I have followed your steps below, with detailed logging I see the event log filling up with Information entries after I instructed a Check Replication Topology - some 26 of them, no errors hinted. If you'd like me to post all of them to you, please lemme know.
Second last entry: ------------------------------------------------------------ Event Type: Information Event Source: NTDS KCC Event Category: Knowledge Consistency Checker Event ID: 1013 Date: 2/25/2004 Time: 11:27:15 User: N/A Computer: NARU Description: The replication topology update task terminated normally. ------------------------------------------------------------ Third last entry: ------------------------------------------------------------ Event Type: Information Event Source: NTDS KCC Event Category: Knowledge Consistency Checker Event ID: 1543 Date: 2/25/2004 Time: 11:27:15 User: N/A Computer: NARU Description: Connection CN=373779f3-23a2-47df-a48f-8ae3c13dafab,CN=NTDS Settings,CN=NARU,CN=Servers,CN=Bugis,CN=Sites,CN=Configuration,DC=corporate, DC=company1,DC=com may or may not be considered active at present. However, it is a viable connection for replicating Partition: CN=Configuration,DC=corporate,DC=company1,DC=com Over transport: CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=corporate,DC=company1,DC=com From site: CN=Parkway,CN=Sites,CN=Configuration,DC=corporate,DC=company1,DC=com The connection reason code is 0. The GC topology flag is 0. This existing connection will be kept. ------------------------------------------------------------ Again I should make note that the errors _stop_ nearing 6pm yesterday. And looking at the topology check just completed, can I really take this as AD KCC requiring a long period of time to figure out the connectivity between the 2 sites is via the router-router VPN? Aaron -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Wednesday, 25 February 2004 06:36 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] KCC complain for sites with 2 different domains So there are two ways I normally tackle these: 1) Enable enhanced KCC logging, see if you can determine it from that. You can enable this by changing the value of "1 Knowledge Consistency Checker" to 4 or 5 (no reboot required) which is located in HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics. From there, you'll find that next time KCC generates these errors many others are also generated in that same log which may give you a clue. 2) People sometimes send me a full ldif dump of their config container and I can pick through it. In this case, that probably would not be fruitful as the 1566 indicates connectivity issues. An 1126 (not enough site connectivity) would be an error where I do this. Also, starting a network trace, performing ipconfig /flushdns then kicking KCC manually may be fruitful as well. If there is a problem of some other sort (DNS being a likely culprit) that may be viewable there. You would first want to ensure you're pointed to another DC for DNS though, as otherwise you wouldn't see the DNS query that the DC issues for name resolution. It could be any sort of connectivity, DNS is just the most common. ~Eric List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
