Приветсвую!
Сыплются ошибки в логах раз в 8 часов в логе Репликации DFS (Код события 5008). Отсюда и не проходит полный тест AD на этом сервере.
Возникла ошибка. Код события (EventID): 0xC0001390
Время создания: 11/27/2019 20:41:46
Строка события: Службе репликации DFS не удалось установить подключение к партнеру UPLDC2 по группе репликации Domain System Volume. Причиной этой ошибки может быть недоступный узел или незапущенная служба репликации
DFS на сервере.
DNS-адрес партнера: UPLDC2.ugratimber.hmao
Доступные дополнительные сведения:
WINS-адрес партнера: UPLDC2
IP-адрес партнера: 192.168.2.40
Служба периодически будет пытаться установить подключение.
Дополнительные сведения:
Ошибка: 1722 (Сервер RPC недоступен.)
Идентификатор подключения: E2A78144-66B9-4D52-9601-7D4B69F8604C
Идентификатор группы репликации: 273C95FD-0660-4EF6-A1B4-24EF13068FB7
……………………. RODC-TWO-KHM — не пройдена проверка DFSREvent
Несколько сайтов, разделенные по филиалам. В одном из филиалов RODC-TWO-KHM.
Ранее, когда поднималась роль RODC-TWO-KHM, в другом филиале был ДК UPLDC2. Затем он корректно понижен до сервера и с него удалена роль. Поставлена с нуля система, поднята роль и теперь он NEW-UPLDC2.
В Сайтах и службах в соединение с RODC-TWO-KHM идёт на другие КД. Не припомню нигде, чтоб остался именно UPLDC2. Где ещё посмотреть запись UPLDC2?
Как решить проблему с репликацией если бы указывало на существующий сервер, это одно. Но когда сервера нет ни в одном DNS. Это другое.
Куда еще посмотреть подскажите?
Repadmin: выполнение команды /showrepl контроллере домена localhost с полным доступом
KHMRODC-TWO-KHM
Параметры DSA: IS_GC DISABLE_OUTBOUND_REPL IS_RODC
Параметры сайта: (none)
DSA — GUID объекта: 77d09ea6-5255-4c65-b54a-31ce9bbd6fc3
DSA — код вызова: ac463aa8-b46d-4cfa-a7ef-24c0e2e05aa3
==== ВХОДЯЩИЕ СОСЕДИ ======================================
DC=ugratimber,DC=hmao
LVLLVLDC2 через RPC
DSA — GUID объекта: 17add360-c3f6-4596-904d-22393e9c5c1f
Последняя попытка @ 2019-11-29 11:38:53 успешна.
UPLUPLDC1 через RPC
DSA — GUID объекта: 62013ece-cbb0-475a-8e4c-01daf4139278
Последняя попытка @ 2019-11-29 11:38:53 успешна.
CN=Configuration,DC=ugratimber,DC=hmao
LVLLVLDC2 через RPC
DSA — GUID объекта: 17add360-c3f6-4596-904d-22393e9c5c1f
Последняя попытка @ 2019-11-29 11:38:52 успешна.
UPLUPLDC1 через RPC
DSA — GUID объекта: 62013ece-cbb0-475a-8e4c-01daf4139278
Последняя попытка @ 2019-11-29 11:38:53 успешна.
CN=Schema,CN=Configuration,DC=ugratimber,DC=hmao
LVLLVLDC2 через RPC
DSA — GUID объекта: 17add360-c3f6-4596-904d-22393e9c5c1f
Последняя попытка @ 2019-11-29 11:38:53 успешна.
UPLUPLDC1 через RPC
DSA — GUID объекта: 62013ece-cbb0-475a-8e4c-01daf4139278
Последняя попытка @ 2019-11-29 11:38:53 успешна.
DC=DomainDnsZones,DC=ugratimber,DC=hmao
LVLLVLDC2 через RPC
DSA — GUID объекта: 17add360-c3f6-4596-904d-22393e9c5c1f
Последняя попытка @ 2019-11-29 11:38:53 успешна.
UPLUPLDC1 через RPC
DSA — GUID объекта: 62013ece-cbb0-475a-8e4c-01daf4139278
Последняя попытка @ 2019-11-29 11:38:53 успешна.
DC=ForestDnsZones,DC=ugratimber,DC=hmao
LVLLVLDC2 через RPC
DSA — GUID объекта: 17add360-c3f6-4596-904d-22393e9c5c1f
Последняя попытка @ 2019-11-29 11:38:53 успешна.
UPLUPLDC1 через RPC
DSA — GUID объекта: 62013ece-cbb0-475a-8e4c-01daf4139278
Последняя попытка @ 2019-11-29 11:38:53 успешна.
