It turns out that our Riverbed WAN accelerators were the problem.
Don't know why that would be, but while working with MSFT support, I turned
off the optimization for the Riverbed at each end, and it went through with
nary a hiccup.
This worked without a flaw, creating one Replication Group, and then
creating many Replicated Folders under that RG, between two servers, and
it's supposed to be one-way replication, which I'll test tomorrow. It also
sets up the connection schedule, using the local time for the receiving
computer
However, I might not have gotten the connection schedule correct, because
when I check the schedule in the GUI, it's set up for full speed
replication 24x7, when it should be 512kbits/sec during the receiving
computer's business hours. I'm going to let that cook overnight to see if
that updates itself.
This was a fun project, modulo the frustration with getting the script past
the errors induced by the Riverbeds.
I'm not real proud of the script, as it does no error checking, no
prompting for user input, etc., but it got the job done. I've stripped out
the comments and write-host stuff for the sake of brevity, and wanted to
share it with y'all. Hope someone finds it useful.
Kurt
Tab-Delimited CSV, with header and one entry
----------Begin NewDFSr.csv----------
GroupName SourceComputer FolderName SourcePrimaryMember
SourceContentPath SourceStagingPathQuotaInMB DestinationComputer
DestinationContentPath DestinationReadOnly
US2AU-Engineering usfs01p TC-39.3 TRUE
K:\Engineering\TestCandidates\Folder1\CurrentVersions 10240
aufs01p E:\Engineering\TestCandidates\Folder1\CurrentVersions TRUE
----------End NewDFSR.csv----------
----------Begin Script----------
$NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv
$NewGroupName = "US2AU-Engineering"
New-DfsReplicationGroup -GroupName $NewGroupName
Add-DfsrMember -GroupName $NewGroupName -ComputerName usfs01p, aufs01p
Add-DfsrConnection -GroupName $NewGroupName -SourceComputerName
$SourceComputer -DestinationComputerName $DestinationComputer
Foreach ($Line in $NewDFSR)
{
$SourceComputer = $Line.SourceComputer
$FolderName = $Line.FolderName
$SourceContentPath = $Line.SourceContentPath
$SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB
$SourcePrimaryMember =
[System.Convert]::ToBoolean($Line.SourcePrimaryMember)
$DestinationComputer = $Line.DestinationComputer
$DestinationContentPath = $Line.DestinationContentPath
$DestinationReadOnly =
[System.Convert]::ToBoolean($Line.DestinationReadOnly)
New-DfsReplicatedFolder -GroupName $NewGroupName -FolderName $FolderName
Set-DfsrMembership -GroupName $NewGroupName -FolderName $FolderName
-ComputerName $SourceComputer -ContentPath $SourceContentPath
-PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB
$SourceStagingPathQuotaInMB -Force
Set-DfsrMembership -GroupName $NewGroupName -FolderName $FolderName
-ComputerName $DestinationComputer -ContentPath $DestinationContentPath
-ReadOnly $DestinationReadOnly -Force
}
Set-DfsrConnectionSchedule -GroupName $NewGroupName -SourceComputerName
$SourceComputer -DestinationComputerName $DestinationComputer -Day
1,2,3,4,5 -BandwidthDetail
"ffffffffffffffffffffffffffffffffffff66666666666666666666666666666666ffffffffffffffffffffffffffff"
Update-DfsrConfigurationFromAD -ComputerName
$SourceComputer,$DestinationComputer
----------End Script----------
On Mon, Jul 24, 2017 at 3:30 PM, Michael B. Smith <[email protected]>
wrote:
> And do you have errors in the DFS specific event logs?
>
>
>
> *From:* [email protected] [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Michael B. Smith
> *Sent:* Monday, July 24, 2017 6:22 PM
> *To:* [email protected]
> *Subject:* RE: [NTSysADM] RPC not available on remote machine while doing
> DFSR config
>
>
>
> 609 ms? Wow.
>
>
>
> I suspect that is a hint. Let’s do a bit more:
>
>
>
> rpcping -s aufs01p –i 100 –v 3
>
>
>
> and see what that tells us….
>
>
>
> *From:* [email protected] [mailto:listsadmin@lists.
> myitforum.com <[email protected]>] *On Behalf Of *Kurt Buff
> *Sent:* Monday, July 24, 2017 5:33 PM
> *To:* ntsysadm
> *Subject:* Re: [NTSysADM] RPC not available on remote machine while doing
> DFSR config
>
>
>
> I believe so:
>
> From my workstation:
> # rpcping -s aufs01p
> Completed 1 calls in 609 ms
> 1 T/S or 609.000 ms/T
>
> Kurt
>
>
>
> On Mon, Jul 24, 2017 at 1:13 PM, Michael B. Smith <[email protected]>
> wrote:
>
> Does rpcping agree?
