WDC\RODC DFSr Event 5008

Similar Messages

• DFSR Event 5014 - DFS Replication service is stopping communication

  Hi,
  I seem to be having issues with the DFSR warnings in the event log. I receive the below warning every 5 minutes:
  "The DFS Replication service is stopping communication with partner 'Servername' for replication group Domain System Volume due to an error. The service will retry the connection periodically.
  Additional Information:
  Error: 1726 (the remote procedure call failed.)"
  The errors are immediately followed by an information entry (5004) stating that a connection was successfully established but then the warning repeats after 5 minutes again. Replication does actually seem to be working fine and the SYSVOL shares on both
  domain controllers are identical. 
  I have run diagnostic reports from the DFS Management snapin and the only error reported is that
  "The DFS Replication service is restarting frequently".
  I have disabled TCP Offloading on the server as per other suggestions which doesn;t seem to have made a difference. 
  For reference, the domain controllers are in separate sites connected via site-to-site VPN. The AD sites are configured with the correct subnets and the WAN/VPN connection seems stable as I am getting consistent 87ms ping responses.
  Any assistance would be greatly appreciated.
  Thanks,
  Charlie.

  Although I haven't specifically run into this, doing a Bing search I have seen a common theme that if there is a firewall between the two it drops the connection after a set period of inactivity.  You might want to investigate that possibility.
  http://faultbucket.ca/2011/02/dfsr-event-5014-the-remote-procedure-call-failed/
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/68c4f402-6c77-4388-9701-51a4fc112964/error-1726-the-remote-procedure-call-failed-every-7-minutes-dfsr-backlogs?forum=winserverDS
  Paul Bergson
  MVP - Directory Services
  MCITP: Enterprise Administrator
  MCTS, MCT, MCSE, MCSA, Security+, BS CSci
  2008, Vista, 2003, 2000 (Early Achiever), NT4
  Twitter @pbbergs
  http://blogs.dirteam.com/blogs/paulbergson
  Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

• DFSR Event ID 2213

  We've been seeing a greatly increased number of 2213's over the last month. Fixing them each time isn't an issue, but I haven't been able to find a root cause of why it keeps happening in the first place. It's not limited just to one or two servers, either,
  and while some may happen after scheduled reboots, others happen in the middle of the day, outside of regular backup hours. Some are on physical servers, and some are on VM's.
  Does anyone have any troubleshooting ideas, or a list of all known causes of unexpected shutdowns? Something, anything I can use to try to track the causes down?

  Hi,
  Sometimes, it is possible that the database and the file system get out of sync. Examples of such scenarios are abrupt power loss on the server or if the DFSR service was stopped abnormally for any reason. Another example is if the volume hosting a replicated
  folder loses its power, gets disconnected or is forced to dismount. These exception conditions result in unexpected shutdown of DFSR database, as any of these can cause inconsistencies between the database and the file system.
  For more detailed information about the DFSR dirty shutdown, you could refer to the article below:
  Understanding DFSR Dirty (Unexpected) Shutdown Recovery
  http://blogs.technet.com/b/filecab/archive/2012/07/23/understanding-dfsr-dirty-unexpected-shutdown-recovery.aspx
  Best Regards,
  Mandy
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• DFSR fails with partner that no longer exists.

  Short version: one of our domain controllers has DFSR Event 5008 errors, regarding a domain controller that has be demoted and removed from our domain. It is the only domain controller, of five, to have this error, the other four domain controllers are clean.
  Longer version: we are in the process of upgrading Active Directory from 2008 to 2012 R2, at this time we have three 2012 R2 servers and one of those three owns all the FSMO roles, it also happens to be the one that we see the DFSR Event 5008 errors on.
  In addition to those three 2012 R2 servers, we have two 2008 servers remaining, until we clear up the remaining errors.
  DFS Replication, on DC-2012-1, says that it failed to communicate to partner DC-2008-2; however, that is to be expected since DC-2008-2 is no longer a domain controller, nor a member of the domain. When we go into DFS Management and look at the sysvol replication,
  we do not see DC-2008-2 referenced anywhere, nor have I found a reference to it anywhere else that I have looked.
  What can we do remove the reference to the partner, to eliminate these errors?

  Hi Nate,
  Have you tried to create a new replication group?
  More information for you:
  Create a replication group
  http://technet.microsoft.com/en-us/library/cc756710(v=WS.10).aspx
  DFS Step-by-Step Guide for Windows Server 2008
  http://technet.microsoft.com/en-us/library/cc732863(v=WS.10).aspx
  Best Regards,
  Amy

• Event ID 5002/5014 Group Policy DFSR problem

  I have 4 domain controllers all are running on windows server 2012. RPC always disconnects/fails having error event Ids 5002 and 5014. AD objects are replicated across DCs but on Group policy DCs are either inaccessible or differ in GPO Version.
  thanks for the help.

