful but do you think that created the
problem?
I have posted the output of repadmin /showrepl of all 4 servers below:

1. HPserver

{ Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\HPSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
DC invocationID: 7a0a1b8c-f76b-4e2c-8e42-21f5b56b8220

==== INBOUND NEIGHBORS ======================================

DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 14:11:16 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
794 consecutive failure(s).
Last success @ 2008-06-25 10:39:40.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 14:11:28 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
921 consecutive failure(s).
Last success @ 2008-06-25 10:37:45.
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 14:12:34 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
1089 consecutive failure(s).
Last success @ 2008-06-25 01:18:42.

CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 13:56:45 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
299 consecutive failure(s).
Last success @ 2008-06-25 01:11:05.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 13:56:53 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
302 consecutive failure(s).
Last success @ 2008-06-25 10:34:55.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 14:12:12 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
297 consecutive failure(s).
Last success @ 2008-06-25 10:34:55.

CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 13:56:45 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Last success @ 2008-06-25 10:34:56.
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 13:56:45 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
127 consecutive failure(s).
Last success @ 2008-06-25 00:51:03.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 13:56:45 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Last success @ 2008-06-25 10:34:56.

Source: Default-First-Site-Name\MAINSERVER
******* 916 CONSECUTIVE FAILURES since 2008-06-25 10:37:45
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Source: Default-First-Site-Name\IBMSERVER
******* 1084 CONSECUTIVE FAILURES since 2008-06-25 01:18:42
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Source: Default-First-Site-Name\DELLSERVER
******* 792 CONSECUTIVE FAILURES since 2008-06-25 10:39:40
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.


C:\Documents and Settings\Administrator.KBGCA>}

2. Dellserver

{C:\Program Files\Support Tools>repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef

==== INBOUND NEIGHBORS ======================================

DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Last attempt @ 2008-10-16 14:11:11 was successful.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 14:11:31 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
916 consecutive failure(s).
Last success @ 2008-06-25 10:37:51.
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 14:13:22 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
1041 consecutive failure(s).
Last success @ 2008-06-25 10:40:08.

CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 13:56:26 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
297 consecutive failure(s).
Last success @ 2008-06-25 01:19:57.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 13:56:50 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
302 consecutive failure(s).
Last success @ 2008-06-25 01:19:51.

CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
Last attempt @ 2008-10-16 13:48:51 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
126 consecutive failure(s).
Last success @ 2008-06-25 01:14:17.
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Last attempt @ 2008-10-16 13:48:51 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
126 consecutive failure(s).
Last success @ 2008-06-25 01:14:17.

Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:54
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.

Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.

Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.

Source: Default-First-Site-Name\MAINSERVER
******* 916 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.

Source: Default-First-Site-Name\IBMSERVER
******* 1039 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.


C:\Program Files\Support Tools>}

3. Mainserver

{Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\MAINSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
DC invocationID: 9f882ab3-8835-4ae4-a430-dcdf62804274

==== INBOUND NEIGHBORS ======================================

DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Last attempt @ 2008-10-16 14:11:08 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
2979 consecutive failure(s).
Last success @ 2008-06-25 10:39:18.
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 14:11:22 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
763 consecutive failure(s).
Last success @ 2008-06-25 10:38:58.

CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 13:47:19 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
296 consecutive failure(s).
Last success @ 2008-06-25 01:19:33.
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Last attempt @ 2008-10-16 14:01:59 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
293 consecutive failure(s).
Last success @ 2008-06-25 01:20:03.

CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
Last attempt @ 2008-10-16 13:47:19 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
125 consecutive failure(s).
Last success @ 2008-10-11 10:40:25.
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Last attempt @ 2008-10-16 13:47:19 failed, result 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Last success @ 2008-06-25 00:56:35.

Source: Default-First-Site-Name\IBMSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:35
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.

Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.

Naming Context: DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.

Source: Default-First-Site-Name\DELLSERVER
******* 763 CONSECUTIVE FAILURES since 2008-10-11 10:40:25
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.

Source: Default-First-Site-Name\HPSERVER
******* 2979 CONSECUTIVE FAILURES since 2008-06-25 10:39:18
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.


C:\Documents and Settings\Administrator.KBGCA>}

4. ibmserver

{

repadmin running command /showrepl against server localhost



Default-First-Site-Name\IBMSERVER

DC Options: (none)

Site Options: (none)

DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5

DC invocationID: 9c61a964-9f7b-42d0-a01d-6bea0c35e205



==== INBOUND NEIGHBORS ======================================



DC=kbgca,DC=local

Default-First-Site-Name\HPSERVER via RPC

DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e

Last attempt @ 2008-10-16 14:11:05 was successful.

Default-First-Site-Name\DELLSERVER via RPC

DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968

Last attempt @ 2008-10-16 14:11:19 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

732 consecutive failure(s).

Last success @ 2008-06-25 01:26:33.



CN=Configuration,DC=kbgca,DC=local

Default-First-Site-Name\HPSERVER via RPC

DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e

Last attempt @ 2008-10-16 14:02:02 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

291 consecutive failure(s).

Last success @ 2008-06-25 01:20:06.

Default-First-Site-Name\DELLSERVER via RPC

DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968

Last attempt @ 2008-10-16 14:12:15 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

294 consecutive failure(s).

