Hi All,
I am experiencing replication errors, which I am working on resolving, doing all the usual remedial steps such as checking repadmin and dcdiag, confirming DCs can see each other (ping/nslookup).
However, in this process, I have come across 2 strange errors. Below is a screenshot of this:
The first issue - this DC does not hold the PDCe role, so it should be advertising as a time server, anyway? My other DC is the PDCe and is syncing the time with no issues (time on both DCs is the same).
My time sync architecture is like this:
External time source (atomic clock etc) <> Time server on my network <> DC1 PDCe <> DC2 (this is where the screenshot above is from)
The last error regarding the security database/trust I have never seen before. I guess this is a broken trust between that member server and my DCs? And I should verify/reset this.
EDIT: So there are no replication errors, verified by repadmin /replsum. I dropped the member server from the domain and added it again and can now login with domain accounts (not possible pre-domain drop). Though I think I have read somewhere this is not the right way to fix this type of issue.