Japsterex
asked on
Windows 2008 R2 Server Group Policy Not Replicating between Domain Controllers
Hi,
I've installed 2 x Windows 2008 R2 Domain Controllers in what was once a 2003 R2 Domain, I've decommisioned the 2003 R2 original DC via Transfering FSMO roles and DCpromo out. Since that I've raised the Domain and Forest Level to 2008 R2.
Everything else replication wise seems to be working, except for the Group Policies. I know this because the Sysvol Policies folder on the non PDC emulator have older files in.
The problem is some clients are getting Group Policies from the updated DC1 and some are getting them from the non replicated DC2.
What's up with the Replication of Group Policy containers ?
Also in the interim is there a setting to force clients to only use DC1 for Group Policy ?
Thanks,
Craig
I've installed 2 x Windows 2008 R2 Domain Controllers in what was once a 2003 R2 Domain, I've decommisioned the 2003 R2 original DC via Transfering FSMO roles and DCpromo out. Since that I've raised the Domain and Forest Level to 2008 R2.
Everything else replication wise seems to be working, except for the Group Policies. I know this because the Sysvol Policies folder on the non PDC emulator have older files in.
The problem is some clients are getting Group Policies from the updated DC1 and some are getting them from the non replicated DC2.
What's up with the Replication of Group Policy containers ?
Also in the interim is there a setting to force clients to only use DC1 for Group Policy ?
Thanks,
Craig
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
user spotlight for AD and check the relication status, also try restarting DC
ASKER
Thanks Demazter,
I worked through the kb290762, the non-authoratitive restore was going fine until I checked the Event logs, then realised I was working on the wrong server :-/
Um is there anyway to reverse what I've done ? I can see all the sysvol stuff has been moved to a "Pre-Existing" folder so I know the Good stuff from DC1 is safe but DC1\SYSVOL share no longer exists !
Any ideas ?
I worked through the kb290762, the non-authoratitive restore was going fine until I checked the Event logs, then realised I was working on the wrong server :-/
Um is there anyway to reverse what I've done ? I can see all the sysvol stuff has been moved to a "Pre-Existing" folder so I know the Good stuff from DC1 is safe but DC1\SYSVOL share no longer exists !
Any ideas ?
ASKER
Right,
I've recreated the SYSVOL & NETLOGON shares on DC1 and put the files back from the "Pre Existing Folder"
Luckily the replication did not occur from the out of date DC2 server.
I repeated the Non-Authoratitive restore on DC2 to pull the data from DC1 but it's complaining that it can't replicate from DC1, same as it has done all along.
Looking back through the logs on DC2 it's never successfully replicated from DC1. It seems that the only fact that they are almost up-to-date and functionining correctly as they were both new as of Dec 2010.
What next ? DCPROMO DC2 out and then back in again ?
I've recreated the SYSVOL & NETLOGON shares on DC1 and put the files back from the "Pre Existing Folder"
Luckily the replication did not occur from the out of date DC2 server.
I repeated the Non-Authoratitive restore on DC2 to pull the data from DC1 but it's complaining that it can't replicate from DC1, same as it has done all along.
Looking back through the logs on DC2 it's never successfully replicated from DC1. It seems that the only fact that they are almost up-to-date and functionining correctly as they were both new as of Dec 2010.
What next ? DCPROMO DC2 out and then back in again ?
OK, let's take a deeper look.
Can you post the results of IPCONFIG /ALL and DCDIAG from both servers please.
Can you post the results of IPCONFIG /ALL and DCDIAG from both servers please.