Last success @ 2008-06-25 01:19:36.



CN=Schema,CN=Configuration,DC=kbgca,DC=local

Default-First-Site-Name\DELLSERVER via RPC

DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968

Last attempt @ 2008-10-16 13:48:33 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

124 consecutive failure(s).

Last success @ 2008-06-25 00:49:42.

Default-First-Site-Name\HPSERVER via RPC

DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e

Last attempt @ 2008-10-16 13:48:33 failed, result 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.

124 consecutive failure(s).

Last success @ 2008-06-25 00:49:42.

Default-First-Site-Name\MAINSERVER via RPC

DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81

Last attempt @ 2008-10-16 13:48:33 was successful.



Source: Default-First-Site-Name\MAINSERVER

******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:11

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.



Naming Context: CN=Configuration,DC=kbgca,DC=local

Source: Default-First-Site-Name\MAINSERVER

******* WARNING: KCC could not add this REPLICA LINK due to error.



Naming Context: DC=kbgca,DC=local

Source: Default-First-Site-Name\MAINSERVER

******* WARNING: KCC could not add this REPLICA LINK due to error.



Source: Default-First-Site-Name\DELLSERVER

******* 731 CONSECUTIVE FAILURES since 2008-06-25 01:26:33

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.



Source: Default-First-Site-Name\HPSERVER

******* 291 CONSECUTIVE FAILURES since 2008-06-25 01:20:06

Last error: 8614 (0x21a6):

The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded the
tombstone lifetime.}

Thanks,
Hemal
Meinolf Weber
2008-10-16 18:41:03 UTC
Permalink
Hello Hemal,

Was it an authoritative restore? Please describe the way you did it.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
I restored a "System State" backup (was taken Oct 3) on Mainserver (on
Oct 11) by using Directory Services Restore wizard (F8 Option) with
Symantec backup exec. Restoration was successful but do you think that
created the problem? I have posted the output of repadmin /showrepl of
1. HPserver
{ Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl
repadmin running command /showrepl against server localhost
Default-First-Site-Name\HPSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
DC invocationID: 7a0a1b8c-f76b-4e2c-8e42-21f5b56b8220
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
794 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
921 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
1089 consecutive failure(s).
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
299 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
302 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
297 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
127 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Source: Default-First-Site-Name\MAINSERVER
******* 916 CONSECUTIVE FAILURES since 2008-06-25 10:37:45
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Source: Default-First-Site-Name\IBMSERVER
******* 1084 CONSECUTIVE FAILURES since 2008-06-25 01:18:42
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Source: Default-First-Site-Name\DELLSERVER
******* 792 CONSECUTIVE FAILURES since 2008-06-25 10:39:40
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
C:\Documents and Settings\Administrator.KBGCA>}
2. Dellserver
{C:\Program Files\Support Tools>repadmin /showrepl
repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
916 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
1041 consecutive failure(s).
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
297 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
302 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
126 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
126 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:54
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 916 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 1039 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server
because
the time since the last r
eplication with this server has exceeded the tombstone lifetime.
C:\Program Files\Support Tools>}
3. Mainserver
{Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.KBGCA>repadmin /showrepl
repadmin running command /showrepl against server localhost
Default-First-Site-Name\MAINSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
DC invocationID: 9f882ab3-8835-4ae4-a430-dcdf62804274
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
2979 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
763 consecutive failure(s).
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
296 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
293 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
125 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
126 consecutive failure(s).
Source: Default-First-Site-Name\IBMSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:35
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: DC=kbgca,DC=local
Source: Default-First-Site-Name\IBMSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\DELLSERVER
******* 763 CONSECUTIVE FAILURES since 2008-10-11 10:40:25
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
Source: Default-First-Site-Name\HPSERVER
******* 2979 CONSECUTIVE FAILURES since 2008-06-25 10:39:18
The Active Directory cannot replicate with this server
because
the t
ime since the last replication with this server has exceeded the tombstone
lifet
ime.
C:\Documents and Settings\Administrator.KBGCA>}
4. ibmserver
{
repadmin running command /showrepl against server localhost
Default-First-Site-Name\IBMSERVER
DC Options: (none)
Site Options: (none)
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
DC invocationID: 9c61a964-9f7b-42d0-a01d-6bea0c35e205
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
732 consecutive failure(s).
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
291 consecutive failure(s).
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
294 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\DELLSERVER via RPC
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
124 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
124 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
Source: Default-First-Site-Name\MAINSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 14:11:11
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\MAINSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: DC=kbgca,DC=local
Source: Default-First-Site-Name\MAINSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\DELLSERVER
******* 731 CONSECUTIVE FAILURES since 2008-06-25 01:26:33
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.
Source: Default-First-Site-Name\HPSERVER
******* 291 CONSECUTIVE FAILURES since 2008-06-25 01:20:06
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.}
Thanks,
Hemal
Meinolf Weber
2008-10-16 18:16:48 UTC
Permalink
Hello Hemal,

If you have at least one of them on an actual state and it is maybe not tombstoned,
check also the event viewer for the errors, then you can use the functioning
one as the "master", move all FSMO roles to it and then you have to demote
all other DC's and cleanup AD database form all old entries of them and start
promoting them again.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver in
text file as you recommended but as this post has limit of 30000 tax
size and the output is 114496 I may have to send it to you in diff
posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Hemal
2008-10-16 18:43:01 UTC
Permalink
Hi Meinolf,

As on all 4 servers has the same events right now. Can I try to restore the
system state backup of one of servers and then move FSMO roles to it and then
demote all other DC and cleanup AD database ? Can I do this?

