Active Directory replication

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I have 60 domain controller in the same domain and many sites. I just bring
back online an obsoletes DC that have more than 60 days. This DC doesn't want
to replicate with no DCs in the entire domain/forest. I tried many solution
as in:

- Reset the security Channel with the domain PDC Emulator
- Tried a lot of query with Repadmin (No replication partner automatically
generated)
- I delete the Netlogon files in the C:\Winnt\System32\Config folder
- Recreate the Active Directory DNS zone
7 answers Last reply
More about active directory replication
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "Nic" <Nic@discussions.microsoft.com> wrote in message
    news:B05F92EC-128F-4373-9265-2757E7FE9F7C@microsoft.com...
    > I have 60 domain controller in the same domain and many sites. I just
    bring
    > back online an obsoletes DC that have more than 60 days. This DC doesn't
    want
    > to replicate with no DCs in the entire domain/forest. I tried many
    solution
    > as in:
    >
    > - Reset the security Channel with the domain PDC Emulator
    > - Tried a lot of query with Repadmin (No replication partner automatically
    > generated)
    > - I delete the Netlogon files in the C:\Winnt\System32\Config folder
    > - Recreate the Active Directory DNS zone

    None of the above is relevant.

    You must DCPromo (cycle) it -- first DCPromo to non-DC,
    then optionally DCPromo back to a (new) DC.

    You will likely need to use the DCPromo /forceremoval switch
    and then clean up the AD on the remaining DCs with NTDSUtil
    "Metadata Cleanup":


    NTDS metadata cleanup

    Search Google for:

    [ NTDS "metadata cleanup" remove DC Domain ]

    No need to add either site:microsoft.com OR microsoft:
    since the NTDS and other terms make it Microsoft specific
    by itself.

    Unless you WISH to restrict answers to the site:microsoft.com
    for some reason.

    [ NTDS "metadata cleanup" remove DC Domain site:microsoft.com ]

    Key points to NOTE when doing the metadata cleanup:

    You CONNECT to a WORKING DC.
    You SELECT the missing/dead DC or DOMAIN

    'Connect' and 'Select' are technical terms in this context.

    --
    Herb Martin, MCSE, MVP
    Accelerated MCSE
    http://www.LearnQuick.Com
    [phone number on web site]
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    As Herb stated, you are having problems because your DC has been off-line
    for more than the 'tombstone' time-frame of 60 days.

    --
    Cary W. Shultz
    Roanoke, VA 24012
    Microsoft Active Directory MVP

    http://www.activedirectory-win2000.com
    http://www.grouppolicy-win2000.com


    "Nic" <Nic@discussions.microsoft.com> wrote in message
    news:B05F92EC-128F-4373-9265-2757E7FE9F7C@microsoft.com...
    >I have 60 domain controller in the same domain and many sites. I just bring
    > back online an obsoletes DC that have more than 60 days. This DC doesn't
    > want
    > to replicate with no DCs in the entire domain/forest. I tried many
    > solution
    > as in:
    >
    > - Reset the security Channel with the domain PDC Emulator
    > - Tried a lot of query with Repadmin (No replication partner automatically
    > generated)
    > - I delete the Netlogon files in the C:\Winnt\System32\Config folder
    > - Recreate the Active Directory DNS zone
  3. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    How about run dcpromo to demote, then run again to promote?


    "Nic" <Nic@discussions.microsoft.com> wrote in message
    news:B05F92EC-128F-4373-9265-2757E7FE9F7C@microsoft.com...
    > I have 60 domain controller in the same domain and many sites. I just
    bring
    > back online an obsoletes DC that have more than 60 days. This DC doesn't
    want
    > to replicate with no DCs in the entire domain/forest. I tried many
    solution
    > as in:
    >
    > - Reset the security Channel with the domain PDC Emulator
    > - Tried a lot of query with Repadmin (No replication partner automatically
    > generated)
    > - I delete the Netlogon files in the C:\Winnt\System32\Config folder
    > - Recreate the Active Directory DNS zone
  4. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Hi,

