Discussion:
ntfrs 13508
(too old to reply)
Antti
2006-01-11 16:33:27 UTC
Permalink
Hi.

I'm having trouble with replication. From event log:

"The File Replication Service is having trouble enabling replication from
server2 to server1 for c:\windows\sysvol\domain using the DNS name
server2.domain.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name server2.domain.local from
this computer.
[2] FRS is not running on server2.domain.local.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem is
fixed you will see another event log message indicating that the connection
has been established.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp."


This just started two days ago. Files in the sysvol share won't replicate
any more. AD replicates fine. Name resolution seems to work and there are
records in DNS for both DCs. File replication is running on both and there's
no firewall in between. I have googled a lot but nothing seems to help. Any
ideas would be appreciated.

Run on server1:
FRSDiag:

Processing ntfrsutl ds....NTFRSUTL ERROR - Cannot RPC to computer, server2;
000006d9 (1753)... Make sure you are logged on as a Domain Admin! Skipping!

ntfrsutl version server2:

NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Mar 24 2005 15:06:29
ERROR - Cannot bind w/authentication to computer, server2; 000006d9 (1753)
ERROR - Cannot bind w/o authentication to computer, server2; 000006d9 (1753)
ERROR - Cannot RPC to computer, server2; 000006d9 (1753)


Antti
Jabez Gan [MVP]
2006-01-11 16:46:20 UTC
Permalink
Hi,

The issue is addressed here:

Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA

Also, make sure that the user you are logged on has Domain Admin
rights/permission.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Hi.
"The File Replication Service is having trouble enabling replication from
server2 to server1 for c:\windows\sysvol\domain using the DNS name
server2.domain.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name server2.domain.local from
this computer.
[2] FRS is not running on server2.domain.local.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp."
This just started two days ago. Files in the sysvol share won't replicate
any more. AD replicates fine. Name resolution seems to work and there are
records in DNS for both DCs. File replication is running on both and
there's no firewall in between. I have googled a lot but nothing seems to
help. Any ideas would be appreciated.
Processing ntfrsutl ds....NTFRSUTL ERROR - Cannot RPC to computer,
server2; 000006d9 (1753)... Make sure you are logged on as a Domain Admin!
Skipping!
NtFrsApi Version Information
NtFrsApi Major : 0
NtFrsApi Minor : 0
NtFrsApi Compiled on: Mar 24 2005 15:06:29
ERROR - Cannot bind w/authentication to computer, server2; 000006d9 (1753)
ERROR - Cannot bind w/o authentication to computer, server2; 000006d9 (1753)
ERROR - Cannot RPC to computer, server2; 000006d9 (1753)
Antti
Antti
2006-01-11 18:34:40 UTC
Permalink
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
I have already done all the procedures mentioned.

"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to ping
the fully qualified domain name (FQDN) of the remote domain controller from
the computer that logged the FRS event ID 13508. If this fails, then
troubleshoot as a DNS or TCP/IP issue. If it succeeds, confirm that the FRS
service is started on the remote domain controller."

Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.

Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.


Antti
Jabez Gan [MVP]
2006-01-12 03:31:19 UTC
Permalink
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try recreating
the replication so you can have another chance to type in the user/password
of the domain admin. If it fails, reset the password of the domain admin and
try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds, confirm
that the FRS service is started on the remote domain controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Antti
2006-01-12 13:20:18 UTC
Permalink
The servers won't replicate sysvol, which uses FRS, doesn't it? I don't
remember (and have not seen any info about) setting up a replication group
for sysvol replication. Please correct me if I'm wrong. I'm going to boot
the other one today, I hope it helps...

Antti
Post by Jabez Gan [MVP]
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try recreating
the replication so you can have another chance to type in the
user/password
Post by Jabez Gan [MVP]
of the domain admin. If it fails, reset the password of the domain admin and
try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
Post by Jabez Gan [MVP]
Post by Antti
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds, confirm
that the FRS service is started on the remote domain controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Antti
2006-01-12 20:35:35 UTC
Permalink
Well, booting didn't help either. AD still replicates, and I can connect
with mmc (DNS) from one server to the other. Netstat shows that ntfrs binds
(connection established) from one server to the other. I have been looking
for a solution for a couple of days. Maybe I should just demote the other DC
and forget about having two. This really sucks.