May be I will look stupid but I don't know this. Can you please also tell me
how to demote DC and cleanup Acitve directory dababase and again how to
promote the same DC?

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe not tombstoned,
check also the event viewer for the errors, then you can use the functioning
one as the "master", move all FSMO roles to it and then you have to demote
all other DC's and cleanup AD database form all old entries of them and start
promoting them again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver in
text file as you recommended but as this post has limit of 30000 tax
size and the output is 114496 I may have to send it to you in diff
posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Meinolf Weber
2008-10-16 18:52:52 UTC
Permalink
Hello Hemal,

As said before, never saw 4 tomstoned DC's in one site. So if you have to
roll back, you have the need for a correct version of the system state backup.
Did you ever test one of them before? Ofcourse you will loose user accounts,
groups etc. created after that date, so maybe some of your users will not
be able to work any longer until you recreate there accounts.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move FSMO
roles to it and then demote all other DC and cleanup AD database ?
Can I do this?
May be I will look stupid but I don't know this. Can you please also
tell me how to demote DC and cleanup Acitve directory dababase and
again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe
not tombstoned, check also the event viewer for the errors, then you
can use the functioning one as the "master", move all FSMO roles to
it and then you have to demote all other DC's and cleanup AD database
form all old entries of them and start promoting them again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver
in text file as you recommended but as this post has limit of 30000
tax size and the output is 114496 I may have to send it to you in
diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Hemal
2008-10-16 19:36:01 UTC
Permalink
Hi Meinolf,

I never tested system state backup I am sure I don't have any user accounts
or groups created since last 2 months. I do have system state backup of all
DC's available. Now can you suggest anything here? Also please tell me should
I demote DC before I restore system state or after that? If you know please
send me some links how to demote DC & remove AD database..

Thanks for all you suggestions and time..

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
As said before, never saw 4 tomstoned DC's in one site. So if you have to
roll back, you have the need for a correct version of the system state backup.
Did you ever test one of them before? Ofcourse you will loose user accounts,
groups etc. created after that date, so maybe some of your users will not
be able to work any longer until you recreate there accounts.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move FSMO
roles to it and then demote all other DC and cleanup AD database ?
Can I do this?
May be I will look stupid but I don't know this. Can you please also
tell me how to demote DC and cleanup Acitve directory dababase and
again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe
not tombstoned, check also the event viewer for the errors, then you
can use the functioning one as the "master", move all FSMO roles to
it and then you have to demote all other DC's and cleanup AD database
form all old entries of them and start promoting them again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver
in text file as you recommended but as this post has limit of 30000
tax size and the output is 114496 I may have to send it to you in
diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Meinolf Weber
2008-10-16 20:24:33 UTC
Permalink
Hello Hemal,

I have had more or less the same thoughts as Paul. I contacted him about
your problem to get his expertise for this. So just wait for his additional
replies.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
I never tested system state backup I am sure I don't have any user
accounts or groups created since last 2 months. I do have system
state backup of all DC's available. Now can you suggest anything here?
Also please tell me should I demote DC before I restore system state
or after that? If you know please send me some links how to demote DC
& remove AD database..
Thanks for all you suggestions and time..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
As said before, never saw 4 tomstoned DC's in one site. So if you
have to roll back, you have the need for a correct version of the
system state backup. Did you ever test one of them before? Ofcourse
you will loose user accounts, groups etc. created after that date, so
maybe some of your users will not be able to work any longer until
you recreate there accounts.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move FSMO
roles to it and then demote all other DC and cleanup AD database ?
Can I do this?
May be I will look stupid but I don't know this. Can you please also
tell me how to demote DC and cleanup Acitve directory dababase and
again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe
not tombstoned, check also the event viewer for the errors, then
you can use the functioning one as the "master", move all FSMO
roles to it and then you have to demote all other DC's and cleanup
AD database form all old entries of them and start promoting them
again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver
in text file as you recommended but as this post has limit of
30000 tax size and the output is 114496 I may have to send it to
you in diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Hemal
2008-10-16 20:36:10 UTC
Permalink
Hi Meinolf,

Thnak you again for taking time to help me out. I will wait for additional
comments from you and Paul.

I really appreciate your suggestions and guidence..