ASKER
DC1
Windows IP Configuration
Host Name . . . . . . . . . . . . : DC01
Primary Dns Suffix . . . . . . . : mycompany.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mycompany.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-50-56-A5-00-02
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4936:b0dc:e918:924%1 0(Preferre d)
IPv4 Address. . . . . . . . . . . : 10.10.1.247(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.1.4
DHCPv6 IAID . . . . . . . . . . . : 234884137
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7C-5B-2C-00 -0C-29-4D- 1E-85
DNS Servers . . . . . . . . . . . : ::1
10.10.1.247
10.10.1.253
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{E820BDED-0799-4DC8 -A16C-C73D 40D6BE65}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DC2
Windows IP Configuration
Host Name . . . . . . . . . . . . : dc02
Primary Dns Suffix . . . . . . . : mycompany.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mycompany.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-50-56-A5-00-05
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::897c:14b:51d8:aede%1 0(Preferre d)
IPv4 Address. . . . . . . . . . . : 10.10.1.253(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.1.4
DHCPv6 IAID . . . . . . . . . . . : 234901590
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-91-78-86-00 -50-56-A5- 00-03
DNS Servers . . . . . . . . . . . : ::1
10.10.1.253
10.10.1.247
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{6C5E3727-6CCB-471F -BCC5-0FD7 9F5533F3}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DCDIAG will follow
Windows IP Configuration
Host Name . . . . . . . . . . . . : DC01
Primary Dns Suffix . . . . . . . : mycompany.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mycompany.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-50-56-A5-00-02
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4936:b0dc:e918:924%1
IPv4 Address. . . . . . . . . . . : 10.10.1.247(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.1.4
DHCPv6 IAID . . . . . . . . . . . : 234884137
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7C-5B-2C-00
DNS Servers . . . . . . . . . . . : ::1
10.10.1.247
10.10.1.253
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{E820BDED-0799-4DC8
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DC2
Windows IP Configuration
Host Name . . . . . . . . . . . . : dc02
Primary Dns Suffix . . . . . . . : mycompany.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mycompany.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-50-56-A5-00-05
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::897c:14b:51d8:aede%1
IPv4 Address. . . . . . . . . . . : 10.10.1.253(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.1.4
DHCPv6 IAID . . . . . . . . . . . : 234901590
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-91-78-86-00
DNS Servers . . . . . . . . . . . : ::1
10.10.1.253
10.10.1.247
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{6C5E3727-6CCB-471F
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DCDIAG will follow
first think I would say, is change the IP configuration so that for the DNS servers the first DNS entry is the other server and the second is itself. The third entry can be removed.
ASKER
Ok will give that a try.
Just had to reboot both of them as SYSVOL had disappeared from both DC's and everything here ground to a halt. Saying no GC's were available, all authentication ceased, guess that was something to do with the Burflags thing I kicked off on DC2 ?
We are in a serious problem now as neither of the DCs are working,
HELP PLEASE !!!!
Just had to reboot both of them as SYSVOL had disappeared from both DC's and everything here ground to a halt. Saying no GC's were available, all authentication ceased, guess that was something to do with the Burflags thing I kicked off on DC2 ?
We are in a serious problem now as neither of the DCs are working,
HELP PLEASE !!!!
when you accidentally changed the burflags on the "good" DC did you set it back to 0 when you "halted" the process?
Next question is do you have a system state backup?
ASKER
yes the burflags reset themselves to 0 when when you restart the NTFRS service
yes I have a system state backup on backup exec
yes I have a system state backup on backup exec
ASKER
but I can't get it to restore because the credentials used to restore from the backup exec server is a domain account and no domain controllers are available to authenticate it
ASKER
how do I do a manual restore as I have the c$ backups too
OK, let's get one working, on the one that WAS the working machine, configure DNS to have only 127.0.0.1 in the IP configuration for DNS, no other entries.
Then in Active Directory Sites and Services, expand the DC (the good one) right click on NTDS Settings and select properties, make sure there is a check box in the Global Catalog box.
then reboot the good DC.
Don't do anything with the other one at this stage, let's get one working and go from there.
Then in Active Directory Sites and Services, expand the DC (the good one) right click on NTDS Settings and select properties, make sure there is a check box in the Global Catalog box.
then reboot the good DC.
Don't do anything with the other one at this stage, let's get one working and go from there.
ASKER
Very grateful for you help :)
Right none of the AD apps work becuase it says that the PDC emulator cannot be contacted. The DC1 which was the good one now gone bad, was the FMSO roles holder. It says even though the DC1 owns the FSMO roles it doesn't recognise them or something like that.
One thing that's adding to the issue is these are Virtual Machines, under VMware. I do however have a snapshot for DC1 that I took before I applied 2008 R2 SP1 last week.
Do you think this may be the better option ?
Right none of the AD apps work becuase it says that the PDC emulator cannot be contacted. The DC1 which was the good one now gone bad, was the FMSO roles holder. It says even though the DC1 owns the FSMO roles it doesn't recognise them or something like that.
One thing that's adding to the issue is these are Virtual Machines, under VMware. I do however have a snapshot for DC1 that I took before I applied 2008 R2 SP1 last week.
Do you think this may be the better option ?
Not at this stage.
Let's try and get DC1 working.
Have you changed the IP configuration? Does it have DNS installed on itself?
if you run:
NETDOM QUERY FSMO
and
NETDOM QUERY DC
from a command prompt, what do you get?
IF we needed to "kill" DC'2 is there anything on there that might be causing problems? It's possible that DC2 was never replicating correctly and if that's the case there could be a FSMO role transition issue.