>
>
>
> *From:* [email protected] [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kurt Buff
> *Sent:* Monday, July 24, 2017 4:04 PM
>
>
> *To:* ntsysadm
> *Subject:* Re: [NTSysADM] RPC not available on remote machine while doing
> DFSR config
>
>
>
> Seems to be...
>
> Kurt
>
>
>
> On Mon, Jul 24, 2017 at 12:50 PM, Ed Ziots <[email protected]> wrote:
>
> Is tcp 135 open via fw rules on remote host?
>
>
>
> On Jul 24, 2017 12:21 PM, "Kurt Buff" <[email protected]> wrote:
>
> So, fixing the MTU mismatch seems not to have worked. I left the physical
> interface MTUs on both sides at 1500, and set up the MTUs for the tunnel
> interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails
> at 1358 from both sides.
>
> I even took a single set of entries from my CSV file and unrolled the
> loop, manually replacing the variables with values, including FQDNs for the
> machine names.
>
> Same failure:
>
> # Add-DfsrMember -GroupName US2AU-Engineering -ComputerName
> usfs01p.example.com, aufs01p.example.com
>
> Add-DfsrMember : Could not add the computer to the replication group.
> Computer: aufs01p.example.com Replication group: "US2AU-Engineering" The
> remote procedure call failed
> At line:1 char:1
> + Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.exampl
> ..
> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> + CategoryInfo : NotSpecified: (aufs01p.example.com:String)
> [Add-DfsrMember], DfsrException
> + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException,
> Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand
>
> Additionally, I tried running the script on the DC in the AU office, and
> get the reciprocal failure (RPC failure, can't resolve the name of the US
> file server).
>
> Kurt
>
>
>
> On Mon, Jul 24, 2017 at 7:54 AM, Michael B. Smith <[email protected]>
> wrote:
>
> Yep, those MTUs. Because inconsistent RPC fragmentation can cause
> transactions to fail.
>
>
>
> *From:* [email protected] [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kurt Buff
> *Sent:* Monday, July 24, 2017 10:44 AM
>
>
> *To:* ntsysadm
> *Subject:* Re: [NTSysADM] RPC not available on remote machine while doing
> DFSR config
>
>
>
> MTUs? As in TCP/IP Maximum Transmission Units?
>
> I will check that and post back, but why would a mismatch in MTU show up
> as this?
>
> Kurt
>
>
>
> On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith <[email protected]>
> wrote:
>
> I’m certain you can google as well as I can – but after looking at 8-10
> results… are you sure you have matching MTUs?
>
>
>
> *From:* [email protected] [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kurt Buff
> *Sent:* Monday, July 24, 2017 1:10 AM
> *To:* ntsysadm
> *Subject:* Re: [NTSysADM] RPC not available on remote machine while doing
> DFSR config
>
>
>
> Ignore my earlier message from this evening. I've overcome some blindness
> on my part, and have a bit more information, though I fear it's not enough.
> I used this page for what looks to be a better way to handle the errors:
> https://stackoverflow.com/questions/38419325/catching-
> full-exception-message
>
> The red highlighted error is new - but I don't know why that's there. It's
> very strange, as both are 2012R2 servers, in the same domain, and I'm
> running this on my Win10 workstation with my DA credentials.
>
>
>
> ----------Begin revised script----------
> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv
> New-DfsReplicationGroup -GroupName US2AU-Engineering
> $GroupName = Get-DfsReplicationGroup US2AU-Engineering
> Foreach ($Line in $NewDFSR)
> {
> $GroupName = $Line.GroupName
> $SourceComputer = $Line.SourceComputer
> $FolderName = $Line.FolderName
> $SourceContentPath = $Line.SourceContentPath
> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB
> $SourcePrimaryMember = [System.Convert]::ToBoolean($
> Line.SourcePrimaryMember)
> $DestinationComputer = $Line.DestinationComputer
> $DestinationContentPath = $Line.DestinationContentPath
> $DestinationReadOnly = [System.Convert]::ToBoolean($
> Line.DestinationReadOnly)
> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName
> Try
> {
> Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer,
> $DestinationComputer
> }
> Catch
>
>
>
>
>
>
> * { $e = $_.Exception $msg = $e.Message while
> ($e.InnerException) { $e = $e.InnerException $msg +=
> "`n" + $e.Message }*
> $msg}
> Add-DfsrConnection -GroupName $GroupName -SourceComputerName
> $SourceComputer -DestinationComputerName $DestinationComputer -ErrorAction
> Stop
> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName
> -ComputerName $SourceComputer -ContentPath $SourceContentPath
> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB
> $SourceStagingPathQuotaInMB -Force
> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName
> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath
> -ReadOnly $DestinationReadOnly -Force
> }
> Set-DfsrConnectionSchedule -GroupName "US2AU-Engineering"
> -SourceComputerName "USfs01p" -DestinationComputerName "AUfs01p" -Day
> 1,2,3,4,5 -BandwidthDetail "ffffffffffffffffffffffffffffff
> ffffff66666666666666666666666666666666ffffffffffffffffffffffffffff"
> Update-DfsrConfigurationFromAD -ComputerName $SourceComputer,$
> DestinationComputer
>
> ---------End Revised Script----------
>
> Relevant output:
>
> ---------Begin snipped output----------
> Could not add the computer to the replication group. Computer: AUFS01P
> Replication group: "US2AU-Engineering" The remote procedure call failed
> *The operating system version of server AUFS01P cannot be retrieved.*
> The remote procedure call failed
> Add-DfsrConnection : The connection could not be added because DFS
> Replication could not find at least one source and one destination computer
> in the replication group, or because the
> source and destination computers were the same. Source computer: USFS01P
> Destination computer: AUFS01P Replication group: "US2AU-Engineering"
> At C:\BatchFiles\Configure-NewDFSR2.ps1:32 char:5
> + Add-DfsrConnection -GroupName $GroupName -SourceComputerName $Sou ...
> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> + CategoryInfo : ObjectNotFound: (:) [Add-DfsrConnection],
> DfsrException
> + FullyQualifiedErrorId : Add-DfsrConnection.NoDistinctMemberPairs,
> Microsoft.DistributedFileSystemReplication.Commands.
> AddDfsrConnectionCommand
> ---------End snipped output----------
>
>
>
> On Fri, Jul 21, 2017 at 8:27 PM, Michael B. Smith <[email protected]>
> wrote:
>
> What is the InnerException of the error?
>
>
> -----Original Message-----
> From: [email protected] [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Kurt Buff
> Sent: Friday, July 21, 2017 11:11 PM
> To: ntsysadm
> Subject: [NTSysADM] RPC not available on remote machine while doing DFSR
> config
>
> All,
>
> I'm re-doing the DFSR config for the file servers in our US and AU
> offices. The US has a bunch of directories that will be replicated to AU
> (but not back). No big deal, but the PowerShell script I'm writing is
> killing me. I don't know if I'm running into a time out problem, or what it
> might be.
>
> I'm running the script from Redmond on my laptop.
>
> Here's the script, which should Just Work(tm):
> ----------
> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv
>
> New-DfsReplicationGroup -GroupName US2AU-Engineering
> $GroupName = Get-DfsReplicationGroup US2AU-Engineering
>
> Foreach ($Line in $NewDFSR)
> {
> $GroupName = $Line.GroupName
> $SourceComputer = $Line.SourceComputer
> $FolderName = $Line.FolderName
> $SourceContentPath = $Line.SourceContentPath
> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB
> $SourcePrimaryMember =
> [System.Convert]::ToBoolean($Line.SourcePrimaryMember)
> $DestinationComputer = $Line.DestinationComputer
> $DestinationContentPath = $Line.DestinationContentPath
> $DestinationReadOnly =
> [System.Convert]::ToBoolean($Line.$Line.DestinationReadOnly)
>
> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName
> Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer,
> $DestinationComputer
> Add-DfsrConnection -GroupName $GroupName -SourceComputerName
> $SourceComputer -DestinationComputerName $DestinationComputer
> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName
> -ComputerName $SourceComputer -ContentPath $SourceContentPath
> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB
> $SourceStagingPathQuotaInMB -Force
> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName
> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath
> -ReadOnly $DestinationReadOnly -Force
> }
> ----------
>
> But it fails the Add-DfsrMember command, when trying to add the AU file
> server:
> ----------
> Add-DfsrMember : Could not add the computer to the replication group.
> Computer: ZAUFS01P Replication group: "US2AU-Engineering" The remote
> procedure call failed
> At C:\BatchFiles\New-DfsrConfiguration.ps1:19 char:2
> + Add-DfsrMember -GroupName $GroupName -ComputerName $SourceCompute
> ...
> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> + CategoryInfo : NotSpecified: (ZAUFS01P:String)
> [Add-DfsrMember], DfsrException
> + FullyQualifiedErrorId :
> Add-DfsrMember.NonTerminatingOMException,Microsoft.
> DistributedFileSystemReplication.Commands.AddDfsrMemberCommand
> ----------
>
> However, if I RDP to that file server, I see this, which to me indicates
> that it *is* listening:
> ----------
> C:\Windows\system32>winrm enumerate winrm/config/listener
> Listener [Source="GPO"]
> Address = *
> Transport = HTTP
> Port = 5985
> Hostname
> Enabled = true
> URLPrefix = wsman
> CertificateThumbprint
> ListeningOn = 10.212.1.30, 127.0.0.1, ::1,
> fe80::a9e7:6f85:8115:b4ed%16
> ----------
>
> Heck, I even stood up wireshark on my laptop, from which I'm running this
> script, and see traffic to that server, though I can't quite figure out the
> conversation - but I have a 48kb capture file detailing the transaction for
> the attempted configuration of a single directory, if anyone wants that.
>
> Kurt
>
>
>
>
>
>
>
>
>
>
>