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
I have had more or less the same thoughts as Paul. I contacted him about
your problem to get his expertise for this. So just wait for his additional
replies.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
I never tested system state backup I am sure I don't have any user
accounts or groups created since last 2 months. I do have system
state backup of all DC's available. Now can you suggest anything here?
Also please tell me should I demote DC before I restore system state
or after that? If you know please send me some links how to demote DC
& remove AD database..
Thanks for all you suggestions and time..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
As said before, never saw 4 tomstoned DC's in one site. So if you
have to roll back, you have the need for a correct version of the
system state backup. Did you ever test one of them before? Ofcourse
you will loose user accounts, groups etc. created after that date, so
maybe some of your users will not be able to work any longer until
you recreate there accounts.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move FSMO
roles to it and then demote all other DC and cleanup AD database ?
Can I do this?
May be I will look stupid but I don't know this. Can you please also
tell me how to demote DC and cleanup Acitve directory dababase and
again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe
not tombstoned, check also the event viewer for the errors, then
you can use the functioning one as the "master", move all FSMO
roles to it and then you have to demote all other DC's and cleanup
AD database form all old entries of them and start promoting them
again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver
in text file as you recommended but as this post has limit of
30000 tax size and the output is 114496 I may have to send it to
you in diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because
the time since the last replication with this server has exceeded
the tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Meinolf Weber
2008-10-16 20:38:56 UTC
Permalink
Hello Meinolf,

See Pauls reply and please give time to monday for additional infos. If Paul
is correct there will be a solution without rebuilding the complete domain.
Something is going really wrong in your domain but after that amount of missing
replication these 3 days are not the problem.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Meinolf Weber
Hello Hemal,
I have had more or less the same thoughts as Paul. I contacted him
about your problem to get his expertise for this. So just wait for his
additional replies.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
I never tested system state backup I am sure I don't have any user
accounts or groups created since last 2 months. I do have system
state backup of all DC's available. Now can you suggest anything
here? Also please tell me should I demote DC before I restore system
state or after that? If you know please send me some links how to
demote DC & remove AD database..
Thanks for all you suggestions and time..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
As said before, never saw 4 tomstoned DC's in one site. So if you
have to roll back, you have the need for a correct version of the
system state backup. Did you ever test one of them before? Ofcourse
you will loose user accounts, groups etc. created after that date,
so maybe some of your users will not be able to work any longer
until you recreate there accounts.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move
FSMO roles to it and then demote all other DC and cleanup AD
database ? Can I do this?
May be I will look stupid but I don't know this. Can you please
also tell me how to demote DC and cleanup Acitve directory dababase
and again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is
maybe not tombstoned, check also the event viewer for the errors,
then you can use the functioning one as the "master", move all
FSMO roles to it and then you have to demote all other DC's and
cleanup AD database form all old entries of them and start
promoting them again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on
HPserver in text file as you recommended but as this post has
limit of 30000 tax size and the output is 114496 I may have to
send it to you in diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on
all other servers. Below is the output of repadmin /showrepl
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because
the time since the last replication with this server has
exceeded the tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Hemal
2008-10-16 20:29:01 UTC
Permalink
Hi Meinolf,

Can you please tell me where should I start now?

Thanks for all your help..

With best regards,
Hemal
Post by Hemal
Hi Meinolf,
I never tested system state backup I am sure I don't have any user accounts
or groups created since last 2 months. I do have system state backup of all
DC's available. Now can you suggest anything here? Also please tell me should
I demote DC before I restore system state or after that? If you know please
send me some links how to demote DC & remove AD database..
Thanks for all you suggestions and time..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
As said before, never saw 4 tomstoned DC's in one site. So if you have to
roll back, you have the need for a correct version of the system state backup.
Did you ever test one of them before? Ofcourse you will loose user accounts,
groups etc. created after that date, so maybe some of your users will not
be able to work any longer until you recreate there accounts.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
As on all 4 servers has the same events right now. Can I try to
restore the system state backup of one of servers and then move FSMO
roles to it and then demote all other DC and cleanup AD database ?
Can I do this?
May be I will look stupid but I don't know this. Can you please also
tell me how to demote DC and cleanup Acitve directory dababase and
again how to promote the same DC?
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you have at least one of them on an actual state and it is maybe
not tombstoned, check also the event viewer for the errors, then you
can use the functioning one as the "master", move all FSMO roles to
it and then you have to demote all other DC's and cleanup AD database
form all old entries of them and start promoting them again.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Meinolf,
Can you please tell me where should I start to resolve this issue?
Thanks for you help so far...
Hemal
Post by Hemal
Hi Meinolf,
Thanks for your reply. I got the output of netdiag /v on HPserver
in text file as you recommended but as this post has limit of 30000
tax size and the output is 114496 I may have to send it to you in
diff posts or whatever way you want.
I also have the same problems about the tombstone lifetime on all
other servers. Below is the output of repadmin /showrepl command on
{repadmin running command /showrepl against server localhost
Default-First-Site-Name\DELLSERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: b8141bfc-46fa-4345-884c-34be3d92f968
DC invocationID: 7a983dc9-2f2c-4189-ae20-23c55bf6c9ef
==== INBOUND NEIGHBORS ======================================
DC=kbgca,DC=local
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
821 consecutive failure(s).
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
934 consecutive failure(s).
Default-First-Site-Name\HPSERVER via RPC
DC object GUID: 009fa382-6fcc-46d1-b3db-7ae24701415e
CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
286 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
291 consecutive failure(s).
CN=Schema,CN=Configuration,DC=kbgca,DC=local
Default-First-Site-Name\IBMSERVER via RPC
DC object GUID: 382cdb4e-7b9c-4a33-a252-4c11bf6117e5
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Default-First-Site-Name\MAINSERVER via RPC
DC object GUID: 220e92ee-bef1-4162-b077-81ff0a346f81
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
121 consecutive failure(s).
Source: Default-First-Site-Name\HPSERVER
******* 1 CONSECUTIVE FAILURES since 2008-10-16 09:26:53
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Naming Context: CN=Schema,CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Naming Context: CN=Configuration,DC=kbgca,DC=local
Source: Default-First-Site-Name\HPSERVER
******* WARNING: KCC could not add this REPLICA LINK due to error.
Source: Default-First-Site-Name\MAINSERVER
******* 818 CONSECUTIVE FAILURES since 2008-06-25 10:37:51
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.
Source: Default-First-Site-Name\IBMSERVER
******* 931 CONSECUTIVE FAILURES since 2008-06-25 10:40:08
The Active Directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tombstone lifetime.}
I will try to implement the things you suggest for RRAS, DNS.
Let me know.
Best regards,
Hemal
Paul Bergson [MVP-DS]
2008-10-16 19:00:58 UTC
Permalink
How many dc's do you have?