  Good.  Okay, then it's just the 5014's & 5002's. 
  Here's a wiki on 5002:
  http://social.technet.microsoft.com/wiki/contents/articles/1207.dfsr-event-5002-dfs-replication.aspx
  On the 5014, there should be a corresponding error number. Can you please respond with that and the specific error messaged (edited for privacy, of course.)?

• The kerberos PAC verification failure when all users of only one RODC Site, trying to get access iis webpage of different site using Integrated Windows Authentication

  The kerberos PAC verification failure when all users of only one Site which having only one RODC server(A), trying to get access iis webpage of different site which having WDC server(B) using Integrated Windows Authentication. But when they accessing the
  website using IP address, it is not asking for credentials as I think it is using NTLM Authentication at that time which is less secure than Kerberos.
  Note that:- All user accounts and Computers of the RODC has been allowed cache password on the RODC. Nearest WDC for the RODC (A) is the WDC (B).
  The website is hosted on a windows server 2003 R2 and generating below system event log for those users of the RODC site :-
  Event Type: Error
  Event Source: Kerberos
  Event Category: None
  Event ID: 7
  Date:
  <var style="color:#333333;font-family:'Segoe UI', Arial, Verdana, Tahoma, sans-serif;font-size:13px;line-height:normal;">date</var>
  Time:
  <var style="color:#333333;font-family:'Segoe UI', Arial, Verdana, Tahoma, sans-serif;font-size:13px;line-height:normal;">time</var>
  User: N/A
  Computer:
  <var style="color:#333333;font-family:'Segoe UI', Arial, Verdana, Tahoma, sans-serif;font-size:13px;line-height:normal;">computer_name (the 2003 server)</var>
  Description: The kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client<var style="color:#333333;font-family:'Segoe
  UI', Arial, Verdana, Tahoma, sans-serif;font-size:13px;line-height:normal;">computer_name</var> in realm <var
  style="color:#333333;font-family:'Segoe UI', Arial, Verdana, Tahoma, sans-serif;font-size:13px;line-height:normal;">realm_name</var> had
  a PAC which failed to verify or was modified. Contact your system administrator.
  This issue has been raised for last one week. Before that everything was fine. No Group Policy changed, Time also same.
  In this situation do I need to do Demotion of the RODC and re-promote it as RODC again  or is there any other troubleshooting to resolve it.
  Thanks in Advanced
  Souvik

   Hi Amy,
  Thanks for your response
  I noticed that Logon server could become incorrect again after user re-login or restart of a workstation.
  It seems root cause is different.  Need a permanent solution.
  The Workstations of the RODC site are getting IP from a DHCP server by automatic distribution of IP from a specific subnet for the site only.  The RODC is
  the Primary DNS server for the site.
  I have checked the subnet and it is properly bound with only with that AD site. The group of users and workstations are in the same site AD organisational Unit.
  Sometime I restarted the NET LOGON service and DNS server service on ther RODC server and sometime rebooted the server. But the Logon server issue has not fixed permanently.
  The internal network bandwidth of the site is better than the bandwidth to communicate with other site.  
  The server is Windows server 2008 R2 standard and hosting the below roles
  RODC
  DNS
  File server
  The server performance is Healthy in core times when maximum users usually logins. 
  Any further support would be much appreciated Amy
  Thanks
  Souvik

• What happens to a Domain Controller if event id:2213 is not fixed?

  Hi,
  What happens to a Domain Controller if event id:2213 is not fixed? Does it impact the domain replication to other DC's? Also the DC has PDC and RID fsmo roles any impact there?
  Thank you,

  Hi,
  Are you getting below event id ?
  Event Type: Warning
  Event Source: DFSR
  Event Category: Disk
  Event ID: 2213
  Description: "The DFS Replication service stopped replication on volume C. This occurs when a DFSR JET database is not shut down cleanly and Auto Recovery is disabled. To resolve this issue, back up the files in the affected replicated folders, and then
  use the ResumeReplication WMI method to resume replication. 
  Additional Information:
  Volume: C:
  GUID: E18D8280-2379-11E2-A5A0-806E6F6E6963

• "DFS Replication service is not installed" but event viewer is showing 4202 and 4204 for the server

