![]() If firewalls are used on your corporate network and the replication port AD is fixed, then replication won’t work on the newly promoted DC. For example, to bind the AD replication traffic on TCP port 5000 (0x1388), you need to change the registry key on the domain controller: In this case, the fixed RPC port number must be configured in the domain controller registry. In some cases, an AD administrator can bind (restrict) Active Directory replication traffic on a specific port. Windows Server 2008 R2 (and higher) uses the following port range for TCP Dynamic RPC - from 49152 to 65535. The primary address should be the address of another DC, and the secondary one is its own IP address.Ĭheck the DNS health on a problem DC with the dcdiag tool: DCDIAG /TEST:DNS /V /S:Īctive Directory uses the dynamic range of TCP ports for replication. Check if the correct DNS servers’ IP addresses are specified in the DC network connection settings. This means that to make changes from dc02 to dc01, it is required that dc02 should be the replication partner of the dc01.įirst of all, to verify that everything is fine with replication, you need to make sure the UNC path \\lon-dc01 (this is a problematic DC that returns error 1722 RPC server unavailable) is accessible, and the SYSVOL and NETLOGON folders are shared.Ī common source of such problems is the incorrect DNS configuration on the DC. Each domain controller periodically writes changes that occurred on other domain controllers (replication partners) to its local AD database (ntds.dit file). Replication (Synchronization) Active Directory is a fully automated process. Now let’s say a few words about how replication works in an Active Directory domain. Make sure the specified domain controllers are powered on and the following Windows services are running on them: Poor network performance or high latency.Incorrect DNS configuration on domain controllers, or invalid DNS records.Changes have been made to the network, or new Windows Defender Firewall rules have been added to block the AD replication traffic.The domain controller is offline (or broken).Let’s consider the typical reasons for such an error: There is a similar error RPC Server is Unavailable 0x800706BA, which is usually not associated with Active Directory domain controllers, and can occur on any Windows device.
0 Comments
Leave a Reply. |