Server 2012 Active Directory replication problems

Similar Messages

• Upgrade from Windows Server 2012 Active Directory to Windows Server 2012 R2 Active Directory

  We are currently running Windows Server 2012 Active Directory and would like to upgrade to Windows Server 2012 R2 AD. Is it OK to just do an in-place upgrade, or is it advisable to build new domain controllers on R2? Are there any guides or articles anyone
  can recommend?

  Hi Ginandtonic,
  To upgrade DC(Domain Controller) from windows server 2012 to windows server 2012 r2, please refer to these articles:
  Upgrade from windows Server 2012 to 2012 R2                                 
  Upgrade Active Directory from 2012 to 2012 R2
  I hope this helps.
  Best Regards,
  Anna

• Join to Windows Server 2012 Active Directory.

  How to I join Windows Server 2012 Active Diretory without putting manually Windows Server 2012:s ip adress at ?referred DNS server? Can someone help me?

  I'm not sure what you are asking here.  Are you asking how to join another server to a Active Directory domain without having to enter IP information into that other server?  If so, the server joining has to have an IP address and it has to have
  a DNS entry that knows about the Active Directory domain.  Therefore, there are two ways to accomplish this.  First is to assign a fixed IP address and DNS address to the server you are trying to join to the domain.  The second is to have a
  DHCP server in the environment that will assign the IP and DNS.  Alternatively on the second option is to have DHCP assign the IP address and then you manually specify the DNS that knows about the Active Directory domain being joined.
  No matter how you do it, it has to have a valid IP address and DNS entry that knows the location of the AD domain.
  . : | : . : | : . tim

• Windows Server 2003 Active Directory Replication Issue

  Dear Friends,
  Few days before my Primary Domain controller was crased, so i restored 1 month old full server image.
  But issue is after restoration replication  between domain controller is not working.
  Error message on DC2: Target Principal Name is incorrect
  Event Log on Restored DC1:
  Event Type: Error
  Event Source: Kerberos
  Event Category: None
  Event ID: 4
  Date:  3/18/2014
  Time:  10:50:00 AM
  User:  N/A
  Computer: ***
  Description:
  The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/**.domain.com.  The target name used was cifs/dc2. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly,
  this is due to identically named  machine accounts in the target realm (domain.COM), and the client realm.   Please contact your system administrator.
   

  Have  a look:
  https://msmvps.com/blogs/vandooren/archive/2009/04/02/the-kerberos-client-received-a-krb-ap-err-modified-error.aspx
  Regards,
  Rafic
  If you found this post helpful, please give it a "Helpful" vote.
  If it answered your question, remember to mark it as an "Answer".
  This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

• Active Directory Replication failed

  Hi all,
  I'm deploying lync server 2010 in virtual server.
  My Domain controller is a physical server.
  Windows update restart is done when almost 90% of deployment is completed.
  During enabling users in Lync Server control panel
  I have got an issue after server restart, is active directory replication failed.
  Regards,
  Arun.

  The problem is more related with Domain Controller.
  Please check the event log on Domain Controller.
  You can also refer to the following link to troubleshoot Active Directory Replication Problems:
  http://technet.microsoft.com/en-us/library/cc738415(v=ws.10).aspx
  Lisa Zheng
  TechNet Community Support

• Windows Server 2008 R2 - Active Directory Replication over DynDNS

  Hello,
  I have one server that Windows Server 2008 R2 - Active Directory / DNS
  Now some users shifted to new office with the server
  Some users still in the original place that now don't have ADDS/DNS
  i want to install one replication server in the original place to retrieve AD/DNS form new office via DynDNS
  is that possible of not?
  Best regards,

