DC3 Object Appears in Active Directory

G

Guest

A DC3 object appeared in AD and started causing errors in the File
Replication Service. We currently have only two DC's and never created a
third, so the issue is "Where did it come from?". It also generated Event ID
13508 errors in the File Replication Services in Event Viewer.
 
J

Jorge de Almeida Pinto [MVP - DS]

use NTDSUTIL to clean its metadata and afterwards manually delete the server
object in sites and services

also look at:
MS-KBQ216498_How to remove data in Active Directory after an unsuccessful
domain controller demotion

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
 
G

Guest

Thanks for your advice Jorge. We had some issues with NTDSUTIL so had to use
ADSIEdit to remove the object. This appears to have worked as there have
been no further errors. It would be nice if I could explain to my customers
the reason for the problem; do you have any idea why the dc3 object suddenly
appeared?
 
G

Guest

Jorge,

The DC3 is appearing as a server object along with our two Domain
Controllers DC01 and Dc02. That's why I’m struggling to find a reason as to
how it could suddenly appear when there is no physical server, nor has there
ever been a third Domain Controller.--
SJK
 
J

Jorge de Almeida Pinto [MVP - DS]

OK...

remember, if there are other domain admins, ask them first (assuming you
already did) if they know anything

if you have auditing enabled (directory service access - enabled by default
but not the SACL you need is not configured by default)

to determine WHERE and WHEN the object was created:
determine the distinguished name of the object (DN)

retrieve the AD metadata of the object using:
REPADMIN /SHOWOBJMETA <DC> "<object DN>"

see the whenCreated attribute of the object.
the objectClass attribute will tell where the object was created

remember that server objects as used by other servers also and not only DCs.
The server object just represents the server's ID in a common sense. The
object beneath the server object represents the ID of the server for the
service it provides. For example: the NTDS Settings objects IDs a server
with the DC role

if it is a DC and it is really not up and running, make sure you clean its
metadata
http://blogs.dirteam.com/blogs/jorge/archive/2005/12/03/213.aspx
--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
 
G

Guest

Jorge,

Thanks for you help and advice. I'll take a closer look at this using the
methods you've suggested.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

reviving ad after first dc crashed 3
Replication errors 6
DC issues 19
AD Replication and RPC 3
replication problem 3
Replication Errors 8
an URGENT problem in windows 2000 domain controllers 3
FRS Errors in the event viewer 2

Top