Active Directory replication

[Guest]

I have 60 domain controller in the same domain and many sites. I just bring
back online an obsoletes DC that have more than 60 days. This DC doesn't want
to replicate with no DCs in the entire domain/forest. I tried many solution
as in:

- Reset the security Channel with the domain PDC Emulator
- Tried a lot of query with Repadmin (No replication partner automatically
generated)
- I delete the Netlogon files in the C:\Winnt\System32\Config folder
- Recreate the Active Directory DNS zone

 

[ade]

How about run dcpromo to demote, then run again to promote?

 

[Herb Martin]

I have 60 domain controller in the same domain and many sites. I just bring
back online an obsoletes DC that have more than 60 days. This DC doesn't want
to replicate with no DCs in the entire domain/forest. I tried many solution
as in:

- Reset the security Channel with the domain PDC Emulator
- Tried a lot of query with Repadmin (No replication partner automatically
generated)
- I delete the Netlogon files in the C:\Winnt\System32\Config folder
- Recreate the Active Directory DNS zone

None of the above is relevant.

You must DCPromo (cycle) it -- first DCPromo to non-DC,
then optionally DCPromo back to a (new) DC.

You will likely need to use the DCPromo /forceremoval switch
and then clean up the AD on the remaining DCs with NTDSUtil
"Metadata Cleanup":


NTDS metadata cleanup

Search Google for:

[ NTDS "metadata cleanup" remove DC Domain ]

No need to add either site:microsoft.com OR microsoft:
since the NTDS and other terms make it Microsoft specific
by itself.

Unless you WISH to restrict answers to the site:microsoft.com
for some reason.

[ NTDS "metadata cleanup" remove DC Domain site:microsoft.com ]

Key points to NOTE when doing the metadata cleanup:

You CONNECT to a WORKING DC.
You SELECT the missing/dead DC or DOMAIN

'Connect' and 'Select' are technical terms in this context.

 

[Guest]

Hi,

I didn't try yet but I want to troubleshoot the problems for future problem

Thanks, all

 

[Cary Shultz [A.D. MVP]]

As Herb stated, you are having problems because your DC has been off-line
for more than the 'tombstone' time-frame of 60 days.

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Joe Richards [MVP]]

And you really really really don't want to bring this on line. It is a case of
the domain controller knowing more about how things work than you do. It knows
that if it comes on line it has the opportunity to really mess your directory up
in ways you probably wouldn't understand until you ran into some really messy
issues where you were truly in trouble. This functionality can be overridden but
I do not ever recommend someone do it.

joe

 

[Cary Shultz [A.D. MVP]]

Exactly!

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Guest]

Thanks guys,

Nic

Exactly!

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com