?
Solved

DC in remote site isn't replacting after PDC failure

Posted on 2010-08-23
4
Medium Priority
?
305 Views
Last Modified: 2013-11-05
Over the weekend our main domain controller failed.  I've transferred roles and cleaned up metadata using ntdsutil.  A DC in a remote site doesn't seem to be replicating properly; when I run "dcdiag /test:Knowsofroleholders /v' on it, it has the wrong server listed in the FSMO roles.

How can I be sure that it's replicating, and what else should I check?
0
Comment
Question by:David Williamson
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 33502570
If the box failed did you seize the FSMO roles?
Check the logs on that DC, use dcidag, and repadmin  (/showreps /replsummary and /showrepl are decent switches)
You can also check FSMO holders by  
netdom query fsmo
Is this the only box that is reportin gthe wrong FSMO holders?
Thanks
Mike
0
 
LVL 2

Author Comment

by:David Williamson
ID: 33502713
Yes, I seized the roles on another local DC.  Running readmin /showreps, a replication attempt to the new holder of all the FSMO roles shows "Last attempt @ (never) was successful."

running 'netdom query fsmo' on the remote server shows mixed results.  It has one of the roles correctly listed (Schema Master), but the rest still show the failed server name.  Running that same command on the new recipient of the seized roles shows that it has all the roles assigned.

0
 
LVL 2

Author Comment

by:David Williamson
ID: 33502742
I just ran dcdiag /fix, and re-ran the netdom query, and now the remote DC shows all the proper roles!

What else should I verify before calling it good?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33503123
double check the event logs (directory services and FRS logs)  Just to make sure there are no other issues.  Nice work!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month16 days, 17 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question