• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 248
  • Last Modified:

Active Directory Replication

Our network has been disjoined from a corporate AD topology. We have a PDC, Exchange Server and various member servers.
Q. Is there a time limit in which AD will stop working if the local PDC does not see the FSMO master ?
0
rvincenty
Asked:
rvincenty
3 Solutions
 
LazarusCommented:
Do you expect to rejoin the domain with the FSMO soon, or is this permenant?
It's it's permenant, seize the FMSO roles
http://www.jsifaq.com/SF/Tips/Tip.aspx?id=2728
0
 
LazarusCommented:
This link might be useful to you as well. http://www.geocities.com/bipinsavalia/MCSE/ImplementingandAdministeringWindows2000DirectoryServiceInfrastructure.htm
I'm not aware of a persay time limit, but you will start having troubles after awhile for sure.
0
 
garyraffertyCommented:
There is not a time limit that i am aware of but for certain functions the server will need to access the FSMO role see below

Schema master - failure will only be noticeable to admins when they are trying to modify the schema - it will not affect network users. Seizing the role to the standby should only be done when the master has failed permanently. Use the AD Schema MMC snap-in to transfer roles.

Domain naming master - failure will only be noticeable to admins when they are trying to add or remove domains - it will not affect network users. Seizing the role to the standby should only be done when the  master has failed permanently. Use the AD Domains and Trusts console to transfer roles.

RID master - failure is not visible to network users. Admins will notice it is dead if they are trying to create objects in a domain that has run out of relative identifers. Don't seize the role to the standby unless the master has failed permanently. Use the AD Users and Computers (dsa.msc) console to transfer roles.

Infrastructure master - failure is not visible to network users. Will only be visible to admins if they have recently renamed and moved a large number of accounts. Role can be seized to a DC that is not a global catalog server but is well-connected to one - the role can be returned to the original later on. Use the AD Users and Computers (dsa.msc) console to transfer roles.

PDC emulator - affects network users, especially those using non W2K clients. Role may need to be seized to the standby immediately. The role can be returned to the original DC later on when it has been brought back online. Use the AD Users and Computers (dsa.msc) console to transfer roles.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
feptiasCommented:
"AD sites must replicate at least every 60 days. AD will start to throw away objects that have not been used for 60 days or more, so if you have two sites that become disconnected for more than 60 days then the DC's on one site might have a different picture of the AD universe than the DC's at other sites."

This was extracted (loosely) from the book by Mark Minasi, Mastering Windows Server 2003, Copyright Sybex. I assume he knows what he is talking about. He goes on to strongly recommend that you should not reconnect a DC to the network that has been unable to replicate to the AD for more than 60 days.

I would not expect this to mean that "AD will stop working" at one site after 60 days, just that there will be irreconcilable differences between the AD's on the two sites.

Hope this helps.

0
 
rvincentyAuthor Commented:
We will not join the previous domain anymore. I need to keep the same AD scheme past the 60 days. I assume once I seize the FSMO roles to the local DC and "clean" the AD from those objects that I don't need, I should be OK ?
0
 
LazarusCommented:
you should be ok, yes. Just seize the FMSO roles and all should be well.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now