Of those are any reporting no errors?

I haven't read the thread but have you run diagnostics on them? If so did
the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4


http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042 &
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove
inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow
Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f Aborting
Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292, 11
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab}
[0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Hemal
2008-10-16 19:38:01 UTC
Permalink
Hi,

I have 4 dc's and all of them are having the same errors right now. When you
meant diagnostics means dcdiag /v ? then I did and it has a large file and so
many errors on FSMO role holder.

Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them? If so did
the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042 &
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove
inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow
Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f Aborting
Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292, 11
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab}
[0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Paul Bergson [MVP-DS]
2008-10-16 20:00:47 UTC
Permalink
Without spending a lot of time on this I am going to guess you have four
islanded DC's, created by loss of replication. If this is the case you are
almost assuredly stuck with demoting and repromoting all dc's except the
fsmo role holder (Hopefully all reside on one box). So all users who aren't
updated on the fsmo holder will be out of sync as well as groups, machines,
etc...


I won't have time to really think about this until Monday but I think you
are in a big bind.


Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4


http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right now.
When you meant diagnostics means dcdiag /v ? then I did and it has a
large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them? If
so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers
recently.
First of all in Directory service, I am getting these event id 2042
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove
inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow
Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292,
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab}
[0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Hemal
2008-10-16 20:38:01 UTC
Permalink
Hi Paul,

Thanks for your reply. I will wait for your suggestions in this matter.

Thank you again for your time and help.

With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you have four
islanded DC's, created by loss of replication. If this is the case you are
almost assuredly stuck with demoting and repromoting all dc's except the
fsmo role holder (Hopefully all reside on one box). So all users who aren't
updated on the fsmo holder will be out of sync as well as groups, machines,
etc...
I won't have time to really think about this until Monday but I think you
are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right now.
When you meant diagnostics means dcdiag /v ? then I did and it has a
large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them? If
so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292,
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Paul Bergson [MVP-DS]
2008-10-20 12:51:10 UTC
Permalink
Hello Hemal,
If you are getting this same error on all dc's, you are going to have choose
one and build out your domain from there.

This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo

If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504

Once established, assume that to be the authority. Find the dc with the
least number of objects in its site and demote that dc. Once demoted go
back to the FSMO role master and cleanup your metadata for the demoted dc

Metadata cleanup
http://support.microsoft.com/?id=216498

Then return to the failed dc and get connectivity working (Firewalls, etc...)
and then repromote the dc. Then get connectivity working for the clients
of the newly promoted dc. Or you may even want to get the clients working
before you get the dc back depending on the urgency.

Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4


http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you have
four islanded DC's, created by loss of replication. If this is the
case you are almost assuredly stuck with demoting and repromoting all
dc's except the fsmo role holder (Hopefully all reside on one box).
So all users who aren't updated on the fsmo holder will be out of
sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I think
you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right now.
When you meant diagnostics means dcdiag /v ? then I did and it has a
large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them? If
so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Hemal
2008-10-20 13:46:01 UTC
Permalink
Hi Paul,

Thanks for taking time to reply me. I will follow your instructions and do
the same?
I already have all 5 FSMO roles on one DC. Now my problem is how to demote
other DC? If I try DCPROMO on other DC'S I am getting the following error:

{The operation failed because:

Active Directory could not transfer the remaining data in directory
partition CN=Schema, CN=Configuration,DC=kbgca,DC=local to domain controller
hpserver.kbgca.local

"The Active directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tomstone
lifetime." }

Can you please tell me how to demote the other DC's so that I can continue
now:

Thanks again for your time and help..

