Solved

NTDS KCC 1801

Posted on 2010-11-15
7
1,010 Views
Last Modified: 2012-05-10
Hi,

We have remote site that I created a new site for and moved the only domain controller to.  The thing that I noticed is that now I am getting a warning message that states:

Warning NTDS KCC 1801

The partition DC=DomainDnsZones,DC=vertex,DC=local should be hosted at site CN=LAX,CN=Sites,CN=Configuration,DC=vertex,DC=local, but has not been instantiated yet. However, the KCC could not find any hosts from which to replicate this partition.

I am not sure exactly what this means being that in the past I have always created a site and then did a dcpromo to bring up the domain controller.  we have about 50 machins in that site and I am trying to do this from a remote site.

How can I resolve this issue.  Also how critical is this issue.  Will this prevent the users from logging on to the nework or have access to shared resources such as files and printers
0
Comment
Question by:thomasm1948
  • 4
  • 3
7 Comments
 

Author Comment

by:thomasm1948
Comment Utility
Also when I run the following command in the command prompt everything seems to be ok:

repadmin /replsum /bysrc /bydest /sort:delta

I see no errors when I run it.  The only thing that I see is that I tried to install the support tools on the remote server and I get an error that I do not have permissions to install the application on the server (I did this though remote desktops in console mode)
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
Comment Utility
You have linked all the sites properly with their subnet.

If its fine then there can be Domaindnszones & forestdnszones are in corruption.

Change all the AD-Integrated DNS zone to Primary(Non-AD-Integrated) in forward lookup zone as well as in reverse lookup zone

Stop the dns service on problem dc,
Open ADSIEDIT.MSC from run, locate configuration partition
Expand configuration partition>Partitions> remove Domaindnszones & forestdnszones only which is on the right side.
Start the dns service & you will find those two partitions will be recreated.
Convert the zone back to AD-Integrated,

Note: Delete the Domaindnszones & forestdnszones only after you have converted all the zone under forward & reverse lookup zone to non AD-integrated.If you delete the Domaindnszones & forestdnszones w/o converting the zone Non AD-Integrated, it will delete all the zones under forward & reverse lookup zone.

If you are not sure take backup before doing it.
0
 
LVL 24

Expert Comment

by:Awinish
Comment Utility
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:thomasm1948
Comment Utility
yes all of the sites are connected to their proper subnets.  I will try your recommendation after working hours.  

How critical is this warning message?  
0
 

Author Comment

by:thomasm1948
Comment Utility
I do not receive any event IDs 4515 in my event log
0
 

Author Comment

by:thomasm1948
Comment Utility
What would happen if I decide to demote the domain controller on the remote site and repromote it to a domain controller
0
 
LVL 24

Expert Comment

by:Awinish
Comment Utility
Event id 4515 is related to dns but corruption can happen in dns, i gave you link to confirm you follow the steps properly.

You can do that nothing happens, but make sure before using same host name & IP again, make sure after demoting you clean up all the records & give time to replicate the changes to other dc else you will not able to configure the dc with same name.

Also,if you have clients pointed to that dc for dns need to make change on all the client machine.

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now