  Badr, I don't think you want AD replication occurring over the internet - even if that was possible the server would need access to all the SRV records, a records, And all the ports required for communication - See here for an exhaustive list
  http://social.technet.microsoft.com/wiki/contents/articles/584.active-directory-replication-over-firewalls.aspx - I don't think I have to tell you how bad opening all these ports to the internet would be.
  You may want to look at Setting up a vpn or DirectAccess from the original site to the new site. This will give you more security and generally won't cost to much.
  http://technet.microsoft.com/en-us/network/dd420463.aspx
  Another thing that may work for you would be if you setup remote desktop services in the new location and had the original location remote into via a gateway server -
  http://blogs.technet.com/b/windowsserver/archive/2012/05/09/windows-server-2012-remote-desktop-services-rds.aspx as a starting point. With RDS your users would be able to access the new location from anywhere, although there would be upfront costs associated,
  licensing and server being part of them - I don't recommend turning your domain controller into an RDS server.These are just some ideas to help you with your issue

• Active Directory integration problem, Bind AC and OD

  Hi.
  I'm trying to set an Open Directory as "connect to a Directory System" because I have a windows 2000 server with Active Directory. But i have a problem when i click on "open directory Access", Access Directory appear and I select Active Directory.
  xxx.yyy is the server with active directory, with its admin and its password. but i cant Bind it and an error always appear.
  can you help me?
  what's "active directory domain"?is it xxx.yyy?
  and what's "computer ID"?
  Are there others parameters to set for example in DNS or other?
  help help help

  What are you trying to achieve by doing this?
  Got to http://www.afp548.com/ and serach for AD-OD integration.
  http://www.afp548.com/article.php?story=20051202151540574

• Download issue when Windows 7 Pro joins a Windows Server 2008 Active Directory

  Hi,
  I purchased 2 new Dell OptiPlex 3010 desktop computers that came with Windows 7 Professional operating system with SP1. 
  There were no Microsoft updates installed yet.  After I added one of these Dell computers to the Windows Server 2008 Active Directory, I was not able to download several items. 
  Below are several examples:
  1) I downloaded the Norton anti-virus installation file.  This file is not the full installation of Norton; it is more of a file where you execute it and it will download the full installation from the Internet like from their Norton web
  site.  So when I executed this installation file, it does not download the full installation files. 
  It just hung at the screen saying “Downloading” and it will finally stop with an error (don’t remember the error message).
  Note: If I have the full Norton installation file then I am able to install it on this computer with no problems.
  2) I downloaded the Adobe Reader installation file.  This file is not the full installation of Adobe Reader; it is more of a file where you execute it and it will download the full installation from the Internet like from their Adobe web
  site.  So when I executed this installation file, it hung at the downloading part and then it will error out with a “Actionlist Not Found” message.
  Note: If I have the full Adobe Reader installation file then I am able to install it on this computer with no problems.
  3) I installed Microsoft Office 2010 Standard version on this computer. 
  I configured Microsoft Outlook to retrieve emails from my email provider (pop and smtp settings). 
  After configuring Microsoft Outlook, I was able to send emails through Microsoft Outlook successfully (and very quickly), but he was unable to retrieve my emails. The progress bar for the Receiving in the "Outlook Send/Receive Progress" box
  shows no progress. The Progress bar is not moving. There is a message at the bottom of Microsoft Outlook stating "Receiving message 1 of 6 (x.xx KB of x.xx MB)" and it is very slow. My new emails were not being retrieved at all. 
  I tried various pop and smtp servers that was available for my email provider, but all had the same effect.
  4) I can access certain web sites (e.g.
  www.yahoo.com, www.cnn.com) while I cannot access other web sites like
  www.usatoday.com, my web hosting email site.
  Note: I had a Dell computer with Windows XP Professional operating system and this computer does not have any of the above issues.
  The above are only a few examples that I have experienced. 
  If I removed this Dell OptiPlex 3010 computer from the Windows Server 2008 Active Directory then I still experience the same issue.
  So as another test, I setup the other new Dell OptiPlex 3010 with the same Windows 7 Professional OS with SP1. 
  This time, I did not join the Windows Server 2008 Active Directory and I was able to successfully download the full Norton installation files, download the full Adobe Reader installation files, download my emails from Microsoft Outlook 2010, etc. 
  But once I joined this computer to the Windows Server 2008 Active Directory then I am not able to download these files and emails at all.
  It seems like there might be some group policy or a security setting that is preventing these downloads so I disabled the group policy on the Windows Server 2008 AD and Windows 7 Profession OS, but it didn’t resolve the issue.
   I disabled all of the firewall programs on this Windows 7 Professional OS, but it still did not resolve the issue.
  Since the Windows Server 2008 AD did not have DHCP installed, I installed DHCP and setup a scope. 
  Then configured the Windows 7 Professional OS to obtain an IP address, but it didn’t resolve the issue.
  If I move this Windows 7 Professional computer to another network where it did not have any Active Directory; it just had a wireless router serving DHCP then everything works on the Windows 7 Pro computer.
  Any ideas what is the root cause when a Windows 7 Professional computer join a Windows Server 2008 AD?
  Thanks,
  wl_tech