  There are two servers replicating file information, sending member is Server 2008 R2 Datacenter, the receiving member is Server 2003 R2 Standard. There have been no serious problems with this replication set previously.
  Running a health report shows an error against the 2008 server, stating that the DFS Replication service is not installed, though the service is running on the server, and has been restarted today.
  Running dfsrdiag backlog on either server shows "Failed to connect to WMI services on computer %2008 server%"
  Event logs on the receiving server show events 4202 and 4204 (high watermark for staging area) for these two servers?
  Can someone help; is replication occurring, or is it broken? Where else can I look for information?
  TIA

  Just had a very similar instance to this but with a 2008 R2 server replicating to a NAS running Windows Storage Server 2012. 
  I have health reports running as scheduled tasks, twice daily, and a few days ago the morning report for this particular server was fine but on the afternoon's report advised that the replication service was not installed, yet DFSR events are still being
  logged and replication to the target is still working normally - go figure!!
  Have yet to reboot the server as it is live but have found nothing in any of its logs to indicate a problem and/or DFSR is not running when it clearly is!!
  The DFS management option has gone from the Administrative Tools panel, though, and is showing as 'Not Installed' under the File Services role.
  The health report shows a status of 'Indeterminate' and in its 'Suggested Action'
  ...ensure Windows 2003 R2 is installed on this server and that the DFS replication service was installed....
  (guessing a default message given the server in error is 2008 )
  Will be interesting to see if the other 2008 R2 servers start losing the plot!

• DFSR replication server is stopping communication

  Ok I am not fully failure with DFSR but here Is the error I am getting from my health report from my server:
   DFSR
  Event ID: 2147488662
  The DFS Replication service is stopping communication with partner HOLYROODDC-2012 for
  replication group Domain System Volume due to an error. The service will retry the connection
  periodically.
  Additional Information:
  Error: 9036 (Paused for backup or restore)
  Connection ID: 3E9A9A37-E124-490C-A3B7-CFCE3302B6CF
  Replication Group ID: 00ACE2F9-D6D2-4EF2-98F0-7536A35EFD6D
  Last occurrence: Monday, July 14, 2014 9:00:18 PM
  Total occurrences: 1
  this is a rather simple network with 2 windows 2012R2 server as DC's both onsite (no offsite servers) I am just not to familure with this error.

  Hi,
  Did this warning occur when we backed up our files? If yes, we don’t pay attention to this warning, for Backup tools may need to terminate the replication temporarily to avoid
  the conflict and complete the backup task. The replication will be resumed automatically without intervention after the backup.
  Best regards,
  Frank Shen

• DFSR error 9226 when Barracuda Backup kicks-off. (No DFSR installed on Server)

  I have a server 2012 Essentials VM on VMware.  The issue I am having is with my Barracuda Backup. 
  Almost every night when my Barracuda backup kicks off (the time stamp of the error matches the Barracuda kick-off time), I get a DFSR error in the Server Log:
  NOTE: DFSR services are NOT installed nor configured on this WIN 2012 essentials server. 
  Critical Errors in Event Logs in Last 24 Hours
   DFSR
  Event ID: 3221229476
  The DFS Replication service stopped replication on the replicated folder at
  local path C:\Windows\SYSVOL\domain.
  Additional Information:
  Error: 9226 (Multiple volumes share the same volume serial number which prevents DFSR from finding the right volume)
  Additional context of the error: 
  Replicated Folder Name: SYSVOL Share
  Replicated Folder ID: 3421DB23-8B10-41FB-B1B0-9BA04AA64B62
  Replication Group Name: Domain System Volume
  Replication Group ID: AD952CE1-863A-499B-B16A-D4178DF58EF1
  Member ID: 4575C511-6DA8-405C-A47C-F9161D839650
  The issue I am trying to resolve (and quite honestly I don't know if they are related) is that my Barracuda backup backs up more data each night than I have on the entire server.  It backs up about 124 GB -126 GB each night.
  It is supposed to only back up changed blocks, which I would guess would be around 6-8 GB per night for this particular server. 
  I have two other sites set up just like this and they backup properly. See a comparison of the 3 backup logs here:   Backup Logs
  The server has 2 volumes. A 60 GB OS volume with approx 33 GB used, and a 100 GB data volume with approx 33 GB used. For a total of approx 66 GB of data on the guest.  160 GB total space available.
  If I understand DFSR correctly, I do not need this functionality on this particular server. 
  I don't want to get Barracuda any more involved at this point until I KNOW for certain it is NOT a VMware or SBS 2012 issue.
  Any thoughts would be appreciated.   Thanks.  

  Hi PW-TOS,
  Please use
  Dcdiag to analyzes the state of the domain controller. Any find?
  Please also refer to Robert's reply in following thread and check if troubleshoot this issue.
  dfs replication service stopped...problem or not?
  In addition, this may be caused by DFS Replication Broken. Please do an authoritative restore whcih you can find in
  KB2218556 and monitor the result. (Please back up the server before any operation. That will help us to avoid unexpected issues.)
  Best regards,
  Justin Gu
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• DFS Shares Prepended by DFS SID and No Longer Accessible

  Hello,
  Environment: We use two dfs servers which replicate all namespaces and dfs folders between each other. 
  There are two namespaces: Data and Users.  First server (DC12) has referrals enabled the second server (DC07) has referrals disabled. 
  This is globally configured across all namespaces and dfs folders. 
  Both servers are Server 2008 R2 Standard x64 OS.  Other roles on these servers include AD DS, DNS, and DHCP.
  Issue: Within the Data namespace windows explorer location on DC12 (D:\Data\) the folder structure was mysteriously changed for all (9) dfs folders. 
  Dfs folders had “DFS.<DFS SID>” prepended to their folder names and are now no longer accessible. 
  For example: folder previously named “Accounts Receivable” were renamed to “DFS.8c654b7d-0246-4389-ab00-2b1b7027626fAccounts Receivable” within explorer, but are named "Accounts Receivable" within DFS Management. 
  Additionally, there was another, empty dfs folder created in D:\Data\ called “Accounts Receivable”, but when we try to access it from either D:\Data\ or through \\namespace\data we get an error “Location is not available: The network location cannot
  be reached.” 
  Background: Our server switch died and replication between DC12 and DC07 was interrupted for about 90 minutes. 
  We replaced the switch and the environment came back online. 
  When testing to confirm network, resource, and LOB functionality, we discovered this issue and have been thus far unsuccessful in resolving.
  Associated Event Log Found:
  Log Name:     
  DFS Replication
  Source:       
  DFSR
  Date:         
  5/14/2014 5:33:16 PM
  Event ID:     
  4004
  Task Category: None
  Level:         Error
  Keywords:     
  Classic
  User:         
  N/A
  Computer:     
  DC12
  Description:
  The DFS Replication service stopped replication on the replicated folder at local path D:\Data\Lab Tech.
  Additional Information:
  Error: 87 (The parameter is incorrect.)
  Additional context of the error:  
  Replicated Folder Name: Lab Tech
  Replicated Folder ID: C6475450-CA1B-4AE2-929A-2C67F5EC79BF
  Replication Group Name: schaeffer.com\data\lab tech
  Replication Group ID: 478B691D-415F-4788-8D64-41DEBDDB76FD
  Member ID: 66B7D8A8-6A93-43B7-844D-DF77AB3EF31F
  Troubleshooting Steps Done So Far:
  Restarted DFS Namespace (Dfs), DFS Replication (DFSR), and Netlogon services on both DC12 and DC07
  Renaming folders - folders don't exist error
  Restarted DC12 and DC07
  This issue is ONLY isolated to DC12 and ONLY the Data namespace.  DC07 and Users namespace works just fine.
  We ended up having to disable DC12 as a referral target and in replication so that clients were pointing to DC07. 
  I’m hoping that I won’t have to rebuild the Data namespace because it’s massive. 
  Hoping for some guidance on troubleshooting.  Thanks for your time.

  Hi,
  As currently the DC07 is still working, a new initial replication should help in this situation. Please try the steps below:
  1. Stop the DFSR service on the server that is logging the 4004 event. 
  2. Navigate to the root of the DFSR folder. 
  3. Depending on OS, you may need to take ownership of the "System Volume Information" folder and grant yourself permissions (FULL) on the folder. 
  4. Navigate to :\System Volume Information\DFSR\ 
  5. Rename Database_GUID folder to Olddatabase_GUID 
  NOTE: For Windows Server 2008 R2 you will need to do this from an elevated command prompt, otherwise any changes made to items in this folder will get reversed by system. You can use command line: ren Database_GUID Olddatabase_GUID 
  6. Start the DFSR service. You should see an Event ID 2102 in the DFSR event log indicating the database is being recreated, and then an Event ID 2106 indicated it has been successfully recreated. 
  You can then monitor progress by checking the state of the replicated folder using WMIC command and backlog using dfsrdiag command: 
  Wmic /namespace:\\root\microsoftdfs path dfsrreplicatedfolderinfo get replicationgroupname,replicatedfoldername,state 
  The "State" values can be: 
  0 = Uninitialized 
  1 = Initialized 
  2 = Initial Sync 
  3 = Auto Recovery 
  4 = Normal 
  5 = In Error 
  And:
  dfsrdiag backlog /SendingMember: /ReceivingMember: /RGName: /RFName: 
  Technet information on DFSR automatic database recovery 
  http://msdn2.microsoft.com/en-us/library/aa379506.aspx 
  If you have any feedback on our support, please send to [email protected]

