Ok here we go! Thanks in advanced for anyone that takes the time to look at this post.
I came into a network admin position where the active directory was set up in a complete mess. There are two Domain controllers DC1(Abox) (pdc)win2000 and DC2 (Bbox)win2k3. the old IT admin was a complete idiot and rebuilt DC2 (Xbox) but did not demote all of the roles properly and just ended up renaming the DC (Xbox)to make (Bbox) work and then kept the schema master as the old offline DC (Xbox)that was rebuilt, which has totally snowballed. It look like he kept the same ip address of the rebuilt DC (Xbox)and just changed the name cause he could not get it to work because he did not demote the roles and transfer them.
DC1 (Abox)seems to have obtained most of the roles except for the Schema that states it is offline. I seized this role but it with metadata cleanup but did not transfer the role to anyone of the DCs. It now says on the Active Directory Schema for operations manager Current Focus DC1(Abox) but current is Error.
DC1(Abox) is not showing any errors in the event logs and is only showing one error in the dcdiag output with a Warning: CN="NTDS Settings in Knowsofroleholder for the schema, which is the old DC(Xbox) that is offline. see attached file. DC2(Bbox) and DC1(Abox) are not replicating at all but they have before because they both have the same information in them, they are able to ping each other and the DNS is set up as standard primary on DC1 and secondary on DC2 and these seem to be transferring fine. When I try and run Netdom query Fsmo on DC1(Abox) I get Rpc server unavailable. I am getting a lot of errors on DC2(Bbox) in system, applications, and Directory service. see attached file errors.txt
One of the errors on this that have have researched is a Kerberos event ID 4 See below.
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/Bbox.domainname.com. The target name used was cifs/Bbox.domainname.com. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (domainname.com), and the client realm. Please contact your system administrator.
I have used Ldp.exe to try and find a duplicate SPN but it is only finding 1 result and in the Active Directory User and computers there are not any indications of a duplicate computer or user any where. I have checked the DNS and took out all of the old (xbox) records in the DNS and in Active Directory user and compters. The test come back fine from the dnslint and other dns test that I have ran. When I try to manage dhcp remotely there seem to be showing two DCHPs with the same scope on DC2(Bbox) one with the name bbox.domainname.com and domainname.com with two separate ips addresss but when I am logged onto that box I only show one. Could this be my bad apple?
I have search all of the tech sites for Microsoft and tried everything that I felt safe doing. I have not demoted the DC2(Bbox) and try to premote it back can I do this without causing issues on the network. I did power it down and our users starting having trouble getting around on the network and I believe this was due to them having DC2 in their DNS as the primary server. So I have fixed the DHCP to give out the Dns for DC1(Abox). But havent tried to take it down again and will try that this coming weekend. This last admin has really made my life hell with this network. There was an NTDS server for (xbox) that after seizing the role I was able to take out. But it looks like this (xbox) is still lingering in the network somewhere.
I want to prevent myself from rebuilding this box. This is a very old network and With the last admins in experience there is a lot of things that effect one another and there is no redundancy, so I want to be able to find the issue so it is not around any longer then I can start building the network over the right way.
I have attached some files that should help. One is the Event errors from DC2(bbox) and the other are the Dcdiag from DC1 and DC2.