Solved

journal wrap error 13568

Posted on 2013-10-23
9
598 Views
Last Modified: 2013-11-06
Hi Folks,

To cut out the long story, I have an SBS 2003 server.  There was once another DC added to the network but it died.  So it went into tombstone state.

I'm now migrating to SBS 2011 and have the journal wrap error.  So I have used the ntdsutil to clean up the metadata successfully as per the excellent article at http://www.petri.co.il/delete_failed_dcs_from_ad.htm

The journal wrap condition still exists.  My choices now are:

set the BurFlags to D2
set the BurFlags to D4
or enable journal wrap automatic restore

From my reading up on these options, all three pose a threat of possible data loss which I obviously want to avoid.  I have backed up the system state at several stages already.

Which option is the right one to do?
0
Comment
Question by:tech53
  • 5
  • 4
9 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39594505
I always use the D4 for SBS as it is the Master server on a network.

Alan
0
 
LVL 1

Author Comment

by:tech53
ID: 39594521
Thanks.  I know I'm in a bad place with this, but the D4 option is pretty drastic.  I did this before in an identical situation and active directory disappeared on a reboot.

When the D4 option is set, what exactly happens? I now it rebuilds AD from scratch, but where does it rebuild it from? And is that source reliable?

thanks again
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39594543
It's not quite that drastic - it just reinitializes the File Replication Service - it doesn't re-write AD.

http://support.microsoft.com/kb/290762
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39594554
Just make sure you have a system state and server backup - then you can recover AD if it does go south, not that I have ever needed it.
0
 
LVL 1

Author Comment

by:tech53
ID: 39594564
Ok.  how long does it take?  Its a small SBS network with 15 users. No customised GPOs.

Also when rebuilds, is it like replaying the logs or something?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39594604
It's usually very quick - worst case about 15 minutes.

No logs to replay - just does the following (from the link I posted):

When the FRS service is restarted, the following actions occur:
The value for the BurFlags registry key is set back to 0.
An event 13566 is logged to signal that an authoritative restore is started.
Files in the reinitialized FRS replicated directories remain unchanged and become authoritative on direct replication. Additionally, the files become indirect replication partners through transitive replication.
The FRS database is rebuilt based on current file inventory.
When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.
0
 
LVL 1

Author Comment

by:tech53
ID: 39594624
Ok. cool.  I did read this but wanted the expert translation and support.

I'll apply it now and post back.

cheers
0
 
LVL 1

Author Comment

by:tech53
ID: 39594677
Perfect!  Thanks for the help.  Although I had researched this a bit before posting, Its always good to get the re-assurance from an expert.

AD rebuilt in les than 1 minute.
NTFRS logs are clear.
Items recently added to AD are present.

I'll do a server reboot later to be sure, but it all looks good.

Thanks a million Alan.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39594804
You are welcome - always pays to check before you hose your system!!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question