• Boot up of Windows Server 2012 Essentials seems slow (extended Please Wait screen) and there are errors in Health Report

  Dear Sir or Madam,
  I have been experimenting with the evaluation version of WS2012e trying to get the installation and subsequent build into an optimal set up, and once I have everything I want it to do mapped out, I'll set it up with the full version with using the key that
  I bought.
  However, I've noticed that the server seems to experience a delay during cold boot - it sits with a Please Wait screen for about 60-90 seconds before it presents the screen with an option to Log on.  I have also discovered from running Health
  Report, that there are some entries in the event logs which appear to coincide with start up times, and which seem to be interconnected to each other in the issues they are describing, and I have copied an example of one of those health reports below. 
  I assume that everything sorts itself out in due course, because the events say the process will be re-attempted and these errors don't repeat again after the system has booted up.  I also have the server set to suspend when not in use with the Lights
  Out add in, so it shouldn't need to cold boot often - but I wondered if there's a way to correct these errors so that they don't hold up the boot up process?  I'm also concerned that these errors will cause me later problems with storage pools and
  the like at a later date - the disk replication one seems particularly worrying.  Alternatively, are these errors just a normal part of the start up process - the timing of when different processes start relative to each other - and can be safely ignored?
  In trying to understand what the events describe, I thought that WE2012e acted as its own Domain Controller, and yet it seems from the event log entries that it is waiting for another server to respond to AD / DC requests (but there isn't another server
  on my home network).  The other thing I remember from when I first tried out WS2012e, is that it took control of DHCP or DNS from the router, and I found that frustrating when waking up my laptop and it wouldn't connect to the internet until the server
  had fully booted up and re-asserted its network settings.  Is this another symptom of the same problem?  I remember seeing a posting at the SBS Diva's site about how to update the server so that it gave connected PCs a backup option for connecting
  to the internet when the server wasn't available, and was going to try to find that again to see if that helped.
  By way of background - there isn't another server in my home network.  This is an attempt to do a clean install onto the same hardware that I ran the initial trial of WS2012e, now that the trial has expired, so I'm not trying to migrate from an existing
  server.  I moved all the data on the trial server off onto an external disk, with the intention of importing it back once I had the Storage Pools set up the way I wanted on the new build, and since I didn't want to keep anything else about the server
  trial.  Am I correct in thinking that I don't need to go down the Migration route during installation, and can go through a Clean install in this circumstance? 
  I'm running on an Asus P8-H77-i motherboard, with an i5-3470s CPU and 16MB RAM, and I have WS2012e installed on 256Mb SSD formatted under GPT with uEFI boot - the latter being the main reason for the reinstall, instead of just giving the Evaluation
  version the new key on the original MBR set up.  I've also enabled Intel Rapid Storage and Rapid Start - and successfully set aside the hibernate partition on the SSD - but discovered that this is about forcing a hibernate after suspend, allowing
  the system to power down until its needed again, and then resuming from hibernate on the SSD rather than cold boot each time.  That seems to work, but doesn't improve the cold boot times at all, which was what I was hoping for - ideally the way my
  laptop will boot from cold in a few seconds into Windows 8. 
  Yours faithfully,
  Avon
  ======
  Health Report extract.
  Critical Errors in Event Logs in Last 24 Hours
   DFSR
  Event ID: 3221226674
  The DFS Replication service failed to contact domain controller  to access
  configuration information. Replication is stopped. The service will try again
  during the next configuration polling cycle, which will occur in 60 minutes.
  This event can be caused by TCP/IP connectivity, firewall, Active Directory
  Domain Services, or DNS issues.
  Additional Information:
  Error: 160 (One or more arguments are not correct.)
  Last occurrence: 26 May 2014 18:51:28
  Total occurrence(s): 2
   DNS
  Event ID: 2147487661
  The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS
  data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet
  Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
  Last occurrence: 26 May 2014 18:51:15
  Total occurrence(s): 2
   ADWS
  Event ID: 3221226674
  This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
  Last occurrence: 26 May 2014 18:51:08
  Total occurrence(s): 2
   NTDS General
  Event ID: 2147486534
  The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate,
  Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that
  are performed on a cleartext (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds,
  configuring the server to reject them will improve the security of this server.
  Some clients may currently be relying on unsigned SASL binds or LDAP simple binds over a non-SSL/TLS connection,
  and will stop working if this configuration change is made.  To assist in identifying these clients, if such binds occur this
  directory server will log a summary event once every 24 hours indicating how many such binds
  occurred.  You are encouraged to configure those clients to not use such binds.  Once no such events are observed
  for an extended period, it is recommended that you configure the server to reject such binds.
  For more details and information on how to make this configuration change to the server, please see http://go.microsoft.com/fwlink/?LinkID=87923.
  You can enable additional logging to log an event each time a client makes such a bind, including
  information on which client made the bind.  To do so, please raise the setting for the "LDAP Interface Events" event logging category
  to level 2 or higher.
  Last occurrence: 26 May 2014 18:51:00
  Total occurrence(s): 2
  =======