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you are getting this same error on all dc's, you are going to have choose
one and build out your domain from there.
This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo
If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
Once established, assume that to be the authority. Find the dc with the
least number of objects in its site and demote that dc. Once demoted go
back to the FSMO role master and cleanup your metadata for the demoted dc
Metadata cleanup
http://support.microsoft.com/?id=216498
Then return to the failed dc and get connectivity working (Firewalls, etc...)
and then repromote the dc. Then get connectivity working for the clients
of the newly promoted dc. Or you may even want to get the clients working
before you get the dc back depending on the urgency.
Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you have
four islanded DC's, created by loss of replication. If this is the
case you are almost assuredly stuck with demoting and repromoting all
dc's except the fsmo role holder (Hopefully all reside on one box).
So all users who aren't updated on the fsmo holder will be out of
sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I think
you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right now.
When you meant diagnostics means dcdiag /v ? then I did and it has a
large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them? If
so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Meinolf Weber
2008-10-20 14:02:01 UTC
Permalink
Hello Hemal,

You can demote them with "dcpromo /forceremoval" and then do the metadatacleanup
as described in the article Paul posted in his previous one. Also you have
to clenaup DNS form the server name and if it was DNS server also from that
list. AD sites and services you have to clenaup manually, not done during
demotion, even in a correct running environment.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Paul,
Thanks for taking time to reply me. I will follow your instructions
and do the same? I already have all 5 FSMO roles on one DC. Now my
problem is how to demote other DC? If I try DCPROMO on other DC'S I am
Active Directory could not transfer the remaining data in directory
partition CN=Schema, CN=Configuration,DC=kbgca,DC=local to domain
controller hpserver.kbgca.local
"The Active directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tomstone lifetime." }
Can you please tell me how to demote the other DC's so that I can
Thanks again for your time and help..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you are getting this same error on all dc's, you are going to have choose
one and build out your domain from there.
This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo
If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
Once established, assume that to be the authority. Find the dc with
the least number of objects in its site and demote that dc. Once
demoted go back to the FSMO role master and cleanup your metadata for
the demoted dc
Metadata cleanup http://support.microsoft.com/?id=216498
Then return to the failed dc and get connectivity working (Firewalls,
etc...) and then repromote the dc. Then get connectivity working for
the clients of the newly promoted dc. Or you may even want to get
the clients working before you get the dc back depending on the
urgency.
Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you have
four islanded DC's, created by loss of replication. If this is the
case you are almost assuredly stuck with demoting and repromoting
all dc's except the fsmo role holder (Hopefully all reside on one
box). So all users who aren't updated on the fsmo holder will be
out of sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I
think you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right
now. When you meant diagnostics means dcdiag /v ? then I did and
it has a large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them?
If so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source
has
exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that
the
two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate,
the
source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key.
Once
the
systems replicate once, it is recommended that you remove the
key
to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from
the
time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Hemal
2008-10-20 14:26:01 UTC
Permalink
Hi Meinolf & Paul,

I did demote one of my DC now will perform on rest two today as I have to
restart them after demotion. I will also remove metabase as suggested by Paul
after reboot.

Thanks a bunch to both you again and I will keep you posted about my progress.

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
You can demote them with "dcpromo /forceremoval" and then do the metadatacleanup
as described in the article Paul posted in his previous one. Also you have
to clenaup DNS form the server name and if it was DNS server also from that
list. AD sites and services you have to clenaup manually, not done during
demotion, even in a correct running environment.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Paul,
Thanks for taking time to reply me. I will follow your instructions
and do the same? I already have all 5 FSMO roles on one DC. Now my
problem is how to demote other DC? If I try DCPROMO on other DC'S I am
Active Directory could not transfer the remaining data in directory
partition CN=Schema, CN=Configuration,DC=kbgca,DC=local to domain
controller hpserver.kbgca.local
"The Active directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tomstone lifetime." }
Can you please tell me how to demote the other DC's so that I can
Thanks again for your time and help..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you are getting this same error on all dc's, you are going to have choose
one and build out your domain from there.
This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo
If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
Once established, assume that to be the authority. Find the dc with
the least number of objects in its site and demote that dc. Once
demoted go back to the FSMO role master and cleanup your metadata for
the demoted dc
Metadata cleanup http://support.microsoft.com/?id=216498
Then return to the failed dc and get connectivity working (Firewalls,
etc...) and then repromote the dc. Then get connectivity working for
the clients of the newly promoted dc. Or you may even want to get
the clients working before you get the dc back depending on the
urgency.
Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you have
four islanded DC's, created by loss of replication. If this is the
case you are almost assuredly stuck with demoting and repromoting
all dc's except the fsmo role holder (Hopefully all reside on one
box). So all users who aren't updated on the fsmo holder will be
out of sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I
think you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right
now. When you meant diagnostics means dcdiag /v ? then I did and
it has a large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them?
If so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source
has
exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that
the
two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate,
the
source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key.
Once
the
systems replicate once, it is recommended that you remove the
key
to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from
the
time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
Paul Bergson [MVP-DS]
2008-10-20 14:35:40 UTC
Permalink
Hello Hemal,
Best of luck
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4


