Solved

Active Directory NTDS Settings and Connection objects missing

Posted on 2013-05-10
5
4,258 Views
Last Modified: 2013-05-12
We have a 2 datacenters and several remote sites. All domain controllers are server 2008 r2. It is a single domain forest. Our AD topology is setup like hub and spoke with half of all the remote sites replicating to each of the datacenter domain controllers. The two datacenters replicate to eachother every 15 minutes. The remote site <-> dc replication is set for every 30 min.

On of our sites is acting weird. Systems  at that site occasionally site that the trust relationship between the workstation and the primary domain failed.

In AD sites and services I see everything looks fine on the remote site DC. I see NTDS settings and automatically generated connection objects. On the Datacenter side I see NTDS settings is completely missing for the remote site, and ofcourse there are no connection objects.

I have tried a repladmin /kcc on both the datacenter domain controller and the remote site with success. I have rebooted both Domain controllers.

DCDiag /testreplications checks out on both domain controllers

Not sure how I fix the AD site and services objects though.
AD-Sites.png
0
Comment
Question by:bbcac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 

Author Comment

by:bbcac
ID: 39154912
I just found out that the remote site DC is not in AD users and computers. I'm confused on my next steps now
0
 
LVL 13

Expert Comment

by:Jaihunt
ID: 39154933
Hi

What you mean the Remote site DC not in users and computers ? Did you mean you are not able to find the computer object of the remote site in your data center servers.? If yes  means you performed Meta data cleanup  since its 2008 server if you delete computer object of DC it will cleaned entirely from the domain. you need to rebuild the server and re promote it as DC.

The screenshot you provided is not helpful since you blacked everything..!!

Thanks
Jai
0
 

Author Comment

by:bbcac
ID: 39154949
Yes the remote site domain controller is not in AD users and computers.

I can't post pictures of my AD topology for security reasons. You can see in the picture that NTDS Settings is completely missing while the rest of the environment has them.
0
 
LVL 13

Accepted Solution

by:
Jaihunt earned 500 total points
ID: 39154959
No Issues, As i said earlier Meta data cleanup has been performed on the remote site. You need to rebuild the server and re promote it as DC.

http://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx
0
 

Author Comment

by:bbcac
ID: 39160192
perfect... thanks for your help, the DC is back up and running. Now I am having client machine account password issues

I have added a new question http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_28125821.html
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question