  Hi KerguelanAvon,
  Based on your description, it seems to be hard to narrow down the cause of this issue. Please refer to following operations and monitor the result. It may help us to go further, and then solve this issue.
  1. Please refer to the following article and troubleshoot slow boot.
  New Slow Logon, Slow Boot Troubleshooting Content
  2. On your server 2012 essentials, please start a BPA scan and fix all that it can find, then monitor the result.
  Regarding to those critical Errors in Health Report, please perform
  Dcdiag on the server. Meanwhile, please refer to the following article and troubleshoot network connectivity, firewall setting and AD DS issue.
  DFSR Event 1202 (DFS Replication)
  Hope this helps.
  Best regards,
  Justin Gu
  Hi Justin,
  I'm reading through the links you referred me to but it's taking a while.  In the meantime I tried running BPA as you suggested.  I'm sure when I ran it before, it didn't say much beyond 81 checks completed, and I couldn't find a way to get any
  more detail.
  Now it says
  Problem:
  The DNS client is not configured to point only to the internal IP address of the server.
  Impact:
  If the DNS client is not configured to point only to the internal IP address of the server, DNS name resolution can fail.
  Resolution:
  To resolve this problem:
  1. From the client computer, open the Properties page for the network connection.
  2. Make sure that DNS is configured to point only to the internal IP address of the server.
  Except that it is.
  Connection-specific DNS Suffix:
  Description: Broadcom 802.11n Network Adapter
  Physical Address: ‎00-1B-B1-28-AE-63
  DHCP Enabled: Yes
  IPv4 Address: 192.168.1.133
  IPv4 Subnet Mask: 255.255.255.0
  Lease Obtained: 03 June 2014 21:56:49
  Lease Expires: 05 June 2014 20:24:20
  IPv4 Default Gateway: 192.168.1.1
  IPv4 DHCP Server: 192.168.1.1
  IPv4 DNS Server: 192.168.1.49
  IPv4 WINS Server:
  NetBIOS over Tcpip Enabled: Yes
  Link-local IPv6 Address: fe80::80ef:48d5:9fde:f10e%14
  IPv6 Default Gateway:
  IPv6 DNS Server:
  I'll try rebooting from the current windows 7 build over to windows 8 on my dual boot laptop, to see if that makes any difference, since it is the only other client PC connected to the server at the moment.
  Thanks, Avon.

• Group policy is not appliying as it should be

  Hi All,
  I am facing very weired problem. I have created Group Policy for WSUS named "WUAU Server Policy". But when I see the RSOP on client machine to check which policy is applied it showing me the "WUAU Server Policy". But surprising part is
  that the settings that RSOP is showing is completely different than the policy settings that I have configured.
  I have checked there is no other policy conflicting/inheritance as I have created seprate OU for this.
  One thing that I have noticed is the GPO settings that I can see in the GPMC.MSC for policy "WUAU Server Policy" is different that I am seeing in the "%systemroot%\SYSVOL\sysvol\ <domain_name>\Policies" with same SID. And
  I doubt that the settings in this folder is getting applied not the settings that I have configured in GPMC.MSC.
  Do let me know if more information is required.
  Thanks in advance
  Jay Chavda

  > One thing that I have noticed is the GPO settings that I can see in the
  > GPMC.MSC for policy "WUAU Server Policy" is different that I am seeing
  > in the "%systemroot%\SYSVOL\sysvol\ </domain_name/>\Policies" with same
  > SID.
  What did you see in sysvol and how did you verify it against gpmc?
  > And I doubt that the settings in this folder is getting applied not
  > the settings that I have configured in GPMC.MSC.
  You have more than one DC? Then check Sysvol replication (FRS or DFSR
  event logs).
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• DFS initial sync slow-down

