Solved

DC exceeded default tombstone lifetime

Posted on 2010-09-10
8
885 Views
Last Modified: 2012-05-10
Hi
My first DC in one site has been offline for more than 60days and so obviously have exceeded the default TSL (in ADSIEDIT, the integer is not set). I ran a Windows Server 2003 R2 SP2 DCs. My question is Can i adjust the TSL to 180 and reintroduce the DC without causing any issues on the domain? if not, how do i reintroduce the DC?
Do i force it out and promote the additional DC to the the first?
please help????!!!
0
Comment
Question by:adjaddy
8 Comments
 
LVL 3

Expert Comment

by:PlugThatInWhere
ID: 33649474
Your question is a bit confusing.
I get that your First DC is in remote site and been disconnected a long time.  So you must have a second DC local to you.  Correct?  How many?

- As the First DC has been disconnected for such a time, have you moved the FSMO roles to your local DC at anytime since it was offline?
- Do you need anything on the First DC?  Any AD changes that you want to keep?  Has it been Shut Down this entire time or supporting your users in that site?
0
 
LVL 2

Accepted Solution

by:
Antsoair earned 300 total points
ID: 33659232
Yes, the best thing to do is to remove it as a domain controller.  You probably will not be able to do that gracefully so you may need to clean up orphaned objects from AD.  Once it is completely removed.  Promote it back to a domain controller and it will work again.

I have not found a successful way to fix the error you describe without completely demoting it.

Remove orphaned domain controller: http://support.microsoft.com/kb/555846
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 33665980
you have to demote it and repromote it back in
0
 

Author Comment

by:adjaddy
ID: 33707467
Plugthatinwhere,
No, i have not ceased the FSMO roles yet. the additional DC at that same site is currently supporting the users.

ChiefIT, is it a simple matter of demoting and promoting back?...at the moment it's not sync-ing with the rest of the domain
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 38

Expert Comment

by:ChiefIT
ID: 33707678
Unless, you have a mixed domain, yes it is a matter of controlling the FSMO roles and demoting it, then back.

BUT, you also have to consider what broke FRS in the first place. most of the time that is a DNS related error.

DCDiag /test:DNS

at the command prompt, should unveil the errors.
0
 

Author Comment

by:adjaddy
ID: 33732661
ChiefIT

the DC was taken offline to fix some conflicts with McAfee and the OS. Apparently it stayed out for too long.. :(


0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 200 total points
ID: 33733689
OK, you will need to:

1) Control the five FSMO roles

2) demote it,

3)  remove metadata from the remaining DC,
HOW TO:  http://www.petri.co.il/delete_failed_dcs_from_ad.htm
WARNING: Don't forget AD metadata, FRS metadata, and DNS metadata

4) and promote it back in.

So, Antsoar provided you with good information.
0
 

Author Closing Comment

by:adjaddy
ID: 33760474
Points me in the right direction
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now