Antti
Post by Antti
The servers won't replicate sysvol, which uses FRS, doesn't it? I don't
remember (and have not seen any info about) setting up a replication group
for sysvol replication. Please correct me if I'm wrong. I'm going to boot
the other one today, I hope it helps...
Antti
Post by Jabez Gan [MVP]
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try
recreating
Post by Jabez Gan [MVP]
the replication so you can have another chance to type in the
user/password
Post by Jabez Gan [MVP]
of the domain admin. If it fails, reset the password of the domain admin
and
Post by Jabez Gan [MVP]
try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
Post by Jabez Gan [MVP]
Post by Antti
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds,
confirm
Post by Jabez Gan [MVP]
Post by Antti
that the FRS service is started on the remote domain controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Jabez Gan [MVP]
2006-01-13 00:49:28 UTC
Permalink
Hi,

I wouldn't know where to check next, so perhaps you might want ot submit a
support ticket to MS?
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Well, booting didn't help either. AD still replicates, and I can connect
with mmc (DNS) from one server to the other. Netstat shows that ntfrs
binds (connection established) from one server to the other. I have been
looking for a solution for a couple of days. Maybe I should just demote
the other DC and forget about having two. This really sucks.
Antti
Post by Antti
The servers won't replicate sysvol, which uses FRS, doesn't it? I don't
remember (and have not seen any info about) setting up a replication group
for sysvol replication. Please correct me if I'm wrong. I'm going to boot
the other one today, I hope it helps...
Antti
Post by Jabez Gan [MVP]
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try
recreating
Post by Jabez Gan [MVP]
the replication so you can have another chance to type in the
user/password
Post by Jabez Gan [MVP]
of the domain admin. If it fails, reset the password of the domain admin
and
Post by Jabez Gan [MVP]
try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
Post by Jabez Gan [MVP]
Post by Antti
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds,
confirm
Post by Jabez Gan [MVP]
Post by Antti
that the FRS service is started on the remote domain controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Jan Dye
2006-01-30 19:21:12 UTC
Permalink
Hello - I'm having this very same issue and have tried all the suggestions
in the article mentioned. In your advice you mention recreating the
replication group. How exactly do you do that? I don't see a way to just
recreate the replication group. When I created my DFS root and targets I was
never prompted to enter an admin username or password.

Jan Dye
Post by Jabez Gan [MVP]
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try recreating
the replication so you can have another chance to type in the user/password
of the domain admin. If it fails, reset the password of the domain admin
and try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds,
confirm that the FRS service is started on the remote domain controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Jabez Gan [MVP]
2006-01-31 08:38:28 UTC
Permalink
Hi Jan,

When I say "Recreate the replication group", it means deleting and adding a
new Replication Group.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Jan Dye
Hello - I'm having this very same issue and have tried all the suggestions
in the article mentioned. In your advice you mention recreating the
replication group. How exactly do you do that? I don't see a way to just
recreate the replication group. When I created my DFS root and targets I
was never prompted to enter an admin username or password.
Jan Dye
Post by Jabez Gan [MVP]
I would say try deleting and recreating the replication group. For some
reason it is saying that the permission is wrong, so I would try
recreating the replication so you can have another chance to type in the
user/password of the domain admin. If it fails, reset the password of the
domain admin and try again.
--
Jabez Gan [MVP]
Microsoft MVP: Windows Server
http://www.blizhosting.com
MSBLOG: http://msblog.resdev.net
Post by Antti
Post by Jabez Gan [MVP]
Hi,
Troubleshooting FRS Events 13508 without FRS Event 13509
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd11.mspx#ENAA
I have already done all the procedures mentioned.
"ntfrsutl version <FQDN of remote domain controller>
If this fails, check network connectivity by using the Ping command to
ping the fully qualified domain name (FQDN) of the remote domain
controller from the computer that logged the FRS event ID 13508. If this
fails, then troubleshoot as a DNS or TCP/IP issue. If it succeeds,
confirm that the FRS service is started on the remote domain
controller."
Fails as I wrote in my first post. Ping works. AD replication does too.
Dcdiag /test:dns all good. FRS is running.
Post by Jabez Gan [MVP]
Also, make sure that the user you are logged on has Domain Admin
rights/permission.
Sure.
Replication did work earlier (got 13509). It fails regardless of the
direction server1 <-> server2. Both report 13508.
Antti
Continue reading on narkive:
Loading...