[Pc_Support] ADS Replication Issues (Events 1311, 1566) -- WAS: [Off-list] Winternals

Tue Nov 1 13:33:50 EST 2005

Someone from the Illinois LUG lists I've been having an
off-list thread with.  He's joined the list and I'm reposting
my most recent response.

FYI, the thread started with an inquiry of the Winternals
tools -- I'm sure he was talking about the Insight for AD and
other goodies.  I've never used them, so if you have, please
sound off.

--- "Bryan J. Smith" <b.j.smith at ieee.org> wrote:
> Date: Tue, 1 Nov 2005 09:10:59 -0800 (PST)
> From: "Bryan J. Smith" <b.j.smith at ieee.org>
> Subject: Re: [Off-list] Re: Winternals
> To: Joe Tosetti <jtosetti at gmail.com>
> 
> Joe Tosetti <jtosetti at gmail.com> wrote:
> > I've joined.  It's the first Windows list I've ever been
> > on.
> 
> I'm on several Windows lists, but all but the one we
> created at LEAP seem to be "people networking" lists.
> 
> On the Orlando NT Professionals Association (ONTPA) list, I
> remember getting chastized for posting twice in the same
> day. And whenever I talked about some great new Freedomware
> (Open Source) for Windows, I got a dozen nasty e-mails from
> people who think I was trying to sell them software.  They
> thought it was a trial or, worse yet, some spyware-infested
> freeware/shareware.  I'd expect that out of some "general
> computer club," but not out of a MCSE dominated
professional
> association.
> 
> > We only have one domain spanning three sites.
> 
> That shouldn't be an issue then.
> 
> > At the risk of getting you started (lol), what is
> > "proper" replication.
> 
> I have a general rule -- quadruple the replication time for
> every order of magnitude slower your network is.  E.g.,
> 
>       1000Base -- replicate every 15 minutes (default)
>        100Base -- replicate every 1 hour
>         10Base -- replicate every 4 hours
>  T-1 (1.5Mbps) -- replicate every 24 hours (3am)
> 
> For 768+Kbps SDSL, treat as T-1.  For ASDL (384Kbps or
> lower), manually replicate.
> 
> If you use an out-of-band (OoB) connection dedicated
> between DCs, then 100Base can replicate every 15 minutes
> without issue IMHO.
> 
> After setting up the Sites in the Sites MMC, I use
> "repadmin" to handle quickly playing with and changing
> these defaults.
> 
> It's very possible that KCC is running every 15 minutes,
> not enough time for you to get full replication between
> DCs.
> 
> > I currently let KCC generate the A.D. connections over
> > the site links.
> 
> The KCC defaults are a poor set for intersite links IMHO. 
> KCC defaults are great for 100+Mbps links, but suck on
> anything slower IMHO.
> 
> There's a good document on troubleshooting ADS replication
> at TechNet here:  
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Operations/4f504103-1a16-41e1-853a-c68b77bf3f7e.mspx
>  
> > Every seven days we are required to reboot all of the
> > domain controllers and any windows servers that provide
> > services based off of windows authentication. 
> > Approximately every 15 minutes event id's 1311
> 
> Yep, that error typically signifies that KCC is assuming
> you have 100Mbps links between sites, but they are far,
> far slower.
> 
> > and 1566
> 
> Interesting, never seen that one before.  A quick TechNet
> search turned up this very recent article for Windows 2000
> -- something that has yet to be addressed in a service
pack:  
http://support.microsoft.com/default.aspx?scid=kb;en-us;268109
> 
> I would address the 1311 topology/timing issue first, which
> might clear up that 1566 with it.
> 
> BTW, don't forget about Microsoft Operations Manager (MOM):
>  
>   http://www.microsoft.com/mom/  
> 
> The free 120-day trial here can't hurt:  
>   http://www.microsoft.com/mom/evaluation/trial/  
> 
> I really need to get more experience with it myself
> (especially since Microsoft has a new certification for
> it).
> 
> Probably most relevant is the Active Directory Management
> Pack (ADMP) for Microsoft Operations Manager (MOM).  A good
> introduction on ADMP is here:  
http://www.microsoft.com/technet/prodtechnol/mom/mom2005/maintain/dirmgmtpackmom.mspx
> 
> 
> > show up in the directory services log of all of the
> > D.C.'s. As far as I can tell there are no warning signs
> > in the logs.  A.D. printers fail about an hour before
> > anything shows up in the diretory services log.
> 
> Yep, sounds like an inconsistency due to a replication not
> completing.  IIRC, printer shares are the last to be
> replicated.  And ADS is an Access-Jet store, so that's
> going leave it inconsistent regularly -- regardless of what
> the KCC tries to do about it.
> 
> > I know there is a clue here since it happens every 7
> > days, but I can't seem to find it.
> 
> 7 * 24 * 4 = almost 700 times a week that KCC runs. 
> Depending on the throughput of your links (clearly
> something that is causing the 1311 error), you'll want to
> reduce that to well under 100 -- probably every 4-6 hours
> at least.
> 
> > What type of network equipment do you prefer.
> 
> Brand is unimportant.  Heck, even NetGear now sells a
> sub-$500 layer-3 (RIPv2) switch with 4xGbE + 24x100M,
> extensive SNMP/RMON, etc...
> 
> > I've always used Cisco since it was in place here when I
> > arrived.
> 
> You're talking to a CCDP (6-exam "Design Professional") so
> I have _no_problem_ with Cisco.  @-ppp
> 
> I'd really need to know more about your topology.  Cisco
> should be fine for it.  I was just saying that I always
> ensure I have a full "bird's eye view" of the physical
> network topology/latency/bandwidth before I modify the
> sites from the wizard, as well as to repadmin.
> 
> > I've looked at Extreme Networks and they look OK at first
> > glance, but I have no experience with them.
> 
> I think they use Linux-based layer-3/4 modules (don't quote
> me, could be VxWorks or even some other embedded OS) to
> complement their layer-2 fabric, but I also have no
> experience with them.

-- 
Bryan J. Smith                | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org     |  (please excuse any
http://thebs413.blogspot.com/ |   missing headers)