Link to home
Start Free TrialLog in
Avatar of rbrock1010

asked on

I continue to get an error on one of my Doman Controllers related to an old DC that may have been removed incorrectly (by not using DCPROMO)

I get the following error (see below) on one of my Domain Controllers (SERVER02). The problem is there is no such machine named SERVER03 on my network. I've recently inherited this network from a previous admin, so there may have at one time been a SERVER03, but now there is not. How can I get this machine out of my File Replication Service?

Ive successfully tried all the following suggestions&

1.      Removing the machine using NTDSUTIL from the command line
2.      Using ADSIEdit to delete the computer account in the OU=Domain Controllers,DC=domain...
3.      Using ADSIEdit to delete the FRS member object in CN=Domain System Volume (SYSVOL share),CN=file replication service,CN=system....
4.      In the DNS console, using the DNS MMC to delete the cname (also known as the Alias) record in the _msdcs container.
5.      In the DNS console, usings the DNS MMC to delete the A (also known as the Host) record in DNS.

&from these articles&

&but still continue to get the error

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 7/20/2008
Time: 5:09:29 PM
User: N/A
Computer: SERVER02
The File Replication Service is having trouble enabling replication from SERVER03 to SERVER02 for c:\windows\sysvol\domain using the DNS name FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name from this computer.
[2] FRS is not running on
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

You've allowed time for the removal to replicate since doing that?

Is there another DC at all? Or just Server02 now?

If there are more DCs, is replication working? "repadmin /showreps" will help you check that.


Avatar of rbrock1010


Chris: Yes, I've allowed almost two weeks for the replication.

Yes, there are six other DC's.

"repadmin /showreps" shows that all servers were successful with the exception of SERVER04.  I've pasted the error below

    SITE02\SERVER04 via RPC
DC object GUID: 1b09e905-8897-49cb-88d8-938086f83ff7
Last attempt @ 2008-07-23 10:45:16 failed, result 1753 (0x6d9):
There are no more endpoints available from the endpoint mapper.
41251 consecutive failure(s).

Not that Server04 should cause your others to show replication errors to Server03. But...

When was the last successful replication for that one?

41000 failures is a hell of a lot. The error message normally indicates an RPC connectivity issue.

Otherwise two weeks is plenty ;) Is Server03 still listing itself in AD Sites and Services at all? It's unusual that it's listing itself as a name rather than a GUID here, it implies the object is still present in the directory.

SERVER03 is no where else to be found.  I've scoured AD, AD Sites and Services, and  sifted through all the NTDSUTIL metainfo.  The ONLY place that I see any reference to SERVER03 is in the event log error that I posted.

I agree, SERVER04 should not cause error to SERVER03, but maybe I need to sort out SERVER04's problems first.  I tried to get a little more info from SERVER04, but it doesn't even have a File Replication Service event log.  The server doesn't even look like a DC, although AD is reporting it as a DC.

Good stuff, always nice when you find things like that.

It looks like we'll have to resort to DCDiag and NetDiag then, or did you already run those?

Hmmm...., here are my DCDIAG results.  If DCDIAG says it's not a DC then why does AD think it is?


Domain Controller Diagnosis

Performing initial setup:
   ***Error: SERVER04 is not a DC.  Must specify /s: or
   /n: or nothing to use the local machine.


The NETDIAG results all came back as passed.
Ok, things are getting really fishy now.  Active Directory reports TWO machines with the exact same name.  SERVER04 which is in the Domain Controllers container and then SERVER04 which is in the Member Servers container.  How can that be?
I tried to delete SERVER04 from the Domain Controllers container, but since Active Directory thinks it's a DC, Active Directory suggested that I demote it through DCPROMO.  

So I tried to demote SERVER04 using DCPROMO, but DCPROMO doesn't give me the option because DCPOMO doesn't recognize the machine as a DC.


That sounds like the DC was killed, but then rejoined to the domain. That makes sense if it's a member server now, it'll have a new GUID and won't actually be a DC at all.

Perhaps see which account the computer thinks it owns? This little bit of VbScript (.vbs) will do that:
Set objADSysInfo = CreateObject("ADSystemInfo")WScript.Echo objADSysInfo.ComputerName

If you find it's using the member server version you'll have to clean out the DC version using Metadata Cleanup as before.

Unfortunately, the VbScript result says that the machine belongs in the Domain Controllers container.  This is what is such a pain, because when I run DCPROMO, it wants to create a DC and not demote the DC.
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
It runs as a file server and is hit all day long.  I'll try dropping it out of the domain and doing a cleanup.  If that doesn't work, I guess I'll have to rebuilt it.

Thanks so much for the help.