http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi Meinolf & Paul,
I did demote one of my DC now will perform on rest two today as I have
to restart them after demotion. I will also remove metabase as
suggested by Paul after reboot.
Thanks a bunch to both you again and I will keep you posted about my progress.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
You can demote them with "dcpromo /forceremoval" and then do the
metadatacleanup as described in the article Paul posted in his
previous one. Also you have to clenaup DNS form the server name and
if it was DNS server also from that list. AD sites and services you
have to clenaup manually, not done during demotion, even in a correct
running environment.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Paul,
Thanks for taking time to reply me. I will follow your instructions
and do the same? I already have all 5 FSMO roles on one DC. Now my
problem is how to demote other DC? If I try DCPROMO on other DC'S I
Active Directory could not transfer the remaining data in directory
partition CN=Schema, CN=Configuration,DC=kbgca,DC=local to domain
controller hpserver.kbgca.local
"The Active directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tomstone lifetime." }
Can you please tell me how to demote the other DC's so that I can
Thanks again for your time and help..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you are getting this same error on all dc's, you are going to
have
choose
one and build out your domain from there.
This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo
If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
Once established, assume that to be the authority. Find the dc with
the least number of objects in its site and demote that dc. Once
demoted go back to the FSMO role master and cleanup your metadata for
the demoted dc
Metadata cleanup http://support.microsoft.com/?id=216498
Then return to the failed dc and get connectivity working
(Firewalls, etc...) and then repromote the dc. Then get
connectivity working for the clients of the newly promoted dc. Or
you may even want to get the clients working before you get the dc
back depending on the urgency.
Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you
have four islanded DC's, created by loss of replication. If this
is the case you are almost assuredly stuck with demoting and
repromoting all dc's except the fsmo role holder (Hopefully all
reside on one box). So all users who aren't updated on the fsmo
holder will be out of sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I
think you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right
now. When you meant diagnostics means dcdiag /v ? then I did and
it has a large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them?
If so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and
confers
no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with
the
named
source machine. The time between replications with this source
has
exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that
the
two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate,
the
source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key.
Once
the
systems replicate once, it is recommended that you remove the
key
to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion
parameters
are
identical. The time period for this run of duplicates is from
the
time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
controllers when I try to use backup utility to backup
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow
copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow
Copy
Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot
be
started.
Hemal
2008-10-21 14:52:01 UTC
Permalink
Hi Paul & Meinolf,

Finally I did everything what guys suggested, demotion/Metadata cleanup
on all DC's except FSMO role holder and then promote one DC. Now I don't
have any event in directory service. Everything went throgh ok thanks
to your valuable suggestions/links.

Also as per Meinolf, I changed our mask to 255.255.255.0 & also moved RRAS
Server to member server.

I still need one favour from you. I still can't use window backup utility
on my 2 DC's. I kept getting event id : 12292/11 in event viewer. I can't
take system state backup or even any file backup using it. Follwoing is the
error message when I tried do backup & event id 11/12292:

{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Backup.bkf created 10/21/2008 at 10:07 AM"

Volume shadow copy creation: Attempt 1.

Error returned while creating the volume shadow copy:0x8004230f.

Error returned while creating the volume shadow copy:8004230f
Aborting Backup.

----------------------

The operation did not successfully complete.

----------------------}

{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/21/2008
Time: 10:07:52 AM
User: N/A
Computer: DELLSERVER
Description:
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 20 43 6f 64 65 3a 20 - Code:
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0018: 2d 20 43 61 6c 6c 3a 20 - Call:
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0030: 2d 20 50 49 44 3a 20 20 - PID:
0038: 30 30 30 30 33 38 31 36 00003816
0040: 2d 20 54 49 44 3a 20 20 - TID:
0048: 30 30 30 30 35 38 38 34 00005884
0050: 2d 20 43 4d 44 3a 20 20 - CMD:
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0078: 2d 20 55 73 65 72 3a 20 - User:
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
0098: 2d 20 53 69 64 3a 20 20 - Sid:
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}


{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/21/2008
Time: 10:07:52 AM
User: N/A
Computer: DELLSERVER
Description:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 20 43 6f 64 65 3a 20 - Code:
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0018: 2d 20 43 61 6c 6c 3a 20 - Call:
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0030: 2d 20 50 49 44 3a 20 20 - PID:
0038: 30 30 30 30 33 38 31 36 00003816
0040: 2d 20 54 49 44 3a 20 20 - TID:
0048: 30 30 30 30 35 38 38 34 00005884
0050: 2d 20 43 4d 44 3a 20 20 - CMD:
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0078: 2d 20 55 73 65 72 3a 20 - User:
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
0098: 2d 20 53 69 64 3a 20 20 - Sid:
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}


I really have no words to appreciate you both. Thank you very much
for your all valuble comments and time !!!!

