repadmin /options PCDCDC01 -DISABLE_OUTBOUND_REPL
repadmin /options PCDCDC01 -DISABLE_INBOUND_REPL
On domain controllers that are experiencing this issue, disable the Kerberos Key Distribution Center service (KDC). To do so:
Click Start, point to Programs, click Administrative Tools, and then click Services.
Double-click KDC, set the startup type to Disabled, and then restart the computer.
After the computer restarts, use the Netdom utility to reset the secure channels between these domain controllers and the PDC Emulator operations master role holder. To do so, run the following command from the domain controllers other than the PDC Emulator operations master role holder:
netdom resetpwd /server:server_name /userd:domain_name\administrator /passwordd:administrator_password
Where server_name is the name of the server that is the PDC Emulator operations master role holder.
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
260575 How to Use Netdom.exe to Reset Machine Account Passwords
After you reset the secure channel, restart the domain controllers. Even if you attempt to reset the secure channel using the Netdom utility, and the command does not complete successfully, proceed with the restart process.
If only the PDC Emulator operations master role holder is running, the KDC forces the other domain controllers to resynchronize with this computer, instead of issuing themselves a new Kerberos ticket.
After the computers have finished restarting, start the Services program, restart the KDC service, and then attempt replication again.
repadmin /options PCDCDC01 -DISABLE_INBOUND_REPL
On domain controllers that are experiencing this issue, disable the Kerberos Key Distribution Center service (KDC). To do so:
Click Start, point to Programs, click Administrative Tools, and then click Services.
Double-click KDC, set the startup type to Disabled, and then restart the computer.
After the computer restarts, use the Netdom utility to reset the secure channels between these domain controllers and the PDC Emulator operations master role holder. To do so, run the following command from the domain controllers other than the PDC Emulator operations master role holder:
netdom resetpwd /server:server_name /userd:domain_name\administrator /passwordd:administrator_password
Where server_name is the name of the server that is the PDC Emulator operations master role holder.
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
260575 How to Use Netdom.exe to Reset Machine Account Passwords
After you reset the secure channel, restart the domain controllers. Even if you attempt to reset the secure channel using the Netdom utility, and the command does not complete successfully, proceed with the restart process.
If only the PDC Emulator operations master role holder is running, the KDC forces the other domain controllers to resynchronize with this computer, instead of issuing themselves a new Kerberos ticket.
After the computers have finished restarting, start the Services program, restart the KDC service, and then attempt replication again.
No comments:
Post a Comment