The attempt to establish a replication link for the following writable...

stevefckay
62.2% (Friendly)
Member Topic Starter

3 years ago

What are all these errors - are they all active directory problems?

We also have these errors:

Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 04/03/2020 19:08:34
Event ID: 1925
Task Category: Knowledge Consistency Checker
Level: Warning
Keywords: Classic
User: ANONYMOUS LOGON
Computer: companyDC01.company.local
Description:
The attempt to establish a replication link for the following writable directory partition failed.

Directory partition:
DC=ForestDnsZones,DC=company,DC=local
Source directory service:
CN=NTDS Settings,CN=companyLON-DC01,CN=Servers,CN=London,CN=Sites,CN=Configuration,DC=company,DC=local
Source directory service address:
2f8a5d79-4bd8-4872-bef5-2ad09c467893._msdcs.company.local
Intersite transport (if any):
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=company,DC=local

This directory service will be unable to replicate with the source directory service until this problem is corrected.

User Action
Verify if the source directory service is accessible or network connectivity is available.

Additional Data
Error value:
1722 The RPC server is unavailable.
Event Xml:

1925
0
3
1
0
0x8080000000000000

33619

Directory Service
companyDC01.company.local

DC=ForestDnsZones,DC=company,DC=local
2f8a5d79-4bd8-4872-bef5-2ad09c467893._msdcs.company.local
The RPC server is unavailable.
CN=NTDS Settings,CN=companyLON-DC01,CN=Servers,CN=London,CN=Sites,CN=Configuration,DC=company,DC=local
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=company,DC=local
1722

Log Name: File Replication Service
Source: NtFrs
Date: 04/03/2020 19:02:56
Event ID: 13508
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: companyDC01.company.local
Description:
The File Replication Service is having trouble enabling replication from companyLON-DC01 to companyDC01 for c:\windows\sysvol\domain using the DNS name companyLON-DC01.company.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name companyLON-DC01.company.local from this computer.
[2] FRS is not running on companyLON-DC01.company.local.
[3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
Event Xml:

13508
3
0
0x80000000000000

522
File Replication Service
companyDC01.company.local

companyLON-DC01
companyDC01
c:\windows\sysvol\domain
companyLON-DC01.company.local
BA060000

Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 04/03/2020 19:01:30
Event ID: 1126
Task Category: Global Catalog
Level: Error
Keywords: Classic
User: ANONYMOUS LOGON
Computer: companyDC01.company.local
Description:
Active Directory Domain Services was unable to establish a connection with the global catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200e24

User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
Event Xml:

1126
0
2
18
0
0x8080000000000000

33617

Directory Service
companyDC01.company.local

3200e24
1355
The specified domain either does not exist or could not be contacted.

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 04/03/2020 18:46:41
Event ID: 4013
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: companyDC01.company.local
Description:
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
Event Xml:

4013
0
3
0
0
0x80000000000000

7455

DNS Server
companyDC01.company.local

Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 04/03/2020 18:46:28
Event ID: 2886
Task Category: LDAP Interface
Level: Warning
Keywords: Classic
User: ANONYMOUS LOGON
Computer: companyDC01.company.local
Description:
The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds, configuring the server to reject them will improve the security of this server.

Some clients may currently be relying on unsigned SASL binds or LDAP simple binds over a non-SSL/TLS connection, and will stop working if this configuration change is made. To assist in identifying these clients, if such binds occur this directory server will log a summary event once every 24 hours indicating how many such binds occurred. You are encouraged to configure those clients to not use such binds. Once no such events are observed for an extended period, it is recommended that you configure the server to reject such binds.

http://go.microsoft.com/fwlink/?LinkID=87923 .

You can enable additional logging to log an event each time a client makes such a bind, including information on which client made the bind. To do so, please raise the setting for the "LDAP Interface Events" event logging category to level 2 or higher.
Event Xml:

2886
0
3
16
0
0x8080000000000000

33609

Directory Service
companyDC01.company.local

Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 04/03/2020 18:36:00
Event ID: 1126
Task Category: Global Catalog
Level: Error
Keywords: Classic
User: ANONYMOUS LOGON
Computer: companyDC01.company.local
Description:
Active Directory Domain Services was unable to establish a connection with the global catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID: 3200e24

User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
Event Xml:

1126
0
2
18
0
0x8080000000000000

33599

Directory Service
companyDC01.company.local

3200e24
1355
The specified domain either does not exist or could not be contacted.

Presumably they are all related.. 😣

Sponsor

Want to thank us? Use: Patreon or PayPal or Bitcoins: bc1q4whppe29dw77rm4kv4pln0gqae4yjnxly0dny0hky6yhnafukzjsyrsqhk

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.

Wanna join the discussion?! Login to your PC & Mac Help and Assistance forum account or Register a new forum account

Important Information:

The PC & Mac Help and Assistance uses cookies. By continuing to browse this site, you are agreeing to our use of cookies. More Details Close