Время запуска сводки по репликации: 2019-11-29 11:48:20
Начат сбор данных для сводки по репликации, подождите:
…………..
Исходный DSA наиб. дельта сбоев/всего %% ошибка
BACKUP 50m:08s 0 / 5 0
LVLDC1 51m:45s 0 / 10 0
LVLDC2 57m:45s 0 / 15 0
NEW-UPLDC2 57m:34s 0 / 20 0
SOVDC1 59m:41s 0 / 40 0
UPLDC1 14m:20s 0 / 20 0
Конечный DSA наиб. дельта сбои/всего %% ошибка
BACKUP 02m:16s 0 / 5 0
LVLDC1 57m:45s 0 / 10 0
LVLDC2 51m:45s 0 / 10 0
MLZRODC 59m:47s 0 / 10 0
NEW-UPLDC2 05m:23s 0 / 10 0
RODC-ONE-KHM 12m:43s 0 / 10 0
RODC-TWO-KHM 09m:34s 0 / 10 0
SOVDC1 50m:12s 0 / 10 0
UPLDC1 57m:34s 0 / 15 0
UTSRODC 03m:31s 0 / 10 0
YUGORSKRODC 14m:26s 0 / 10 0
repadmin /syncall
СООБЩЕНИЕ ОБРАТНОГО ВЫЗОВА: Завершена операция SyncAll.
Команда SyncAll завершена без ошибок.
- Remove From My Forums
-
Question
-
Short version: one of our domain controllers has DFSR Event 5008 errors, regarding a domain controller that has be demoted and removed from our domain. It is the only domain controller, of five, to have this error, the other four domain controllers are clean.
Longer version: we are in the process of upgrading Active Directory from 2008 to 2012 R2, at this time we have three 2012 R2 servers and one of those three owns all the FSMO roles, it also happens to be the one that we see the DFSR Event 5008 errors on.
In addition to those three 2012 R2 servers, we have two 2008 servers remaining, until we clear up the remaining errors.DFS Replication, on DC-2012-1, says that it failed to communicate to partner DC-2008-2; however, that is to be expected since DC-2008-2 is no longer a domain controller, nor a member of the domain. When we go into DFS Management and look at the sysvol replication,
we do not see DC-2008-2 referenced anywhere, nor have I found a reference to it anywhere else that I have looked.What can we do remove the reference to the partner, to eliminate these errors?
01 Nov 2019
Let’s say theoretically that a 2012 R2 domain controller (DC) did updates and failed to boot to Windows afterwards…
Let’s also say theoretically another technician decided the logical path forward was to forcibly remove this DC from the domain without performing a proper demotion…
(The proper methodology is outlined here by Microsoft, the first step is not to panic.)
This left the environment in an interesting place.
Attempting to load any GPO’s in the MMC snap-in would result in complaints about permissions and policy settings missing.
More alarmingly, we discovered that that the entire SYSVOL share contents were empty. Browsing to the DFS root namespace share revealed this right away.
\contoso.localSYSVOLcontoso.localpolicies
Instead of seeing a mess of logon scripts, there was simply no contents at all.
Forcibly removing this DC cleared out all of the policy files as well, meaning that this was the authoritative server in the DFS Replication Group.
Luckily enough for us we had a copy of known working group policies from a backup and simply needed to restore the replication between DC’s.
Troubleshooting
One event log assisted us in finding the correct resolution to this problem, we’ll go through it below.
DFS-Replication Event ID 5008
On a set interval, or every time we restarted DFS replication services, this event log would be recorded on all DC’s in the domain. Note that Event ID 5008 was referencing the name of the old DC which had already been removed at this point.
The DFS Replication service failed to communicate with partner <OLD DC NAME> for replication group Domain System Volume.
This error can occur if the host in unreachable, or if the DFS Replication service is not running on the server.
Partner DNS Address: <OLD DC FQDN>
Resolution
Since every DC in the environment was logging a 5008, we gathered that the old DC being referenced was authoritative in the DFS replication group.
In order to change where all DC’s gather their source content from, some work in ADSI must be completed. You can find more information about this process in the links below.
3rd Party blog reference — does an excellent job describing.
M$ troubleshooting steps — leaves out a few details.
Working through these steps we noticed that the old DC wasn’t listed as a replication group member in ADSI.
Resetting which server was authoritative for the replication group in ADSI did help us in solving the problem.
However, once all of these steps were completed, event 5008 was still being recorded once the services came back up. Still referencing the old server too. Even worse, still no replication.
Step 2: It’s Always in the Registry
In our case the repliation group was reporting healthy, yet every DC in the environment still was looking for that missing DC as an authoratative DFS group member.