With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
Best of luck
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting
is provided "AS IS" with no warranties, and confers no rights.
Post by Hemal
Hi Meinolf & Paul,
I did demote one of my DC now will perform on rest two today as I have
to restart them after demotion. I will also remove metabase as
suggested by Paul after reboot.
Thanks a bunch to both you again and I will keep you posted about my progress.
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
You can demote them with "dcpromo /forceremoval" and then do the
metadatacleanup as described in the article Paul posted in his
previous one. Also you have to clenaup DNS form the server name and
if it was DNS server also from that list. AD sites and services you
have to clenaup manually, not done during demotion, even in a correct
running environment.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Post by Hemal
Hi Paul,
Thanks for taking time to reply me. I will follow your instructions
and do the same? I already have all 5 FSMO roles on one DC. Now my
problem is how to demote other DC? If I try DCPROMO on other DC'S I
Active Directory could not transfer the remaining data in directory
partition CN=Schema, CN=Configuration,DC=kbgca,DC=local to domain
controller hpserver.kbgca.local
"The Active directory cannot replicate with this server because the
time since the last replication with this server has exceeded the
tomstone lifetime." }
Can you please tell me how to demote the other DC's so that I can
Thanks again for your time and help..
With best regards,
Hemal
Post by Meinolf Weber
Hello Hemal,
If you are getting this same error on all dc's, you are going to
have
choose
one and build out your domain from there.
This can be a very painful process. I would start with the dc with the FSMO
role holder of the PDCe
net query fsmo
If all 5 don't reside on one dc then seize the roles to bring all 5 to one dc
Seize roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
Once established, assume that to be the authority. Find the dc with
the least number of objects in its site and demote that dc. Once
demoted go back to the FSMO role master and cleanup your metadata for
the demoted dc
Metadata cleanup http://support.microsoft.com/?id=216498
Then return to the failed dc and get connectivity working
(Firewalls, etc...) and then repromote the dc. Then get
connectivity working for the clients of the newly promoted dc. Or
you may even want to get the clients working before you get the dc
back depending on the urgency.
Do this for the last two dc's as well.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi Paul,
Thanks for your reply. I will wait for your suggestions in this matter.
Thank you again for your time and help.
With best regards,
Hemal
Post by Paul Bergson [MVP-DS]
Without spending a lot of time on this I am going to guess you
have four islanded DC's, created by loss of replication. If this
is the case you are almost assuredly stuck with demoting and
repromoting all dc's except the fsmo role holder (Hopefully all
reside on one box). So all users who aren't updated on the fsmo
holder will be out of sync as well as groups, machines, etc...
I won't have time to really think about this until Monday but I
think you are in a big bind.
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
Post by Hemal
Hi,
I have 4 dc's and all of them are having the same errors right
now. When you meant diagnostics means dcdiag /v ? then I did and
it has a large file and so many errors on FSMO role holder.
Thanks,
Hemal
Post by Paul Bergson [MVP-DS]
How many dc's do you have?
Of those are any reporting no errors?
I haven't read the thread but have you run diagnostics on them?
If so did the fsmo role holder come back w.o error?
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and
confers
no
rights.
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with
the
named
source machine. The time between replications with this source
has
exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that
the
two
machine's views of deleted objects may now be different. The
source
machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate,
the
source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove
inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be
introduced.
You
can continue replication by using the following registry key.
Once
the
systems replicate once, it is recommended that you remove the
key
to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow
Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is
considered
a
duplicate if the event code and all of its insertion
parameters
are
identical. The time period for this run of duplicates is from
the
time
of the previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain
contrlloers. Also I can't take system state backup even with backup
utility. I am getting the same error message on all 3 domain
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow
copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow
Copy
Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab}
Jorge de Almeida Pinto [MVP - DS]
2008-10-24 22:15:14 UTC
Permalink
that's not good!

see:
http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-objects.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
Post by Hemal
Hi,
I am getting lots of event logs in all 3 domain controllers recently.
First of all in Directory service, I am getting these event id 2042 & 2041
{ Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date: 10/15/2008
Time: 10:18:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DELLSERVER
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
2008-06-25 01:26:15
07b0f6c8-f6b8-07b0-0100-000000000000
382cdb4e-7b9c-4a33-a252-4c11bf6117e5._msdcs.kbgca.local
60
The replication operation has failed.
Determine which of the two machines was disconnected from the forest and is
1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
{Event Type: Information
Event Source: NTDS General
Event Category: Internal Processing
Event ID: 2041
Date: 10/15/2008
Time: 10:18:30 AM
User: N/A
Computer: DELLSERVER
Duplicate event log entries were suppressed.
See the previous event log entry for details. An entry is considered a
duplicate if the event code and all of its insertion parameters are
identical. The time period for this run of duplicates is from the time of the
previous event to the time of this event.
c00007fa
3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.}
Secondly I am unable to use Backup utility in all 3 domain contrlloers. Also
I can't take system state backup even with backup utility. I am getting the
same error message on all 3 domain controllers when I try to use backup
{Backup Status
Operation: Backup
Active backup destination: File
Media name: "Volume 2 Backup.bkf created 10/15/2008 at 2:54 PM"
Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004230f.
Error returned while creating the volume shadow copy:8004230f
Aborting Backup.
----------------------
The operation did not successfully complete.}
Last, I am also getting these volume shadow copy event id : 12292, 11 on
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {363948d2-035d-4d1d-9bfc-473fece07dab} [0x8007042d].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 33 30 36 00000306
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-18}
{Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 11
Date: 10/15/2008
Time: 7:00:13 AM
User: N/A
Computer: DELLSERVER
Volume Shadow Copy Service information: The COM Server with CLSID
{363948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started.
[0x8007042d]
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
0008: 43 4f 52 48 57 50 57 43 CORHWPWC
0010: 30 30 30 30 30 32 39 38 00000298
0020: 43 4f 52 48 57 50 57 43 CORHWPWC
0028: 30 30 30 30 30 32 34 32 00000242
0038: 30 30 30 30 34 34 38 30 00004480
0048: 30 30 30 30 30 37 30 30 00000700
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
00a0: 53 2d 31 2d 35 2d 31 38 S-1-5-1}
Sorry for the long post as I wanted to give every information so that
someone can help me.
I really appreciate any reply. Thanks in advance.
With best regards,
Hemal
Loading...