There are no more endpoints available from the endpoint mapper – Server 2012r2

Fix non-replicating Domain Controller issue, Fixing Domain Controller Replication Failure issues

Couple of days ago, I noticed that one of the Domain controller wasn’t replicating to another Domain Controller in a different site. I deleted the site link, and re-created the site link which didn’t fix the issue for me, below is the error message I was getting when I ran “repadmin /showreps” from the command prompt.

However, if I logged in to the 2nd DC and did a “repadmin/ showreps”, I would see replication working the other way, ie below
Problem Description

Site A = DC 1

Site B = DC 2 (DR site)

Note – All replication are inbound. When someone refers to outbound replication, they are referring to another server replication inbound traffic. Example. For instance, If DC1 and DC2 are replication partners, DC1 replicates inbound from DC2. In turn, DC2 replicates inbound from DC1. Outbound replication for DC1 refers to DC2 pulling replication from DC1.

Solution

I searched on the problem for a bit and ended up finding a reference article on Technet that indicated exact behaviour and this type of behaviour usually occurs on a newly created DC, which was the case for me. The article basically pointed at checking the server GUID & DNS records.

Upon looking at the GUID, I could see that one of the GUID in the replication site link was incorrect.

Anyway, below are the options I continued on with to fix the issue

1. Before deleting the site link, log in to DC2, open command prompt & do Repadmin/ showreps and make note of the GUID of Site A or DC1. We will use “repadmin /add” command which requires us to refer to the Server GUID of DC1 and DC2. Therefore, we first need to determine each Server’s “Server GUID”. This can be done by running the command Repadmin /showreps on each server. One of the first lines in the output of this command specifies the “objectGUID” as shown here:
GUID is to be used in the Repadmin/Add command.

2. The domain name for this example is Vlad.net. The server GUIDs for the two DCs are: DC1 server GUID = 72fa03a0-bd4c-4c86-87b8-8b1b0eaf5e5f. DC2 Server GUID = 1cb377b0-d04e-473d-9a27-bdeb709e4ec5

In the sites and services snap-in, go to DC2 (The bad DC) and delete all connection objects – manual and automatically generated.

3. Create a new connection from the broken DC to the good DC, using the Repadmin/ add command line utility from command prompt, in this example, DC1 is a known good DC and replication from DC2 to DC1 is failing.

C:\>repadmin /add “cn=configuration,dc=vlad,dc=net” 72fa03a0-bd4c-4c86-87b8-8b1b0eaf5e5f._msdcs.vlad.net 1cb377b0-d04e-473d-9a27-bdeb709e4ec5

._msdcs.vlad.net

Note that we listed the GUID of the good DC first (destination) and the GUID of the broken DC last (source). This creates a link from the broken DC to the good DC.
During this procedure using Repadmin/add, if you get error 8441: distinguished name already exists, then the connection is already there – delete the existing connection or proceed to next step

4. Execute a full replication sync across the connection just built:

C:\>repadmin /sync cn=configuration,dc=enterprises,dc=vlad,dc=net 72fa03a0-bd4c-4c86-87b8-8b1b0eaf5e5f /force /full

In this case, the name of the good DC is listed first (destination) and the GUID of the broken machine (source) is listed last. This will force a synchronization across the connection just made. A success notice should appear.

5. Validate that Replication works.

In Sites & Services, check to make sure there are automatically generated connection objects from the broken machine to the good one (root) and make sure Replicate Now works on that object without error. Also right click on the NTDS Settings object for each DC, go to All Tasks – Check Topology. Make sure it executes without error.

6. Check the Directory Services, System and Application event logs for related errors.

To ensure that replication is working, create a new site in Sites and Services on the broken machine and see if it replicates to the good one (remember to focus the snapin on each machine to see it’s view of the world). Also create a user account on the broken machine in the Users and Computers snapin and see if it replicates to the good machine. This tests the schema and configuration naming contexts (site creation) and the domain naming context (the user account).

Thanks

 

Leave a Reply

Your email address will not be published. Required fields are marked *