Der DC Server der Hauptdomäne (Spacegate) wurde entfernt und auf einen anderen Server verlagert. Die Replikationspartner in den Subdomains haben davon nichts mitbekommen.
Die DCs in den Subdomains versuchen immer noch den SPACEGATE (alten DC) zu finden. Wie kann ich der Subdomain beibringen, dass sie mit einem neuen DC replizieren soll.
DCDiag.exe bringt folgendes:
Doing primary tests
Testing server: Sto-KTS-Villach\SVR-202479
Starting test: Replications
[Replications Check,SVR-202479] A recent replication attempt failed:
From SPACEGATE to SVR-202479
Naming Context: DC=ForestDnsZones,DC=xxx,DC=xx,DC=at
The replication generated an error (1256):
Der Remotecomputer ist nicht verfgbar. Weitere Informationen zur Behebung von Netzwerkproblemen finden Sie in der Windows-Hilfe.
The failure occurred at 2007-09-04 10:48:59.
The last success occurred at 2007-05-18 06:48:51.
655 failures have occurred since the last success.
[Replications Check,SVR-202479] A recent replication attempt failed:
From SPACEGATE to SVR-202479
Naming Context: CN=Schema,CN=Configuration,DC=xxxx,DC=xx,DC=at
The replication generated an error (1396):
Anmeldung fehlgeschlagen: Der Zielkontoname ist ungltig.
The failure occurred at 2007-09-04 10:48:59.
The last success occurred at 2007-05-18 06:48:51.
655 failures have occurred since the last success.
Kerberos Error.
The KDC could not find the SPN for the server SPACEGATE.
This can be for several reasons:
(1) - The SPN is not registered on the KDC (usually SVR-202479).
Check that the SPN is registered on at least one other server
besides SPACEGATE, and that replication is progressing between
this server and the KDC. The tool repadmin/syncall can be used
for this purpose.
(2) - This server could be a deleted server (and deleted DSA
object), and this deletion has not replicated across the
enterprise yet. This will rectify itself within the general
replication latency plus the latency of the KCC. Should be less
than a day.
(3) - It's possible that this server was reclaimed, but it's
DSA object was not deleted and an old DNS record representing
the server is present. This can result in this error for the
duration of a DNS record lease. Often about 2 weeks. To fix
this, please clean up the DSA's metadata with ntdsutil.
(4) - Finally, it's possible that this server has acquired a
new IP address, the server's old IP address has been reused, and
DNS hasn't been updated to reflect the new IP address. If this
problem persists, stop and restart the "Net Logon" service on
SPACEGATE, and delete the old DNS record.
[Replications Check,SVR-202479] A recent replication attempt failed:
From SPACEGATE to SVR-202479
Naming Context: CN=Configuration,DC=xxxx,DC=xx,DC=at
The replication generated an error (1396):
Anmeldung fehlgeschlagen: Der Zielkontoname ist ungltig.
The failure occurred at 2007-09-04 10:48:59.
The last success occurred at 2007-05-18 06:48:51.
655 failures have occurred since the last success.
Kerberos Error.
The KDC could not find the SPN for the server SPACEGATE.
This can be for several reasons:
