公司有2臺服務器
1. BICSVR08R2H 附加域控制器 192.168.1.16
2. DC_BIC08R2 主域控制器 192.168.1.219
這2臺域控制器在復制時出現了如下現象:
主域控制器DC_BIC08R2從附加域控制器BICSVR08R2H復制 OK
附加域控制器BICSVR08R2H從主域控制器DC_BIC08R2復制 X
如下圖所示:
為了解決這個問題對照了微軟在官網上給出的參考文檔、但最終貌似并
不能解決我所面臨的問題。
在此之前做了一系列的嘗試、比如(DNS檢查/重做;重啟netlogon;甚至
連附加域控器都推倒重來了如此種種)。
在幾乎陷入了絕望的時候、我決定把這件事先放到一邊,晚上好好睡一
覺?;蛟S第二天醒來頭腦清醒一下有了靈感也不一定。
第二天早晨上班時我把之前在服務器上所做的所有操作慢慢的在腦海中
回放了一遍(前一段時間勒索病毒肆掠一口氣把135 137 139 445等端口
全部封掉了)時間在這里停頓了幾秒、似乎隱隱看到了一道亮光。我記
得后來某種原因重新解封了137 139 445端口、便唯獨135沒有。
再次嘗試:
步驟1
執行TELNET命令
telnet 192.168.1.16 135 X
telnet 192.168.1.219 135 OK
步驟2
netstat -an | more 檢查端口是否處于監聽狀態。
步驟3
檢查 IP security policies on local computer
問題就在這兒了,這次我直接把 Deny_135_137_139_445 設為不指派(
以前只是從中刪除了 137 139 445)、然后在Active Directory 站點
和服務 中再次進行測試。
如下圖所示(至此故障已解決):
總結:
因為使用IP security policies on local computer 時禁用了域控制器之間復制時所需要
用到端口從而導致復制時的故障。
關于135/以下來源于百度
135端口就是用于遠程的打開對方的telnet服務 ,用于啟動與遠程計算機的 RPC 連接,很容
易就可以就侵入電腦。大名鼎鼎的“沖擊波”就是利用135端口侵入的。 135的作用就是進行
遠程,可以在被遠程的電腦中寫入惡意代碼,危險極大。
135端口主要用于使用RPC(Remote Procedure Call,遠程過程調用)協議并提供DCOM(分
布式組件對象模型)服務。
附上/出現故障時的dcdiag診斷的部份內容
C:\Users\Administrator>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc_bic08r2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC_BIC08R2
Starting test: Connectivity
......................... DC_BIC08R2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC_BIC08R2
Starting test: Advertising
......................... DC_BIC08R2 passed test Advertising
Starting test: FrsEvent
......................... DC_BIC08R2 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC_BIC08R2 failed test DFSREvent
Starting test: SysVolCheck
......................... DC_BIC08R2 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x8000082C
Time Generated: 11/07/2017 18:15:37
Event String:
A warning event occurred. EventID: 0x80000828
Time Generated: 11/07/2017 18:18:20
Event String:
Active Directory DNS IP ,Active Directory NetBIOS
......................... DC_BIC08R2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC_BIC08R2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC_BIC08R2 passed test MachineAccount
Starting test: NCSecDesc
......................... DC_BIC08R2 passed test NCSecDesc
Starting test: NetLogons
......................... DC_BIC08R2 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC_BIC08R2 passed test ObjectsReplicated
Starting test: Replications
[Replications Check,DC_BIC08R2] A recent replication attempt failed:
From BICSVR08R2HR to DC_BIC08R2
Naming Context: DC=ForestDnsZones,DC=burnet,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2017-11-07 18:17:13.
The last success occurred at 2017-11-07 17:55:58.
1 failures have occurred since the last success.
[BICSVR08R2HR] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
The source remains down. Please check the machine.
[Replications Check,DC_BIC08R2] A recent replication attempt failed:
From BICSVR08R2HR to DC_BIC08R2
Naming Context: DC=DomainDnsZones,DC=burnet,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2017-11-07 18:17:56.
The last success occurred at 2017-11-07 18:05:12.
2 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC_BIC08R2] A recent replication attempt failed:
From BICSVR08R2HR to DC_BIC08R2
Naming Context: CN=Schema,CN=Configuration,DC=burnet,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2017-11-07 18:16:10.
The last success occurred at 2017-11-07 17:55:58.
1 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC_BIC08R2] A recent replication attempt failed:
From BICSVR08R2HR to DC_BIC08R2
Naming Context: CN=Configuration,DC=burnet,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2017-11-07 18:15:49.
The last success occurred at 2017-11-07 18:01:52.
1 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,DC_BIC08R2] A recent replication attempt failed:
From BICSVR08R2HR to DC_BIC08R2
Naming Context: DC=burnet,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2017-11-07 18:24:03.
The last success occurred at 2017-11-07 18:10:31.
7 failures have occurred since the last success.
The source remains down. Please check the machine.
......................... DC_BIC08R2 failed test Replications
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。