I ended up sending another Dc to the site so I could just readd this server to the domain but AD will not start on that box. I keep getting an error - rpc server unavailable. We have approx 9 DCs (4 at HQ and one at each remote site). We have dcs at our other remote sites (diagram below):
Site1 Site2 Site3 (wan connection using private sprint network) -- HQ -- site6 (business cable modem with vpn tunnel to corporate (internet)) Site4 Site5 The new DC can ping but anything else gets a RPC server unavailable unavailable error. I thought AD could replicate over a modem connection? So, I am not sure where I need to go from here. Any thoughts? Thank you for your time! Jennifer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain Sent: Sunday, August 07, 2005 2:36 PM To: [email protected] Subject: RE: [ActiveDir] Problem at remote site I can only browse our file server but the connection if very slow to come up. I cannot browse any other server. I can; however, telnet to all ports on the boxes I cannot browse to. All of my clients at the remote site can browse these servers without issue. I am see tons of 1311 errors: Event Type: Error Event Source: NTDS KCC Event Category: Knowledge Consistency Checker Event ID: 1311 Date: 8/7/2005 Time: 1:30:21 PM User: N/A Computer: DC Description: The Directory Service consistency checker has determined that either (a) there is not enough physical connectivity published via the Active Directory Sites and Services Manager to create a spanning tree connecting all the sites containing the Partition CN=Configuration,DC=domain,DC=net, or (b) replication cannot be performed with one or more critical servers in order for changes to propagate across all sites (most often due to the servers being unreachable). For (a), please use the Active Directory Sites and Services Manager to do one of the following: 1. Publish sufficient site connectivity information such that the system can infer a route by which this Partition can reach this site. This option is preferred. 2. Add an ntdsConnection object to a Domain Controller that contains the Partition CN=Configuration,DC=domain,DC=net in this site from a Domain Controller that contains the same Partition in another site. For (b), please see previous events logged by the NTDS KCC source that identify the servers that could not be contacted. When I check the sites and services, I see a connector for all of the DCs in my site. I also noticed that the KCC configured it to be an IP not RPC connection. There aren't any ACLs, firewalls that are in the way of these servers. Thank you for your time! Jennifer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Sunday, August 07, 2005 12:51 PM To: [email protected] Subject: RE: [ActiveDir] Problem at remote site Jennifer, I haven't paid close attention to the thread or the issues that you've been having - other than you had a problem getting it promoted. I suspect that the cause is likely related. First, Network Browse uses a completely different set of communication methods and the fact that you can or cannot see anything via browsing is really immaterial at this point. I'd suggest pings to the DCs on the other end of the connection and directed telnet over 389, 3268, 88, etc. to get a feel for the real communication abilities. Look this over as well. For 1311 Errors, this is a perfect starting point to resolve or narrow down the problems. http://support.microsoft.com/default.aspx?scid=kb;en-us;307593 Can you give us some detail (again... I know) on the remote and local connection methods - are there firewalls, ACLs on routers - anything that might be interfering with the wide variety of ports / protocols that AD Replication / AD Communication uses? Rick ********************************************************************************* The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
