Home All Groups Group Topic Archive Search About

NTDS KCC Error 1925 and 2042 in Even manager

microsoft.public.windows.server.active_directory
Author
10 Mar 2006 4:19 PM
Drew Boillot
Hello, i keep getting this error in the even viewer..
I have 3 DC's one is dying, one is a replacement and the thrid is a 'temp'
dc that i put up incase the first one died before we had the new one in and
setup.

it looks like the replacement and the dying one are syncing correctly, but
the last one isn't.
anyone have any ideas on this? I'm at a loss.

Drew
___________________________________________
Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1925
Date:  3/10/2006
Time:  10:03:27 AM
User:  NT AUTHORITY\ANONYMOUS LOGON
Computer: JCEXCH02
Description:
The attempt to establish a replication link for the following writable
directory partition failed.

Directory partition:
CN=Configuration,DC=ACCUBIZ,DC=NET
Source domain controller:
CN=NTDS
Settings,CN=STESERV01,CN=Servers,CN=Accubiz,CN=Sites,CN=Configuration,DC=ACCUBIZ,DC=NET
Source domain controller address:
41b6137d-cb8c-4b0b-89b1-fecf6d2b49d6._msdcs.ACCUBIZ.NET
Intersite transport (if any):


This domain controller will be unable to replicate with the source domain
controller until this problem is corrected.

User Action
Verify if the source domain controller is accessible or network connectivity
is available.

Additional Data
Error value:
8614 The Active Directory cannot replicate with this server because the time
since the last replication with this server has exceeded the tombstone
lifetime.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
=======================================
and
____________________________________________
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2042
Date:  3/10/2006
Time:  10:03:27 AM
User:  NT AUTHORITY\ANONYMOUS LOGON
Computer: JCEXCH02
Description:
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
The reason that replication is not allowed to continue is that the two
machine's views of deleted objects may now be different. The source machine
may still have copies of objects that have been deleted (and garbage
collected) on this machine. If they were allowed to replicate, the source
machine might return objects which have already been deleted.
Time of last successful replication:
2005-08-18 04:57:44
Invocation ID of source:
063ef820-f810-063e-0100-000000000000
Name of source:
41b6137d-cb8c-4b0b-89b1-fecf6d2b49d6._msdcs.ACCUBIZ.NET
Tombstone lifetime (days):
60

The replication operation has failed.

User Action:

Determine which of the two machines was disconnected from the forest and is
now out of date. You have three options:

1. Demote or reinstall the machine(s) that were disconnected.
2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced. You
can continue replication by using the following registry key. Once the
systems replicate once, it is recommended that you remove the key to
reinstate the protection.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
With Divergent and Corrupt Partner


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
===================================

Author
11 Mar 2006 12:31 AM
Jorge de Almeida Pinto [MVP]
the DC has been disconnected for too long (past the tombstone lifetime) from
other DCs.
Two ways to go:
(1) force demote the DC in error (dcpromo /forceremoval), cleanup the
metadata of the DC in error on other DCs
(http://blogs.dirteam.com/blogs/jorge/archive/2005/12/03/213.aspx) (before
doing this first check which DC holds the FSMO roles. if the DC in error
contains the FSMO roles, continue as mentioned and SEIZE the FSMO roles to a
healthy DC after demoting the DC error, cleaning its metadata, but before
promoting it again)
(2) follow the procedure as mentioned in:
http://technet2.microsoft.com/WindowsServer/en/Library/4f504103-1a16-41e1-853a-c68b77bf3f7e1033.mspx

Besides this I guess yiou are having connectivity issues which could be
related to your network or DNS

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
-----------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
-----------------------------------------------------------------------------


-----------------------------------------------------------------------------
Show quoteHide quote
"Drew Boillot" <d***@gocmcs.com> wrote in message
news:%23SzZd5FRGHA.5900@tk2msftngp13.phx.gbl...
> Hello, i keep getting this error in the even viewer..
> I have 3 DC's one is dying, one is a replacement and the thrid is a 'temp'
> dc that i put up incase the first one died before we had the new one in
> and setup.
>
> it looks like the replacement and the dying one are syncing correctly, but
> the last one isn't.
> anyone have any ideas on this? I'm at a loss.
>
> Drew
> ___________________________________________
> Event Type: Warning
> Event Source: NTDS KCC
> Event Category: Knowledge Consistency Checker
> Event ID: 1925
> Date:  3/10/2006
> Time:  10:03:27 AM
> User:  NT AUTHORITY\ANONYMOUS LOGON
> Computer: JCEXCH02
> Description:
> The attempt to establish a replication link for the following writable
> directory partition failed.
>
> Directory partition:
> CN=Configuration,DC=ACCUBIZ,DC=NET
> Source domain controller:
> CN=NTDS
> Settings,CN=STESERV01,CN=Servers,CN=Accubiz,CN=Sites,CN=Configuration,DC=ACCUBIZ,DC=NET
> Source domain controller address:
> 41b6137d-cb8c-4b0b-89b1-fecf6d2b49d6._msdcs.ACCUBIZ.NET
> Intersite transport (if any):
>
>
> This domain controller will be unable to replicate with the source domain
> controller until this problem is corrected.
>
> User Action
> Verify if the source domain controller is accessible or network
> connectivity is available.
>
> Additional Data
> Error value:
> 8614 The Active Directory cannot replicate with this server because the
> time since the last replication with this server has exceeded the
> tombstone lifetime.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> =======================================
> and
> ____________________________________________
> Event Type: Error
> Event Source: NTDS Replication
> Event Category: Replication
> Event ID: 2042
> Date:  3/10/2006
> Time:  10:03:27 AM
> User:  NT AUTHORITY\ANONYMOUS LOGON
> Computer: JCEXCH02
> Description:
> It has been too long since this machine last replicated with the named
> source machine. The time between replications with this source has
> exceeded the tombstone lifetime. Replication has been stopped with this
> source.
> The reason that replication is not allowed to continue is that the two
> machine's views of deleted objects may now be different. The source
> machine may still have copies of objects that have been deleted (and
> garbage collected) on this machine. If they were allowed to replicate, the
> source machine might return objects which have already been deleted.
> Time of last successful replication:
> 2005-08-18 04:57:44
> Invocation ID of source:
> 063ef820-f810-063e-0100-000000000000
> Name of source:
> 41b6137d-cb8c-4b0b-89b1-fecf6d2b49d6._msdcs.ACCUBIZ.NET
> Tombstone lifetime (days):
> 60
>
> The replication operation has failed.
>
> User Action:
>
> Determine which of the two machines was disconnected from the forest and
> is now out of date. You have three options:
>
> 1. Demote or reinstall the machine(s) that were disconnected.
> 2. Use the "repadmin /removelingeringobjects" tool to remove inconsistent
> deleted objects and then resume replication.
> 3. Resume replication. Inconsistent deleted objects may be introduced. You
> can continue replication by using the following registry key. Once the
> systems replicate once, it is recommended that you remove the key to
> reinstate the protection.
> Registry Key:
> HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication
> With Divergent and Corrupt Partner
>
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> ===================================
>
>
>
>



Post Other interesting topics
GPO Login Script
Sites & services
Migrating to W2K3
Make printer available to computer object in AD
R2 Schema Changes
anyone able to answer an ADAM question?
ADAM and replica link
ADAM back and restore
Move shared folders
Correct way to Permission attibutes