Microsoft KB Archive/251250

= NTFRS Event ID 13557 Is Recorded When Duplicate NTDS Connection Objects Exist =

Article ID: 251250

Article Last Modified on 10/31/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server

-



This article was previously published under Q251250



SYMPTOMS
Event error 13557 may be recorded in the File Replication service (FRS) event logs on domain controllers or member servers. In addition, files and folders on DFS and Sysvol replica members may be inconsistent. The recorded event in Event Viewer is:

Event Type: Error

Event Source: NtFrs

Event Category: None

Event ID: 13557

Date: MM/DD/YYYY

Time: HH:MM:SS AM/PM

User: N/A

Computer:

Description:

The File Replication Service has detected a duplicate connection object between this computer " " and a computer named " ".

This was detected for the following replica set:

"DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"

This is not allowed and replication does not occur between these two computers until the duplicate connection objects are removed.

It is possible that this is a transient issue caused by Active Directory replication delays associated with updating FRS configuration objects. If file replication does not take place after an appropriate waiting time (which could be several hours if cross-site Active Directory replication is required), you must manually delete the duplicate connection objects by following these steps:
 * 1) Start the Active Directory Sites and Services snap-in.
 * 2) Click Sites, click  , click Servers, click  , and then click NTDS Settings.
 * 3) Look for duplicate connections from   in site.
 * 4) Delete all but one of the connections.



CAUSE
Duplicate NTDS connections objects can block replication of files and folders between FRS replica members when duplicate connection objects exist.



RESOLUTION
Delete duplicate connections objects between direct replication partners that are noted in the event text.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
The File Replication service (Ntfrs.exe) uses the Active Directory replication topology, schedule, and connection objects to replicate the SYSVOL contents between domain controllers in the same domain. Connection objects may be automatically generated by the Active Directory replication topology generator (KCC), a process in Lsass.exe that runs every 15 minutes, or by the administrator using the Active Directory Sites and Services snap-in (Dssites.msc).

The KCC attempts to build a spanning tree for all naming contexts (domain, schema, and configuration). Generally, the spanning tree algorithm strives to have one intersite connection between any two pair of sites. However, the KCC or an administrators may create duplicate connection objects between a given pair of Active Directory replication partners in the same domain.

The KCC may create duplicate connection objects in the following situation: Two systems in a site, both believing that they are the site topology generator, each make a connection on behalf of a third server in the site that is the real bridgehead. When the partition clears up, a duplicate connection on that bridgehead to the same remote server may exist for a brief period until the KCC cleans up the unnecessary one.

An administrator may create duplicate connection objects when more than one administrator, typically at different Active Directory sites, adds manual connection objects. Or, seeing no KCC-generated connection, the administrators add manual connections in a remote site where a KCC-generated site has not yet been replicated.

Administrator-generated connection objects are never removed or overridden by the KCC.

The KCC manages duplicate connection objects in the following manner:
 * It favors administrator-created (manual) connection objects over automatic connection objects.
 * If more than one manual connection object exists, it uses the last one (newer over older).
 * If more than one connection object exists with same create time and type (manual or automatic), it arbitrarily selects one (with manual connections favored over KCC-generated connections).

If multiple connections exist between  and , FRS treats it as an invalid configuration, skipping both connections and halting outbound replication on the server(s) that are experiencing duplicates. If these connections are generated by the KCC, the redundant connection is eventually removed. Manual connections that are created by an administrator are not deleted by the KCC.

Replicated Dfs
FRS uses the connection objects and topology built and maintained by Distributed File System Manager (Dfsgui.msc) between Dfs root and child nodes participating in a Dfs replica set. The replication topology built by Dfs is a full mesh and is not dynamically generated. Windows 2000 does not provide a tool to modify the connection objects for Dfs replicas, so it is less susceptible to this problem. However, if duplicate connections are created programmatically, the problem could potentially be experienced in Dfs replication.

Additional query words: frs ntfrs w2000frs

Keywords: kbdfs kbenv kbprb KB251250

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.