On problematic server go to start, then run, and type in services.msc and hit enter. Look for "Kerberos Key Distribution Center Service" and right click it and choose properties.
Change the startup type to "Manual"
Click ok to exit that window, now right click the service again and choose "Stop"
Change the startup type to "Manual"
Click ok to exit that window, now right click the service again and choose "Stop"
Now right click the command prompt and run as administrator. Then run the following command.
netdom resetpwd /server:destinationserverlink /userd:*your_domain*\administrator /passwordd:*admin_password*
So, in the above be sure to change the "*your_domain*" to your domain, and then use your administrator account and password for the \administrator:password
If the above command gives back a failure reboot SCSRVBC1 and try it again. If it fails again, let me know what the error is. If the command completes successfully, reboot SCSRVBC1, navigate back to the services and right click the kerberos one again and choose properties, now set it back to automatically, click ok to close the window then right click again and choose start.
What we are doing here is trying to re-sync the kerberos password the DC's use to authenticate to one another.
ntfrsutl forcerepl DC-04 /r "domain system volume (sysvol share)" /p DC-03.domainname.com
Fix – FRS Event 13508
To fix the problem, you need to designate a domain controller to be authoritative for the Sysvol replica set.
1. Stop the File Replication service on the PDC emulator FSMO role holder.
2. Use the Registry Editor to navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Paramaters\Backup\RestoreProcess at Startup.
3. Double-click the BurFlags Value Name, a REG_DWORD data type, and set the data value to D4, using the Hex radix.
4. Exit the Registry Editor.
5. Start the File Replication service.
Note: If the BurFlags Value Name is set to D4 (authoritative) on more that one replica, conflicts and collisions will occur.
Eventually D2 on other DCs
Nessun commento:
Posta un commento