Azure – DFS replication

We’ve implemented a DC in the azure platform running windows 2016 connected to On-Prem using a site to site VPN connection.

We’ve confirgured the DC to replicate a DFS share between this server and one on-Prem.

The DFS replication will work and then it will stop after a short while. When I say a while it might transfer around 5 gig of data and then stops.

If I reboot the server DFS kicks back in and transfer another load of data.

DFS errors show:

DFS could not contact the Server01.domain.local Active Directory. DFS will be using cached data. The return code is in the record data. 

To add to the list of issues with this server, it also appears that its unable to contact the PDC.

Active directory seems to fail to replicate, but straight after a reboot its fine.

I’m receiving the following errors from AD.

The attempt to establish a replication link for the following writable  directory partition failed.   Directory partition:  CN=Configuration,DC=domain,DC=local  Source directory service:  CN=NTDS Settings,CN=Server01,CN=Servers,CN=Default-First-Site-  Name,CN=Sites,CN=Configuration,DC=domain,DC=local  Source directory service address:  584a3973-2ce1-4c97-aa64-a9f46deb936f._msdcs.domain.local  Intersite transport (if any):  CN=IP,CN=Inter-Site  Transports,CN=Sites,CN=Configuration,DC=domain,DC=local   This directory service will be unable to replicate with the source  directory service until this problem is corrected.   User Action  Verify if the source directory service is accessible or network  connectivity is available.   Additional Data  Error value:  1727 The remote procedure call failed and did not execute 

I’ve checked the following:

  • Both Firewalls are off on the machines.
  • The Time on the domain controllers are all the same.
  • All updates have bee applied.
  • On prem domain controller is running 2008 R2
  • Domain functional level is 2008 r2 and so is forest.
  • All DC’s 2 On Prem and 1 in Azure point to their Private IP address for DNS and then other DC as secondary IP.
  • I’ve checked ports aren’t been blocked anywhere.

I’ve already replication 90GB of data, so it does work to a degree and the SYSVOL folder is all up to date with policies and scripts. I can create an account in AD and its replicated on the Azure DC (before it stops replicating)

I can run a constant Ping over the VPN and it returns a consistent 14ms response. So connectivity is fine.

Any ideas?