  Hi,
  Could you please tell some information for the AD environment and how it connect to the internet?
  Regarding 3rd party installlers didn't work as expected, please also seek help in their offical website.
  For outlook not receiving emails, could you please take a look in
  Event Viewer and see if there are any special errors logged there?
  And when trying to access the website like
  www.usatoday.com, any special errors IE showed out?
  Best regards
  Michael Shao
  TechNet Community Support

• New 2012 Active Directory Domain - Naming Convention

  Hi Guys,
  I am working for a start-up company, who currently use Office 365 (Mid-Size Business) for their email and for the use of SharePoint.
  I have been tasked with designing and building a fresh new 2012 Active Directory, but I am a little unsure of how to name the new domain with Server 2012, previously I would have used a ".local" name, but I have read a lot of articles that say
  this should not be done anymore, rather we use the external domain name of the company with a sub-domain prefixed.
  Whilst I have read quite a bit about this method, there doesn't seem to be a clear right or wrong answer, can someone advise what would be best practice in my situation?
  Kind Regards
  Simon

  Thanks for all the information guys :-)
  Our external domain is as follows:
  company.parentcompany.org.uk
  I am now looking at using the following name internally:
   internal.company.parentcompany.org.uk
  What (if any) DNS entries are required for browsing to our website, and for using outlook online and lync online?
  Many thanks for any help that can be provided.
  Regards
  Simon.

• Active Directory Replication 2008 R2

  Hi
  We are getting an error as "The following server could not be reached (topology incomplete)"
  Domain Controllers: 2008 R2
  How can we resolve this issue.
  Aravind

  The error message mentions that the server is not reachable.
  You might want to start with checking the basics:
  Check that the faulty DC has its A, CNAME and SRV records properly registered in your DNS system (You can
  NSlookup for checking: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx). If this is not the case then you follow the IP settings recommendation I mentioned here: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx).
  Once the IP settings are corrected then you can ipconfig /registerdns
  command
  Check that required ports for AD replication are opened between your DCs and are not filtered: http://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
  If none helped then you can temporary disable security software you use on DCs and check again
  The last resort could be to demote the DC and promote it again.
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Mac OS X Server and Active Directory Replica

  Hello,
  Has anyone ever encountered any problems when making a Mac OS X Leopard server an Active Directory Replica? We're working on this project and we want to make sure that we don't mess up our primary AD server when we configure this.
  Thanks so much,
  Mac man of the Bay

  Hi
  Not sure what you mean by Active Directory Replica? If you mean you want your Mac Server to be the BDC to a Windows-based PDC then no it won't happen. OSX Server can only perform as a Domain Member when a Windows Server is the PDC. Neither can you have a Windows Server as the BDC when the PDC is an OD Master - as far as I know.
  Have you downloaded and read the manual?
  http://images.apple.com/server/macosx/docs/OpenDirectory_Admin_v10.5_2ndEd.pdf
  Briefly: OD Master/Replica relationship can also be PDC/BDC only if both boxes are OSX.
  Tony