This was confirmed by running the following commands: dfsrdiag ReplicationState /all repadmin /showrepl
Domain Controllers will store additional configuration details for the “Domain System Volume” DFS Group within the registry. This will get modified when a demotion occurs successfully, in our case it was not.
Configuration specifics for the DFS group can be found in here in the registry on each Domain Controller in the environment: HKLMSystemCurrentControlSetServicesDFSR
The set of keys we are worried about in particular which reference the old Domain Controller are as follows: HKLMSystemCurrentControlSetServicesDFSRParametersSYSVOLSSeeding Sysvols
Within this configuration the Parent Computer property was referencing the old Domain Controller.
Once discovered, we stopped the DFS Replication services on every DC and renamed the
Parent Computer property to the new authoratative DFS DC name on all Domain Controllers.
After this setting was changed and the services were restarted almost instantaneously the SYSVOL contents replicated across the domain, and no more event ID 5008 referencing and old DC.
We have recently removed our last W2K3 R2 DC and now have four W2K8 DCs over two sites. The domain is still Running 2003 Forest and domains levels.
We use DFSR between two sites with two root servers file1 and file2 both running W2K8. The namespace type is ‘Domain (Windows 2000 Server mode)’. DFS was orginally running on Windows 2003 R2. I have moved to the new hosting servers running W2K8 R2 and updated the root servers. Everything has been working fine for weeks up until the removal of the last W2K3 DC yesterday which also had WINS. I had updated the network with WINS at both sites on two of the four new DC’s (one at each site) but since removing WINS from the old W2K3 DC I am now getting event errors on file2 at site 2 (only) and replication is failing
=============================================================
Log Name: DFS Replication
Source: DFSR
Date: 03/05/2012 13:12:24
Event ID: 5008
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: FILE2.domain.local
Description:
The DFS Replication service failed to communicate with partner FILE2 for replication group kgfruits.localdfswares data. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.
Partner DNS Address: FILE2.<domain>
Optional data if available:
Partner WINS Address: FILE2
Partner IP Address: IP
The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 130A1D31-33DD-4115-85E4-43684AB5C093
Replication Group ID: 8F7A93B0-55AA-4C26-858B-A7994584FA47
Event Xml:
<Event xmlns=»http://schemas.microsoft.com/win/2004/08/events/event»>
<System>
<Provider Name=»DFSR» />
<EventID Qualifiers=»49152″>5008</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime=»2012-05-03T12:12:24.000000000Z» />
<EventRecordID>3108</EventRecordID>
<Channel>DFS Replication</Channel>
<Computer>FILE2.domain.local</Computer>
<Security />
</System>
<EventData>
<Data>130A1D31-33DD-4115-85E4-43684AB5C093</Data>
<Data>FILE2</Data>
<Data>DFS DATA PATH
<Data>FILE2.domain.local
<Data>FILE2</Data>
<Data>IP</Data>
<Data>1722</Data>
<Data>The RPC server is unavailable.</Data>
<Data>8F7A93B0-55AA-4C26-858B-A7994584FA47</Data>
</EventData>
</Event>
===========================================================
* DFSDIAG test all look fine
(http://blogs.technet.com/b/josebda/archive/2009/07/15/five-ways-to-check-your-dfs-namespaces-dfs-n-configuration-with-the-dfsdiag-exe-tool.aspx)
* Verifys topology successfully in DFS Mgmt.
* Diagnositic report from FILE1 shows FILE2 unavailable for reporting with ‘Cannot connect to reporting DCOM server — The RPC server is unavailable. ‘ and sends you here http://support.microsoft.com/Default.aspx?kbid=839880
*Diagnostic reports from FILE2 just hangs (problem server).
*DCDIAG /V — everything is working fine on all four DC’s
*DCDIAG /TEST:DNS — everything is working fine on all four DC’s
* Have performed NBTStat -AA on all servers to refresh the WINS db
Still not working 
Suppose I could migrate (http://technet.microsoft.com/en-us/library/cc753875.aspx) but a pain as it causes a big problem and seems a bit drastic!
thanks 
Go to activedirectory
DFS Replication on Windows Server 2016 Domain Controller
Hi r/activedirectory,
We see Event ID: 5008 The DFS Replication service failed to communicate with partner FAKEDCNAME on a newly promoted DC. DFSR is trying to talk to a remote DC that it can’t reach. Is there any way to configure DFSR such that it won’t use this DC?
It appears from inspecting the DFSR debug logs and from empirical observation of the event logs and existence of the SYSVOL share that DFSR is also replicating with other domain controllers it can reach.
I’m trying to figure out if I can 1) clean up my DFS Replication event log and/or 2) if this message can be safely ignored since we appear to be successfully replicating with other DCs.
Thanks.