Let's try and get DC1 working.
Have you changed the IP configuration? Does it have DNS installed on itself?
if you run:
NETDOM QUERY FSMO
and
NETDOM QUERY DC
from a command prompt, what do you get?
IF we needed to "kill" DC'2 is there anything on there that might be causing problems? It's possible that DC2 was never replicating correctly and if that's the case there could be a FSMO role transition issue.
ASKER
OK yes changed the DNS to itself.
NETDOM QUERY FSMO says this :
The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.
NETDOM QUERY DC says the same.
If we needed to DCpromo DC2 out this wouldn't be a major problem as long as we got DC1 running
What next ?
NETDOM QUERY FSMO says this :
The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.
NETDOM QUERY DC says the same.
If we needed to DCpromo DC2 out this wouldn't be a major problem as long as we got DC1 running
What next ?
ASKER
All references to the domain have disappeared, from DNS, DHCP everywhere.
Also all our mail services have stopped due to their reliance on AD I guess, DC2 is also in the same state regarding the above posts.
I'm starting to worry now :-/
Also all our mail services have stopped due to their reliance on AD I guess, DC2 is also in the same state regarding the above posts.
I'm starting to worry now :-/
OK, can you do this on both DC's for me and post the results.
From a command prompt run NTDSUTIL, type ROLES and press enter
Then type CONNECTIONS and press enter
at the next prompt type CONNECT TO SERVER DC1 (when you do this on DC2 type DC2 instead of DC1) and press enter
once that's connected type Q and press enter
Type SELECT OPERTAION TARGET and press enter
Type LIST ROLES FOR CONNECTED SERVER
Can you paste the output from both DC's here.
Keep pressing Q and enter to exit NTDSUTIL
From a command prompt run NTDSUTIL, type ROLES and press enter
Then type CONNECTIONS and press enter
at the next prompt type CONNECT TO SERVER DC1 (when you do this on DC2 type DC2 instead of DC1) and press enter
once that's connected type Q and press enter
Type SELECT OPERTAION TARGET and press enter
Type LIST ROLES FOR CONNECTED SERVER
Can you paste the output from both DC's here.
Keep pressing Q and enter to exit NTDSUTIL
ASKER
Oh and DC2 is the Root CA for the domain, but I guess we can move that once we get DC1 working
OK, that completely changes things!
Restore the snapshot and we can recover from there.
Restore the snapshot and we can recover from there.
ASKER
DC1
Server "hcuk2k8dc01" knows about 5 roles
Schema - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configu
ration,DC=hc-uk,DC=com
Naming Master - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN=
Configuration,DC=hc-uk,DC= com
PDC - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configurat
ion,DC=hc-uk,DC=com
RID - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configurat
ion,DC=hc-uk,DC=com
Infrastructure - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN
=Configuration,DC=hc-uk,DC =com
DC2
Schema - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configu
ration,DC=hc-uk,DC=com
Naming Master - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN=
Configuration,DC=hc-uk,DC= com
PDC - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configurat
ion,DC=hc-uk,DC=com
RID - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN= Configurat
ion,DC=hc-uk,DC=com
Infrastructure - CN=NTDS Settings,CN=HCUK2K8DC01,CN =Servers,C N=HC-UK,CN =Sites,CN
=Configuration,DC=hc-uk,DC =com
Server "hcuk2k8dc01" knows about 5 roles
Schema - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ration,DC=hc-uk,DC=com
Naming Master - CN=NTDS Settings,CN=HCUK2K8DC01,CN
Configuration,DC=hc-uk,DC=
PDC - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ion,DC=hc-uk,DC=com
RID - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ion,DC=hc-uk,DC=com
Infrastructure - CN=NTDS Settings,CN=HCUK2K8DC01,CN
=Configuration,DC=hc-uk,DC
DC2
Schema - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ration,DC=hc-uk,DC=com
Naming Master - CN=NTDS Settings,CN=HCUK2K8DC01,CN
Configuration,DC=hc-uk,DC=
PDC - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ion,DC=hc-uk,DC=com
RID - CN=NTDS Settings,CN=HCUK2K8DC01,CN
ion,DC=hc-uk,DC=com
Infrastructure - CN=NTDS Settings,CN=HCUK2K8DC01,CN
=Configuration,DC=hc-uk,DC
OK, that's good, so at least AD thinks it's right (hold fire on that restore for now)
On DC1, goto the DNS console and expand the servername and forward lookup zones, for the internal forward lookup zone, right click on it and select properties.
