Juszeil Conception

  • 部 落 格

«2014 - 10»
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
TODAY

Hide Banner | LOGIN
2023-3-24 |

BLOG 部落格

Total found 1 articles on 2014-10-17.

2014-10-17 1:23:12

Windows Server - Active Directory Domain Controller Replication Error

During an Active Directory domain controller upgrade from Windows 2003 to Windows 2012 R2 I observed replication issues on the Domain Controller which also owned the PDC emulator role.

A problem logging onto the domain controller is what initially triggered the investigation into potential issues. It is always a good idea to ensure replication and event logs are healthy before performing Active Directory changes and upgrades for situations like this.

Identifying the Error

repadmin /replsummary

showed the following error:

Source DSA largest delta fails/total %% error
 DC-01 15m:05s 0 / 10 0
 DC-02 41m:15s 0 / 10 0
 DC-03 06d.05h:43m:01s 4 / 10 40 (2148074274) The target principal name is incorrect.


You can see DC-01 and DC-02 are fine but DC-03 has replication errors and shows the error messageThe target principal name is incorrect.


Resetting the domain controllers computer account using the following steps resolved the replication issues.

Fixing the Issue

Step 1

Identify the DC which owns the PDC role:

netdom query fsmo

Step 2

On the domain controller, disable the Kerberos Key Distribution Center service (KDC).

Click Start, point to Programs, click Administrative Tools, and then click Services.
 Double-click KDC, set the startup type to Disabled, and then restart the computer.
 (Restarting is required or else you will get an error on the next step)

Step 3

Login to the DC again and run the following command to reset the computer account.

netdom resetpwd /server:server_name /userd:domain_nameadministrator /passwordd:administrator_password
 (This can not be done in Active Directory Users and Computers for Domain Controllers.)

Step 4

Set the KDC service to Automatic again and restart the server again.

Step 5

Run the following commands to ensure there are no replication issues.

repadmin /syncall
repadmin /replsummary

A clean replication summary looks like this:

Source DSA largest delta fails/total %% error
 DC-01 13m:10s 0 / 10 0
 DC-02 15m:05s 0 / 10 0
 DC-03 15m:05s 0 / 10 0

 


Relate Post : Windows Server 2012 - IIS Application Request Routing Windows Server 2012 - RDWeb Feed Windows Server 2012 Install and Configure Remote Desktop Services Windows Server - enable inheritance on all AD user accounts Windows Server - IIS and X-Forwarded-For Header (behide Proxy or LB) Windows Server - Tuning replication performance in DFSR Windows Server 2012 - Creating a Fine Grained Password Policy Windows Server 2012 - 霈 Remote Desktop Service Port Windows Server 2012 - Hyper-V Failover Clustering Windows Server 2016 唬隞砍撟喳 Hyper-V
Comments :
No Comments

Post your comment:


Post your comment by Guest :
Verify Code :


Back To Top

Find Me

Powered By 2013-2015 ©. Juszeil Conception version 2.0
Queries Executed : 0.0133 seconds