?
Solved

DC in remote site isn't replacting after PDC failure

Posted on 2010-08-23
4
Medium Priority
?
303 Views
Last Modified: 2013-11-05
Over the weekend our main domain controller failed.  I've transferred roles and cleaned up metadata using ntdsutil.  A DC in a remote site doesn't seem to be replicating properly; when I run "dcdiag /test:Knowsofroleholders /v' on it, it has the wrong server listed in the FSMO roles.

How can I be sure that it's replicating, and what else should I check?
0
Comment
Question by:theamzngq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 33502570
If the box failed did you seize the FSMO roles?
Check the logs on that DC, use dcidag, and repadmin  (/showreps /replsummary and /showrepl are decent switches)
You can also check FSMO holders by  
netdom query fsmo
Is this the only box that is reportin gthe wrong FSMO holders?
Thanks
Mike
0
 
LVL 2

Author Comment

by:theamzngq
ID: 33502713
Yes, I seized the roles on another local DC.  Running readmin /showreps, a replication attempt to the new holder of all the FSMO roles shows "Last attempt @ (never) was successful."

running 'netdom query fsmo' on the remote server shows mixed results.  It has one of the roles correctly listed (Schema Master), but the rest still show the failed server name.  Running that same command on the new recipient of the seized roles shows that it has all the roles assigned.

0
 
LVL 2

Author Comment

by:theamzngq
ID: 33502742
I just ran dcdiag /fix, and re-ran the netdom query, and now the remote DC shows all the proper roles!

What else should I verify before calling it good?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33503123
double check the event logs (directory services and FRS logs)  Just to make sure there are no other issues.  Nice work!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question