Where it says Zone Type, click Change and uncheck the box that says "Store this zone in Active Directory" click OK and OK.
Then restart the DNS service.
What happens when you try to run DCDIAG on DC1?
Where it says Zone Type, click Change and uncheck the box that says "Store this zone in Active Directory" click OK and OK.
Then restart the DNS service.
What happens when you try to run DCDIAG on DC1?
ASKER
OK, back to the DNS console, right click on the zone again and select properties, change the updates section to secure and non-secure updates.
Once done, restart the NETLOGON service and run DCDIAG /FIX
Then try the NETDOM QUERY FSMO command again
Once done, restart the NETLOGON service and run DCDIAG /FIX
Then try the NETDOM QUERY FSMO command again
ASKER
Same result I'm afraid :-
The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.
dcdiagfix.txt
Also see DCdiag fix log
The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.
dcdiagfix.txt
Also see DCdiag fix log
let's go with the snapshot restore then, once you've done that, reboot the server, and post DCDIAG results.
ASKER
ok thanks
snapshot reverted, seems to be ok can see the sysvol folder on DC1, phew !
here's the dcdiag file dcdiag-post-snapshot.txt
snapshot reverted, seems to be ok can see the sysvol folder on DC1, phew !
here's the dcdiag file dcdiag-post-snapshot.txt
ASKER
FRS service currently off on DC2 shall I leave it that way ?
The first thing we need to do now is make sure this server is working properly, then we will worry about the other.
Change the IP configuration again so it's using only 127.0.0.1 for DNS, restart the netlogon service and run DCDIAG /FIX
Do you have nic teaming enabled on the DC1?
Don't do anything with DC2 at the moment.
Change the IP configuration again so it's using only 127.0.0.1 for DNS, restart the netlogon service and run DCDIAG /FIX
Do you have nic teaming enabled on the DC1?
Don't do anything with DC2 at the moment.
ASKER
No teaming on DC1 adapters as there's only 1 virtual adapter.
changed to 127.0.0.1 only
restarted netlogon
DCdiagfix log attached.
One thing I noticed is that DNS does not have a forward lookup zone at the moment.
When the machine started after the snapshot application it did ask for a reboot, I will do this now, while I'm waiting for your reply
dcdiagfix--2-.txt
changed to 127.0.0.1 only
restarted netlogon
DCdiagfix log attached.
One thing I noticed is that DNS does not have a forward lookup zone at the moment.
When the machine started after the snapshot application it did ask for a reboot, I will do this now, while I'm waiting for your reply
dcdiagfix--2-.txt
If there is no forward lookup zone then you will need to create one, this is pretty critical!
ASKER
will there be any zone backups anywhere I can import ?
There was quite a lot of manually entered stuff in the zone to do with vmware etc and stuff to do with exhange OWA.
btw certain parts of VM are playing up, prob down to the DNS issue.
Shall I create a new one or try to import it from backup ?
There was quite a lot of manually entered stuff in the zone to do with vmware etc and stuff to do with exhange OWA.
btw certain parts of VM are playing up, prob down to the DNS issue.
Shall I create a new one or try to import it from backup ?
I would create a new one, for now make it so it's not AD integrated and so it allows secure and non-secure updates.
ASKER
ok created a new one, also because the reverse lookup zone is still there most of the stuff I need it there so I can copy it over.
ok what next ?
ok what next ?
Can you take a backup of the SYSVOL
Then turn on the FRS service in DC2 and follow the burflags and set DC2 to D2. Please make sure it's DC2 ;)
Then turn on the FRS service in DC2 and follow the burflags and set DC2 to D2. Please make sure it's DC2 ;)
ASKER
sounds like a good idea ;-)
man you've been a great help today :-D
I'll give it a go now
man you've been a great help today :-D
I'll give it a go now
ASKER
demazter is a credit to Experts-Exchange, went far beyond my original question to help and get my systems back online after a silly mistake I made in applying his fix.
Once again thanks man you're the best :-)
Once again thanks man you're the best :-)
So all is working now?
ASKER
Hi demazter,
yes things are back to normal now and the DC2 is replicating following the application of the burflags D2 to the correct server ;-)
Just applying SP1 back to DC1 now since the snapshot we used was pre SP1
Big thanks
yes things are back to normal now and the DC2 is replicating following the application of the burflags D2 to the correct server ;-)
Just applying SP1 back to DC1 now since the snapshot we used was pre SP1
Big thanks
Excellent, glad it's all sorted :)
wow - outstanding work on this problem. I have a physical DC on my LAN, in the event of issues with VM'ed DC's.