Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Win 2003 server has 2 sets of NTDS settings in AD sites/services, event ID: 1864

Posted on 2006-03-22
3
Medium Priority
?
293 Views
Last Modified: 2012-05-05
Background: I was rolling out new DC machines (and demoting/removing the old ones) to my network by loading several, then trudging around and installing them in my various buildings.  I let one slip behind other "priority projects" so it got tombstoned and stopped AD replication... I ended up bringing the bad DC back into my office, then using the trick with Netdom to reset the password to bring the machine back into the fold.  I have reset the secure channel and then it looked like replication started up again...(used REPLMON to check)...

Issue:  If I look at AD sites & services on this DC and now others in my network, this DC shows two sets of NTDS settings under the DC, one that has funny characters in it, the other looking like it should.  The NTDS settings that I think are correct have links to three good DCs, and for some silly reason, this DC is trying to make an automatic connection to ITSELF!!  I am getting NTDS errors with event ID: 1864.  How do I get rid of the latency errors and make sure that AD IS replicating and how do I kill the strange looking NTDS object on this DC?

Thanx for the help!

Here is the dump from DCDIAG:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: West_Main_Elementry\WMAIN-DC
      Starting test: Connectivity
         ......................... WMAIN-DC passed test Connectivity

Doing primary tests
   
   Testing server: West_Main_Elementry\WMAIN-DC
      Starting test: Replications
         REPLICATION-RECEIVED LATENCY WARNING
         WMAIN-DC:  Current time is 2006-03-22 11:19:31.
            CN=Schema,CN=Configuration,DC=ravenet,DC=rcs
               Last replication recieved from WMAIN-DC at 2006-01-03 07:39:12.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!
            CN=Configuration,DC=ravenet,DC=rcs
               Last replication recieved from WMAIN-DC at 2006-01-03 07:39:33.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!
            DC=ravenet,DC=rcs
               Last replication recieved from WMAIN-DC at 2006-01-03 07:39:54.
               WARNING:  This latency is over the Tombstone Lifetime of 60 days!
         ......................... WMAIN-DC passed test Replications
      Starting test: NCSecDesc
         ......................... WMAIN-DC passed test NCSecDesc
      Starting test: NetLogons
         ......................... WMAIN-DC passed test NetLogons
      Starting test: Advertising
         ......................... WMAIN-DC passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... WMAIN-DC passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... WMAIN-DC passed test RidManager
      Starting test: MachineAccount
         ......................... WMAIN-DC passed test MachineAccount
      Starting test: Services
         ......................... WMAIN-DC passed test Services
      Starting test: ObjectsReplicated
         ......................... WMAIN-DC passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... WMAIN-DC passed test frssysvol
      Starting test: frsevent
         ......................... WMAIN-DC passed test frsevent
      Starting test: kccevent
         ......................... WMAIN-DC passed test kccevent
      Starting test: systemlog
         ......................... WMAIN-DC passed test systemlog
      Starting test: VerifyReferences
         ......................... WMAIN-DC passed test VerifyReferences
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : ravenet
      Starting test: CrossRefValidation
         ......................... ravenet passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ravenet passed test CheckSDRefDom
   
   Running enterprise tests on : ravenet.rcs
      Starting test: Intersite
         ......................... ravenet.rcs passed test Intersite
      Starting test: FsmoCheck
         ......................... ravenet.rcs passed test FsmoCheck

0
Comment
Question by:Stephen York
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
Mazaraat earned 2000 total points
ID: 16259125
The easiest thing to do would be dcpromo that server, clean up AD by removing any references to the DC.  Then after you are sure its all gone, DCpromo thatserver back into the domain and reconfigure sites and services.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
LVL 1

Author Comment

by:Stephen York
ID: 16259335
Grrr - I was thinking the same thing, but wanted to avoid taking a production machine off-line...  Good thing I drive quickly and work fast... I will not be able to do this until next week - I will post after that...
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 16430858
Thanks! Glad to be of help =)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question