DC's are unable to perform BIND.

-

hi everyone,

i getting weird error having hard time troubleshooting. environment has 3 domain controllers, dc1 dc2 , dc3. getting errors when performing manual replications, getting access denied when opening gpmc (as aduc, sites , services, etc) console when connected dc. 

dc1 , dc2 have trouble connecting other domain controllers. unable force sync these domain controllers using repadmin /syncall.

here result of repadmin /syncall on dc1 , dc2:

callback message: error contacting server a9326fa6-e465-4a55-8fe4-143f4d2100e8._msdcs.fqdn.com (network error): 5 (0x5):        access denied.    callback message: error contacting server 3dc7a026-c031-4bdc-915f-f200e0aebcba._msdcs.fqdn.com (network error): 5 (0x5):        access denied.    callback message: error contacting server 83ce846e-4d0a-485e-a414-4ac5abc39bc5._msdcs.fqdn.com (network error): 5 (0x5):        access denied.        syncall exited fatal win32 error: 8440 (0x20f8):        naming context specified replication operation invalid.

from dc3 dc1 , dc2 works fine.

repadmin /showrepl on each dc shows successful directory partitions.


from dc1 , dc2, here result repadmin /bind dc3

error: ldap lookup operation failed following error:    
ldap error 49(0x31): invalid credentials    
server win32 error 0(0x0):    
extended information:

does have idea on how can further troubleshoot this?

 

hi all,

i figured out why throwing error message. logged domain controller domain admin account , worked fine. narrowed down personal account. have domain similar namespace , had put in *.contoso.com address in credential manager. because have similar dns suffixes, used expired credential domain throwing access denied messages. all-in-all, user error. d'oh!

thanks everyone's suggestions , trying solve this. 



Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

Motherboard replacement

-
running windows 10 technical preview, need replace motherboard can run the  sysprep  command restoring pc ? or there easier  or more preferred way ? thanks if replace motherboard within same family of chipsets (i.e. intel > intel or amd > amd), should okay restarting pc twice. carey frisch Windows 10 Insider Preview  >  Windows 10 Insider Preview General
Read more

Cannot create Full Text Search catalog after upgrading to V12 - Database is not fully started up or it is not in an ONLINE state

-
in order access new full text search capiblities of sql azure, upgraded our azure sql v12. (a day later), when try create new catalog: create fulltext catalog mycatalog default i following message: msg 9972, level 16, state 100, line 1 database not started or not in online state. try full-text ddl command again after database started , becomes online. hi scott, apologies inconvenience caused you. known issue on service side , fix going included in next update. specific case mitigated, should able use full-text search syntax now. thanks, mihaela Microsoft Azure  >  Azure SQL Database
Read more

Remote Desktop App - Error 0x207 or 0x607

-
hi all, i manage windows 2012 r2 network, including connection broker, session hosts , remote apps virtual servers.  i've used remote desktop app on own android phone, no issues @ - connects published gateway url , can login , access network. we looking move business onto nokia handsets ms operating system (currently on blackberry), not able connect via remote desktop app on nokia lumia handset. setup, per android config , brings remote apps , remote desktop screen, know can connect.  when select remote desktop, shows following process: initiating remote connection securing remote connection certificate can't verified - choose connect it digitally signed cert (digicert sha2), pc name different physical connection broker name (inherited domain name old gov project - can't publish publicly) initiating establishing securing connection error have been 0x207 getting 0x607 a bit baffled, work on android (and ipad @ home using app). assume ms use d...
Read more