    I didn't try yet but I want to troubleshoot the problems for future problem

    Thanks, all

    "ade" wrote:

    > How about run dcpromo to demote, then run again to promote?
    >
    >
    > "Nic" <Nic@discussions.microsoft.com> wrote in message
    > news:B05F92EC-128F-4373-9265-2757E7FE9F7C@microsoft.com...
    > > I have 60 domain controller in the same domain and many sites. I just
    > bring
    > > back online an obsoletes DC that have more than 60 days. This DC doesn't
    > want
    > > to replicate with no DCs in the entire domain/forest. I tried many
    > solution
    > > as in:
    > >
    > > - Reset the security Channel with the domain PDC Emulator
    > > - Tried a lot of query with Repadmin (No replication partner automatically
    > > generated)
    > > - I delete the Netlogon files in the C:\Winnt\System32\Config folder
    > > - Recreate the Active Directory DNS zone
    >
    >
    >
  5. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    And you really really really don't want to bring this on line. It is a case of
    the domain controller knowing more about how things work than you do. It knows
    that if it comes on line it has the opportunity to really mess your directory up
    in ways you probably wouldn't understand until you ran into some really messy
    issues where you were truly in trouble. This functionality can be overridden but
    I do not ever recommend someone do it.

    joe

    --
    Joe Richards Microsoft MVP Windows Server Directory Services
    www.joeware.net


    Cary Shultz [A.D. MVP] wrote:
    > As Herb stated, you are having problems because your DC has been off-line
    > for more than the 'tombstone' time-frame of 60 days.
    >
  6. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Exactly!

    --
    Cary W. Shultz
    Roanoke, VA 24012
    Microsoft Active Directory MVP

    http://www.activedirectory-win2000.com
    http://www.grouppolicy-win2000.com


    "Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
    news:OOu99wiVFHA.1404@TK2MSFTNGP09.phx.gbl...
    > And you really really really don't want to bring this on line. It is a
    > case of the domain controller knowing more about how things work than you
    > do. It knows that if it comes on line it has the opportunity to really
    > mess your directory up in ways you probably wouldn't understand until you
    > ran into some really messy issues where you were truly in trouble. This
    > functionality can be overridden but I do not ever recommend someone do it.
    >
    > joe
    >
    > --
    > Joe Richards Microsoft MVP Windows Server Directory Services
    > www.joeware.net
    >
    >
    > Cary Shultz [A.D. MVP] wrote:
    >> As Herb stated, you are having problems because your DC has been off-line
    >> for more than the 'tombstone' time-frame of 60 days.
    >>
  7. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Thanks guys,

    Nic

    "Cary Shultz [A.D. MVP]" wrote:

    > Exactly!
    >
    > --
    > Cary W. Shultz
    > Roanoke, VA 24012
    > Microsoft Active Directory MVP
    >
    > http://www.activedirectory-win2000.com
    > http://www.grouppolicy-win2000.com
    >
    >
    >
    > "Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
    > news:OOu99wiVFHA.1404@TK2MSFTNGP09.phx.gbl...
    > > And you really really really don't want to bring this on line. It is a
    > > case of the domain controller knowing more about how things work than you
    > > do. It knows that if it comes on line it has the opportunity to really
    > > mess your directory up in ways you probably wouldn't understand until you
    > > ran into some really messy issues where you were truly in trouble. This
    > > functionality can be overridden but I do not ever recommend someone do it.
    > >
    > > joe
    > >
    > > --
    > > Joe Richards Microsoft MVP Windows Server Directory Services
    > > www.joeware.net
    > >
    > >
    > > Cary Shultz [A.D. MVP] wrote:
    > >> As Herb stated, you are having problems because your DC has been off-line
    > >> for more than the 'tombstone' time-frame of 60 days.
    > >>
    >
    >
    >
Ask a new question

Read More

Domain Domain Controller Active Directory Windows