So in our test domain we’re adding a couple of new domain controllers and the plan is to add them to a new site. We’ll be doing this in production later this fall, so I’m practicing on our empty domain. So, I got the new DC’s installed, there are 6 total now all in the same site, replication is working fine, objects replicate, KCC worked out the topology, everything is running as I expect. I add each DC’s subnets to sites and services and assign each of the 4 original to the “Default-First-Site-Name” site. I make a new site, add it to the inter-site IP transport link, reassign the subnets to the new site, and I move the two new domain controllers to it. KCC and replication stop working on one of the two DC’s in the new site. The failure is “RPC server is unavailable”. “KCC could not add this replica link due to error”. The only thing I did was move it from one site to another. Firewall is configured exactly the same as it was in “Default-First-Site-Name”. I’ve used the portquery tool and the results are the same between the same DC’s when they are all in the “Default-First-Site-Name” where everything works, and the new site, where it doesn’t. There really just aren’t that many nobs to tweak for all this. Anybody have any ideas or did I miss something? I don’t want to rebuild these new DC’s only to be back where I am now in another day or two. Todd Todd Mote, MCP, MCSA+Messaging, MCSE Information Technology Services Core Infrastructure – Enterprise Systems Management The University of Texas at Austin moter@xxxxxxxxxxxxxxxx
Site setup/replication problem
- 439 Views
- Last Post 27 July 2015
So, interestingly enough dcdiag got me down the right direction, but it also wasn’t helpful initially.
So when the two new DCs were in DFSN (default-first-site-name) with the other 4 dcs, dcdiag returned pass on everything, and I never went back and ran it again.
When I changed those two subnets that the new dc’s were on to the new site and moved the dc’s to the new site, dcdiag had things to say.
“ A warning event occurred. EventID: 0x000016AA
Time Generated: 07/27/2015 08:14:22
None of the IP addresses (184.108.40.206 2002:9206:a4b6::9206:a4b6) of this Domain Controller map to the configured site 'Default-First-Site-Name'. While
this may be a temporary situation due to IP address changes, it is generally recommended that the IP address of the Domain Controller (accessible to machines in its domain) maps to the Site which it services. If the above list of IP addresses is stable, consider
moving this server to a site (or create one if it does not already exist) such that the above IP address maps to the selected site. This may require the creation of a new subnet object (whose range includes the above IP address) which maps to the selected
site object. “
The ip address hadn’t changed, I only moved sites, and the subnet contains the ip, and it was working 2 minutes ago, so it seemed that ipv6 was maybe fouling
things up because kcc was choosing that address to try and find/create replication links rather than the ipv4 address. And apparently only when the new dc’s were in the new site. Weird. I only have ipv4 subnets in sites and services, no ipv6, so not sure
why this wasn’t an issue when everything was in DFSN.
So I disabled ipv6 everywhere and voila! Everything is working now. kcc worked out the topology and objects replicate in the manner which I expect them to.
So, thanks Sam for suggesting it again, because I had taken it for granted that since it passed once that it would pass again, and because I wanted to be complete
in my answer here it prompted me to run it with the new DC’s in the new site, which uncovered the issue. I also may or may not know how to write a subnet in ipv6 220.127.116.11/27 seems logical to me, I have no idea what it would look like for the above ipv6