Active Directory Replication Problem

Posted on 2007-08-10
Last Modified: 2013-11-05
Server 1 is the Operations Master for our domain. Recently Server 2 was introduced and stored a copy of Active Directory. Server 1 was taken offline for a while. 40+ computers were then added to the domain via Server 2. Then Server 1 was brought back online and replication will not occur. I have used the Repamin tool to verify that the reason the servers will not synchronize is because Server 2 has reached the tombstone period and cannot be synchronized.
Can anyone tell me how I can sync these servers back together without haveing to demote Server 2, lose all of the computer accounts and have to join Server 2 and the 40+ computers back to the domain.
Question by:dbsltd
    LVL 30

    Expert Comment

    If Server1 was taken offline for longer than 60 days, it is useless from an Active Directory perspective.  By returning this DC to your domain, you have placed yourself in a USN Rollback condition, described here:

    In a nutshell, you will need to forcibly remove Server1 from Active Directory using the dcpromo /forceremoval option, then perform a metadata cleanup of Server1 from Server2 as described here: (If you did not transfer/seize the FSMO roles from Server1 to Server2 when Server1 was taken offline, do so now as described here: But mostly you should read and follow all of the instructions in KB 875495 in order to correct this issue.  Once the issue has been corrected, you can re-run dcpromo on Server1 to re-introduce it as a domain controller within Active Directory.


    Author Comment

    What about the fact that Server 1 (orignal server) is the operations master for the domain? Do I need to do anything here?

    Thanks for your quick response.
    LVL 30

    Accepted Solution

    "If you did not transfer/seize the FSMO roles from Server1 to Server2 when Server1 was taken offline, do so now as described here:"

    Author Comment

    Thank you very much. Worked a treat.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    Learn about cloud computing and its benefits for small business owners.
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now