Link to home
Start Free TrialLog in
Avatar of jhwh1teh
jhwh1tehFlag for United States of America

asked on

FFL Upgrade now no synchronization

Site contains one top level domain and 2 sites.
Sites are in different cities connected by site to site VPN.
Firewall is ISA on both ends...
Upgraded domain and FFL to 2008R2 from 2003
Replication still using FRS not DFS.
Enabled Active Directory Recycle Bin is the only other thing I did to this environment.

After upgrading FFL, FSMO role ownership reports correctly on the servers in site 1 where I did the upgrade.
Site 2, however, still reports old FSMO role ownership and when I attempt to force synchronization, I get an error stating, "Cannot find PDC Emulator".

Output from portqry.exe -n -e 42 -p TCP ...
[Querying target system called: (I replaced this of course)

Attempting to resolve name to IP address...

Name resolved to


TCP port 42 (nameserver service): FILTERED
portqry.exe -n -e 42 -p TCP exits with return code 0x00000002.

The ISA firewalls are set to transfer all internal traffic between both sites.
I disabled windows firewall on target and source server just to be safe with no new results.
AV doesn't seem to be blocking anything either.....

Tried the following site and it was very helpful but to no avail.

Site I used for troubleshooting

Don't bother with the server names in the query, I changed them for privacy sake.
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jhwh1teh


The DCs had been there for some time and demoted the sole remaining 2003 DC.  FSMO roles resided on a 2008 DC for a while now sorry for not being more clear Krzysztof.  I will put what you request here in the morning.  Thanks again.

One other piece of info... when I do a netdom query for the FSMO ownership it is correct at the site that I did the FFL and DL upgrade but the other site shows the old FSMO role ownerships.  When I attempt to replicate from the failing site, the error tells me the snap-in cannot contact the PDC emulator to complete my request.

Logs forthcoming and thanks.
Issue resolved.  Points awarded.
Your questions and command line requests helped me find the root cause.  I thank you.
You're welcome :)
I'm glad I could help