  We are setting up 3 replication groups, 1 which we are able to do over the LAN and the other 2 which need to be performed over the WAN (10mb IPSec VPN at each site).
  The local data set which is 2TB replicated fine in about 2 days.
  The 2 WAN data sets have exhibited strange behaviour. They start off quick, then basically hit a block and continue to replicate but very slowly (500mb-1gb/day).
  The first one got up to 220gb, then slowed right down. The second one got up to 45gb, then slowed right down.
  Hub: Server 2008 R2
  Client: Server 2012 R2
  The staging quota should be OK as I am not getting any errors in the DFSR log about hitting the high watermark.
  If I look at the logs in C:\Windows\debug I constantly see this error:
  + [Error:9027(0x2343) Meet::InstallStep meet.cpp:1879 12296 C A failure was reported by the remote partner]
  + [Error:9027(0x2343) Meet::Download meet.cpp:2296 12296 C A failure was reported by the remote partner]
  + [Error:9027(0x2343) InConnection::TransportRdcGet inconnection.cpp:4423 12296 C A failure was reported by the remote partner]
  + [Error:9027(0x2343) DownstreamTransport::RdcGet downstreamtransport.cpp:5265 12296 C A failure was reported by the remote partner]
  + [Error:9027(0x2343) RpcFinalizeContext downstreamtransport.cpp:1147 12296 C A failure was reported by the remote partner]
  + [Error:9027(0x2343) DownstreamTransport::RdcGet downstreamtransport.cpp:5192 12296 C A failure was reported by the remote partner]
  + [Error:9078(0x2376) DownstreamTransport::RdcGet downstreamtransport.cpp:5192 12296 C All server file transfer contexts are currently busy]
  I have had a look through http://blogs.technet.com/b/askds/archive/2007/10/05/top-10-common-causes-of-slow-replication-with-dfsr.aspx however
  none of the points seem to apply.
  I've noted this solution also, that also suggests possible VPN issues http://social.technet.microsoft.com/Forums/windowsserver/en-US/eeaa60c7-0480-4ae9-b367-4cb9676fabd0/dfsr-event-5014-dfs-replication-service-is-stopping-communication?forum=winserverDS -
  I know it references Meraki's VPN setup (which funnily enough we are moving to shortly, but we're just using Cisco IPSec VPN right now via Cisco Routers), but perhaps that may also have some sort of idea as to what the issue may be?
  I'm inclined to think though it's definitely something relating to RPC (happy to be proven wrong though!) as if I copy the same data over the WAN using robocopy or even Explorer, it can do 550gb no problems in 3 days.

  Hi,
  Please test to create a new replication group, create small files in folder and waiting for the initial replication to be finished.
  Once it finished, try to put a large file which need to be replicated and see if it will still stopped in several GB.
  Meanwhile please understand that generally we recommended to do a pre-staging with robocopy or backup-restore instead of waiting for the initial replication. 
  If you have any feedback on our support, please send to [email protected]

• Active directory SYSVOL replication issues

  Hello. 
  I have 2 domain controllers, both of them on the same site DC1 & DC2. I have added a new site with a DC3. When I have added DC3 to the domain, I have realized, SYSVOL was not initialized correctly. I went back to DC1 and found out, there's following
  error in the event viewer:
  Error: 4012 on DC1
  The DFS Replication service stopped replication on the folder with the following local path: C:\Windows\SYSVOL\domain. This server has been disconnected from other partners for 99 days, which is longer than the time allowed by the MaxOfflineTimeInDays parameter
  (60). DFS Replication considers the data in this folder to be stale, and this server will not replicate the folder until this error is corrected.
  Error: 2213 on DC2
  The DFS Replication service stopped replication on volume C:. This occurs when a DFSR JET database is not shut down cleanly and Auto Recovery is disabled. To resolve this issue, back up the files in the affected replicated folders, and then use the ResumeReplication
  WMI method to resume replication. 
  This indicates a DFS replication issue between DC1 & DC2 and probably this would be the reason, why the SYSVOL was not properly initialized on DC3. 
  How can I restore correct DFS replication between DC1 & DC2? I've read
  this article, but it's not clear to me, which of the 2 domain controllers has a good version of SYSVOL + I can not find a decent step-by-step article for reconnecting Windows 2012 domain controller.
  Any idea, how I can proceed further here?

