AD replication issue

[bigstusexy]

You know sometimes I get confused is it something for the OS section or the network section? I believe that we would have a better answer than the OS section


The problem is I'm get event problems directory service and I know that this one DC isn't replicating changes as it should
Error 1
NTDS (600) NTDSA: The database page read from the file "C:\WINNT\NTDS\ntds.dit" at offset 59621376 (0x00000000038dc000) for 8192 (0x00002000) bytes failed verification due to a page checksum mismatch. The expected checksum was 3965725494 (0xec602b36) and the actual checksum was 100197752 (0x05f8e578). The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

For more information, see Help and Support Center at

Error 2
Internal event: Active Directory could not update the following object with changes received from the following source domain controller. This is because an error occurred during the application of the changes to Active Directory on the domain controller.

Object:
CN=HSRM6,OU=Computers,OU=HS,DC=130,DC=local
Object GUID:
fb05c44d-6666-4d66-872f-48bf789fb55c
Source domain controller:
07a230d4-b8bd-6666-bf6e-5f5a37cdc2b0._msdcs.130.local

Synchronization of the local domain controller with the source domain controller is blocked until this update problem is corrected.

This operation will be tried again at the next scheduled replication.

User Action
Restart the local domain controller if this condition appears to be related to low system resources (for example, low physical or virtual memory).

Additional Data
Error value:
1127 While accessing the hard disk, a disk operation failed even after retries.

For more information, see Help and Support Center at
---------------------------------------

From error 1 I'd believe that I need to somehow just make the server do a full sync with another DC, this I don't know how to do you.

What do you guys think? I'm off to do some research (itsn't it grand I"m worried about this problem and they only pay me minimum wage

Oh BTW did a full disk/FS/Sector scan last nite, seems clean. These severs or POS and we actually have their replacements in boxes ready to be built for replacement (we don't get to do that... poo!)

 

[feigned]

Reinstall A.D. or do a non-authoritative restore from a backup.

But it does look like a problem with the hard disk if it couldn't write whatever information it was trying to write.

I googled a bit, did you? What information did you get?

 

[st4rk]

it's f'd.

make sure to take hold of the roles with the working dc that the broken one had.

also make sure the working dc has a gc.

you'll have to fix whatever hardware is wrong on the broken dc,reinstall the OS, and AD. re-promote it (preferably the same exact name and IP), and you're set.

 

[rcolbert]

Just run dcpromo on the DC with the errormessage to revert it back to a member server, then dcpromo again to make it a shiny new DC. And do follow the previous advice to ensure that none of the FSMO roles are owned by the problematic DC first.

You can also use ntdsutil.exe to run semantic checking and perform offline defragging of the database on the troublesome DC. Just lookup ntdsutil.exe on technet and you'll find a bunch of KB's on the subject. This method might help you understand what the root cause of the problem is a little better.

 

[bigstusexy]

Hello I googled for the rest of my day yesterady and I was quite ineffective and finding anything. my though is to kill the DC and re pormote it like suggested... I'm hopeing I can wait. Yeah I've gotta find the catelog I think my former boss once said that it has it... (AAAAHHHH) Yeah this network is really screwed, someone started a 2k to 2k3 upgrade and didn't do it correctly. I never really covered the upperlevel technical side to AD so I am llarning as I go.

I did get into ntdsutil yesterday but I've gotta get to the server physically because it wouldn't let me check integrity remotely (I knew that I'd have to put it in a specail mode) It just sucks because they don't like us [the techs] at that school, they do things like make us sign in wear badges, and pester us constantely. There are some schools that love us but thats not one of them.

I'm debateing rather or not to squash this because there is a shiny new server sitting in a room waiting to go out. The only problems is that updates and additions to AD have to be replacetad by hand here... The contracters that are going to put in the new server seem like they are going to replace them by scratch, I hope they don't really think they are putting in aditional servers, if they get on the ball they can just rebuild the server and let it replicate (after tehy copy the needed data) Sigh, I really am not likeing my job right now, if I did this probelm would have been licked one way or the other by now... sorry for that short rant.


Thanks for the suggestions if you have more just tell me.