I am banging my head against the wall the whole day. In pilot environment we applied a GPO to replace the Default DC GPO. Apparently one of the DCs had some issues when the GPO was applied. The result was: the inbound replication on the DC works, but no other DC can pull from the sick one. Closer examination showed total WMI repository corruption. I have rebuilt it and it looks that WMI is back (not sure it's related, but worth mentioning)
Since than, the new GPO has been unlinked and replaced with default (and as the inbound replication on the DC in question is working, it has replicated to it). But that has not resolved the issue. >From faulty DC issued: repadmin /replicate good_dc bad_dc cn=configuration,dc=compay,dc=com /force Traced the session with network monitor from the good DC... What I see is: - LDAP bind - some searches performed and answered correctly - MSRPC session initiated - RPC request from good DC, RPC response from bad DC - RPC bind request from good DC and RCP Bind Ack from bad DC - again RPC request from good DC, RPC response from bad DC - again RPC bind request from good DC and RPC Bind Nack from bad DC with Provider Reject Reason: "Invalid checksum" I was about to blame the DNS till I got this "Invalid checksum" in the trace... Now the question is: am I complicating the whole thing and should look closer into DNS or this is something else ? Thanks, Guy List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
