مشکل در replicate شدن DC ها و عدم دسترسی به share و پالیسی و...

بپرسید

0

{{ digitTrunc(content.likes) }}

سلام وقت بخیر

من توی شبکه ام 2 تا DC دارم، که تقریبا 2 سالی هست هر دو توی مدار هستن و دارن کار می کنن، البته قبلا یه سرور دیگه داشتم که مشکل داشت و از شبکه حذف شده بود (حدود 2 سال پیش)

دیروز برای یه سری تغییرات سرورها رو خاموش کردم ولی روشن کردم دیدم که DC additional دیگه نمی تونه Dc اصلی رو ببینه

بعدش دیدم انواع ارور ها داره میاد

Active Directory Domain Services was unable to establish a connection with the global catalog. 
 
Additional Data 
Error value:
8430 The directory service encountered an internal failure. 
Internal ID:
3200db0 
 
User Action: 
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.

و این ارور

Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources. 

Source domain controller: 
 SRV2 
Failing DNS host name: 
 352c21fa-a86d-4fc7-9a2b-a93345b5410d._msdcs.rsz.local 
 
NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur.  To log all individual failure events, set the following diagnostics registry value to 1: 
 
Registry Path: 
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client 
 
User Action: 
 
 1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID, remove the source domain controller's metadata with ntdsutil.exe, using the steps outlined in MSKB article 216498. 
 
 2) Confirm that the source domain controller is running Active Directory Domain Services and is accessible on the network by typing "net view \\<source DC name>" or "ping <source DC name>". 
 
 3) Verify that the source domain controller is using a valid DNS server for DNS services, and that the source domain controller's host record and CNAME record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns 
 
  dcdiag /test:dns 
 
 4) Verify that this destination domain controller is using a valid DNS server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller, as follows: 
 
  dcdiag /test:dns 
 
 5) For further analysis of DNS error failures see KB 824449: 
   http://support.microsoft.com/?kbid=824449 
 
Additional Data 
Error value: 
 11004 The requested name is valid, but no data of the requested type was found.

و جاهای دیگه میگه که rpc server is unavailable و عملا نمی تونم هیچ دسترسی ای به پالیسی ها داشته باشم و تمام سرور ها و سیستم ها پینگ هم رو دارن (هم با آی پی و هم با اسم) ولی فایل های share همدیگه رو نمیشه باز کرد و ارور 0x80070043 رو میده

مجبور شدم سرویس DNS رو هم پاک کنم و مجددا نصب کنم

الان روی هر دو تا DC به نظر میرسه که DNS ها دارن سینک میشن

ولی هیچ replication ای رخ نمیده!

تمام سرویس هایی که باید در حال اجرا باشن رو هم چک کردم و همه start هستن و فایروال هام رو هم خاموش کردم . اینم چند تا تست

C:\Windows\system32>Dcdiag /test:checksecurityerror

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = SRV-additional
   [SRV-additional] Directory Binding Error 1722:
   The RPC server is unavailable.
   This may limit some of the tests that can be performed.
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SRV-ADDITIONAL
      Starting test: Connectivity
         [SRV-ADDITIONAL] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... SRV-ADDITIONAL failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SRV-ADDITIONAL


   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : rsz

   Running enterprise tests on : rsz.local

و این

C:\Windows\system32>netdom /query fsmo
The RPC server is unavailable.

The command failed to complete successfully.

و این

C:\Windows\system32>Repadmin /kcc childdc2
Repadmin can't connect to a "home server", because of the following error.  Try
specifying a different
home server with /homeserver:[dns name]
Error: An LDAP lookup operation failed with the following error:

    LDAP Error 81(0x51): Server Down
    Server Win32 Error 0(0x0):
    Extended Information:


C:\Windows\system32>NETDIAG Trust Relationship
'NETDIAG' is not recognized as an internal or external command,
operable program or batch file.

C:\Windows\system32>NETDIAG
'NETDIAG' is not recognized as an internal or external command,
operable program or batch file.

C:\Windows\system32>Repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\SRV-ADDITIONAL
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 03e194c8-f399-405c-b7a7-475375591d51
DSA invocationID: 220c4c6b-3636-4073-b51f-098a1211020c

==== INBOUND NEIGHBORS ======================================

DC=rsz,DC=local
    Default-First-Site-Name\SRV2 via RPC
        DSA object GUID: 352c21fa-a86d-4fc7-9a2b-a93345b5410d
        Last attempt @ 2019-04-20 10:17:00 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        28 consecutive failure(s).
        Last success @ 2019-04-19 15:43:46.

CN=Configuration,DC=rsz,DC=local
    Default-First-Site-Name\SRV2 via RPC
        DSA object GUID: 352c21fa-a86d-4fc7-9a2b-a93345b5410d
        Last attempt @ 2019-04-20 10:17:25 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        28 consecutive failure(s).
        Last success @ 2019-04-19 15:27:05.

CN=Schema,CN=Configuration,DC=rsz,DC=local
    Default-First-Site-Name\SRV2 via RPC
        DSA object GUID: 352c21fa-a86d-4fc7-9a2b-a93345b5410d
        Last attempt @ 2019-04-20 10:17:51 failed, result 1722 (0x6ba):
            The RPC server is unavailable.
        28 consecutive failure(s).
        Last success @ 2019-04-19 15:27:05.

DC=DomainDnsZones,DC=rsz,DC=local
    Default-First-Site-Name\SRV2 via RPC
        DSA object GUID: 352c21fa-a86d-4fc7-9a2b-a93345b5410d
        Last attempt @ 2019-04-20 10:17:00 failed, result 1256 (0x4e8):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
        31 consecutive failure(s).
        Last success @ 2019-04-19 15:27:05.

DC=ForestDnsZones,DC=rsz,DC=local
    Default-First-Site-Name\SRV2 via RPC
        DSA object GUID: 352c21fa-a86d-4fc7-9a2b-a93345b5410d
        Last attempt @ 2019-04-20 10:17:00 failed, result 1256 (0x4e8):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
        31 consecutive failure(s).
        Last success @ 2019-04-19 15:27:05.

ممنون میشم اگه کمکم کنید

به شدت دچار مشکل شدم

باسپاس

دوره های شبکه، برنامه نویسی، مجازی سازی، امنیت، نفوذ و ... با برترین های ایران

پاسخ ها به این سوال

پاسخ ها به این سوال

{{ digitTrunc(post.likes) }}

این پست در تاریخ {{ dateString(new Date(post.deleteDate)) }} توسط {{ post.deletedByUser }} حذف شده است.

دلیل حذف: {{ post.deleteReason ?? 'نامشخص' }}

{{ err }}
{{ post.userAchivements.rhodiumAchievements }}
{{ post.userAchivements.platinumAchievements }}
{{ post.userAchivements.goldAchievements }}
{{ post.userAchivements.silverAchievements }}
{{ post.userAchivements.bronzeAchievements }}
{{ timeSince(new Date(post.date)) }} قبل

برای ثبت پاسخ خود در وب سایت وارد حساب کاربری خود شوید
قابلیت ارسال مطلب توسط مدیریت سایت غیر فعال شده است