• 2012 Active Directory compatibility

  Hi,
  i have 2 servers one with all the setup Active Directory (Server 2003) and a new one for ERP application (Server 2012). My question is Whether 2 servers, 2003 Active Directory compatible with 2012 Active Directory and how to. Thank you for your
  kind advice
  Saiful

  Hi,
  If i understood correctly your question, you are asking if the 2003 AD domain controller is compatble with another 2012 AD domain controller?
  If this is the case then the answer would be yes once you have the schema requirements for 2012 domain controllers upgraded. There is an issue with 2003 DCs and 2012 R2 in terms of AES encryption but there is a hotfix for that released by Microsoft.
  See more below:
  https://support.microsoft.com/kb/2989971?wa=wsignin1.0
  http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx
  Hope it helps.
  Regards,
  Calin

• Migration SBS2003 to SBS2008 Active Directory Replication

  I am migrating from SBS2003 server to SBS2008.  I fired up the 2008 server on the network with the 2003 server and started the migration.  I got about 25% progress on the “Expanding and Installing Files” window when I got an error message of “Active Directory Replication is taking longer than expected.  You can choose whether to continue waiting.  If you choose not to wait the migration may fail.  Unless you are sure that replication is working correctly, it is recommended that you continue to wait”.  After waiting three times of 20 minutes each I don’t think it is working.  What are my options?  What can I check for?

  Hi,
  As it is a SBS-related issue, you may wish to post to the SBS newsgroup. This will provide access to others who read the public newsgroups regularly who will either share their knowledge.
  Connect Windows Small Business Server 2008
  http://connect.microsoft.com/SBS08
  Thank you for your understanding and cooperation.
  Miles

• Hyper link of public image(hyperlink or image) can not be saved on windows server 2012 and sharepoint 2010 problem

  hyper link of public image(hyperlink or image) can not be saved on windows server 2012 and sharepoint 2010 problem, is this a bug?
  thanks for any reply.
  Rosone

  It is not a bug, you might be using IE in Windows server 2012 and and browser might be restricting your site actions to respond properly.
  Check this in a different browser or access site in a differ OS.
  Adnan Amin MCT, SharePoint Architect | If you find this post useful kindly please mark it as an answer.

• Sun java directory server and Active Directory

  We are using two different directory servers Sun java directory server and active directory.
  My question is how we can have password synchronization between these two directory servers.
  I have checked Sun Java[TM] System Identity Synchronization for Windows 1 2004Q3
  http://www.sun.com/download/products.xml?id=41537425
  It seems that it's supported platforms is only for solaris and windows , but I have installed my Sun java directory server on linux and obviously it doesn't work for me.
  I would be grateful if anyone can suggest a solution to work around this situation.
  I have checked identity manager , I would like to know that if I can do this using this product.
  http://www.sun.com/software/products/identity_mgr/specs.jsp
  --regards.
  Sara

  Yes RHEL 4 is a supported OS with DSEE 6.0.
  Identity Synchronization for Windows is a part of DSEE that allows synchronization of users, passwords and groups between Sun Directory Server and Active Directory bi-directionally without altering the users environments, ie it does not require that users change their current habits.
  Identity Manager is a complete identity management solution that is targetting enterprise work flow when it comes to user provisioning and de-provisioning, but also allows to build authentication and password change forms that will provision the passwords to many different systems including Sun Directory Server and Active Directory but also IBM mainframes, legacy applications, databases...
  If you are implementing a complete identity management solution, then go with Identity Manager. If you need a lightweight and fast solution for just synchronizing users and passwords between Sun DS and MS AD, Identity Synchronization for Windows should be your choice.
  Regards,
  Ludovic.