JSI Tip 7927. The Windows 2000 Active Directory Replication Monitor reports replications errors?

Jerold Schulman

April 12, 2004

1 Min Read
ITPro Today logo in a gray background | ITPro Today

When you manually replicate the domain using the Active Directory Replication Monitor in Windows 2000, you receive:

Could not find the domain controller for this domain.

NOTE:

If you use the net use command from a CMD.EXE window or batch file, you receive:

        There are currently no logon servers available to service the logon request.

if you use the net time or net view command from a CMD.EXE window or batch file, you receive:

        System error 5 has occurred. Access is denied.

If you try to replicate domain controllers from different domains, you receive:

        The Active Directory Object could not be displayed. A referral was returned from the server.

If you run nltest /sc_query:.., you receive:

        Trusted DC Connection Status Status = 1311 0x51f ERROR_NO_LOGON_SERVERS

This behavior will result if your firewall incorrectly truncates UDP (User Datagram Protocol) packets.

To resolve this problem, fix your firewall. If you can't, force Kerberos to use TCP instead of UDP, and set the MaxPacketSize Value Name, a REG_DWORD data type, to a data value of 2000.



Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like