Hi All,
I have an AD replication issue on 2 of my 4 domain controllers. All these domain controllers are on different sites, different subnets. All the sites are connected by IPSEC.
DC-01 @ SITE1,
DC-02 @ SITE2, DC-03 @ SITE3, DC-04 @ SITE4
On the 2 problem domain controllers DC-02 and DC-03, I receive eventIDs 1311, 1566 and 1865 continuously. The other 2 DCs (DC-01 and DC-04) are not showing any errors at all.
- Objects added/modified on DC-02 do not replicate to any other domain controller
- Objects added/modified on DC-03 do not replicate to any other domain controller
- Objects added/modified on DC-01 replicate correctly to DC-04 (and vice versa)
Despite scenarios (1) and (2) above, sometimes, items added on DC02 or DC03 will replicate to each other, but never to DC01 or DC04.
So far, I have:
- Ensured each DC is using itself and another domain controller as DNS servers.
- Run PortQry to verify there are no connectivity issues -- the only discrepancy I found was that when I ran PortQry from DC01 to DC04, it showed
TCP port 42 (nameserver service): LISTENING portqry.exe -n DC-04 -e 42 -p TCP exits with return code 0x00000000.
- But from DC01 to DC02/DC03 shows that
TCP port 42 (nameserver service): NOT LISTENING portqry.exe -n DC-02 -e 42 -p TCP exits with return code 0x00000001.
- Run repladmin /showreps -- here is the output from the 2 DCs with errors in the event log:http://pastebin.com/4apCpnnxand http://pastebin.com/TcJZA19u