  Here's a complete documentation with resolution of my issue. I have created this documentation for my own purposes in our WIKI, so I will paste it here (I hope, it will help somebody else in the future):
  The Problem
  We have bought a new server for our domain. This server (NEWDC01) was promoted to be a domain
  controller in the DOMAIN. After the promotion, I have added a single computer to the domain. When I have logged on the client to the domain, I realized, this computer is not using the new domain controller (NEWDC01)
  for authentication, but DC02 domain controller instead. This is not intended. Local clients should use local domain controllers for authentication (assuming, the Active directory sites & services are configured properly). Further investigation revealed,
  there are some replication errors on OLDDC01 & OLDDC02 servers. First I need to solve these replication errors. Then I can
  add the NEWDC01 server to domain properly.
  Analysis
  There are several errors related to DFSR replication on both domain controllers:
  Error: 4012 on OLDDC01
  The DFS Replication service stopped replication on the folder with the following local path: C:\Windows\SYSVOL\domain.
  This server has been disconnected from other partners for 99 days, which is longer than the time allowed by the MaxOfflineTimeInDays parameter (60). DFS Replication considers the data in this folder to be stale, and this server will not replicate the folder
  until this error is corrected.
  Error: 2213 on OLDDC02
  The DFS Replication service stopped replication on volume C:. This occurs when a DFSR JET database
  is not shut down cleanly and Auto Recovery is disabled. To resolve this issue, back up the files in the affected replicated folders, and then use the ResumeReplication WMI method to resume replication.
  In order to have active directory in a healthy condition, one must ensure, there’s a successful
  replication between existing domain controllers up and running. If the replication does not work correctly, you can expect bunch of issues.
  group policies and logon scripts are not applied correctly, or as intended
  when you want to add a new domain controller to the domain, it will not work as expected (although, you will not see any specific errors after the
  server is promoted to be a domain controller)
  Active directory backup
  I have scheduled an AD backup on OLDDC01 server using the ‘Windows Backup’ solution to make sure,
  I can restore the AD / SYSVOL, in case something goes wrong. The backup is scheduled to be executed every day.
  Active directory restore
  In this particular case, I will talk only about SYSVOL restore. As indicated above, we must get
  rid of the DFSR event viewer errors which you can find in event viewer. One of them is indicating, that the JET database was not shut down cleanly and autorecovery was disabled. The other error indicates, the SYSVOL volume is no longer replicated. I am not
  sure, what is the reason, why the AD’s in the domain stopped to replicate. Probably it was an unclean server shutdown. The DFSR service stopped to replicate the SYSVOL share and I was not aware about that. When the replication did not run for more than ~99
  days, the SYSVOL share was excluded from the DFSR replications.
  Find out the most accurate SYSVOL share in the domain
  I have compared the content of the SYSVOL directories on both OLDDC01 and OLDDC02 servers: C:\Windows\SYSVOL\domain\Policies.
  Both directories have 37 subdirectories. Each subdirectory corresponds to one group policy. This means, that the content is approximately the same, thus I can’t tell, which version is most recent. I do most of the GPO changes on OLDDC01, so I made a conclusion,
  that this server contains the most recent version of the SYSVOL share.
  There are 2 types of SYSVOL restores, you can do:
  Authoritative restore
  Non-authoritative restore
  Non-authoritative restore
  This is a more simple kind of a restore. You can perform this kind of restore, when you are sure,
  that one of the domain controllers is authoritative (e.g. you presume, the SYSVOL share is intact and working properly). If you can identify such a working server, you can perform non-authoritative restore of the active directory on a broken domain controller.
  Authoritative restore
  In this case, you can designate a specific domain controller to be authoritative. You set a special
  flag on this server, which will prohibit to overwrite it’s state from another domain controllers, when the replication is enabled on the server again. After you designate one server to be authoritative, you need to update all the another domain controllers
  using the non-authoritative procedure.
  In this article, you can find, how to perform authoritative vs. non authoritative AD resotre:
  http://support.microsoft.com/kb/2218556.
  In my case, I was not sure, which of the domain controllers had a more recent copy of AD, so I
  have decided to make OLDDC01 authoritative (check the link above). Once this has been done, I have made a non-authoritative update on OLDDC02 server.
  Everything was almost ready. The last step, I needed to execute was, I needed to fix the ‘JET’
  event viewer error on SRVBK1. In the event log entry on the bottom, you can find following:
  Recovery Steps
  1. Back up the files in all replicated folders on the volume. Failure to do
  so may result in data loss due to unexpected conflict resolution during the recovery of the replicated folders.
  2. To resume the replication for this volume, use the WMI method ResumeReplication
  of the DfsrVolumeConfig class. For example, from an elevated command prompt, type the following command:
  wmic /namespace:\\root\microsoftdfs path dfsrVolumeConfig
  where volumeGuid="D37A9FC3-8B1D-11E2-93E8-806E6F6E6963" call ResumeReplication
  For more information, see http://support.microsoft.com/kb/2663685.
  Final words
  After I have executed this command, the replication was again started between OLDDC01 and OLDDC02
  servers. After I have started up the NEWDC01 server, I have realized, it has automatically replicated the contents of the SYSVOL share - almost immediately after the server was started up. I have again tried to login with the local client into DOMAIN domain
  and now I see, that local client is using local Domain controller for authentication.
  Everything seems to be OK now.