[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Server cannot replicate between DCs windows 2003 trying to run adprep

Posted on 2013-11-22
6
Medium Priority
?
898 Views
Last Modified: 2013-11-22
We have three servers running windows 2003, two can replicate fine however one cannot.

was trying to run adprep and got the error The schema master did not complete a replication cycle after the last reboot. The schema master must complete at least one replication cycle before the schema can be extended.

further investigation shows that the server has been disconnected past the tombstone life.

dcpromo /force removal fails and trying to seize any roles (RID, schema master) also fails both with the same error - target principal name is incorrect (it is not)

any ideas?
0
Comment
Question by:itsup23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39669993
Is that the box that actually holds all the FSMO roles?  Are you seeing the 2042 errors in your logs as reported here   http://technet.microsoft.com/en-us/library/cc757610(v=ws.10).aspx

Thanks

Mike
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39670128
You need to do metedata cleanup to remove the tombstoned DC's, then force replication to all the other active DCs.  Then you can extend the schema.
Check below articles to do this.
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Make sure you clear metadata + DC object in AD sites and services

Also you need to delete DC object from below location.
a.Click Start, click Run, type adsiedit.msc in the Open box, and then click OK
b.Expand the Domain NC container.
c.Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d.Expand CN=System.
e.Expand CN=File Replication Service.
f.Expand CN=Domain System Volume (SYSVOL share).
Check http://support.microsoft.com/kb/216498 for more details

also make sure all the records of removed dc has been removed under _msdc folder in dns by verifying each folder in msdcs.
 
before extending the schema & configuring new dc You can use dcdiag /v / c/ d /e switch together to check the complete forest health.

Mahesh
0
 

Author Comment

by:itsup23
ID: 39670251
No Mike, It is only the Schema master when I run netdom query fsmo

however when i try to remove it using dcpromo /forceremoval (which eventually fails) it says its Schema, RID master.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:itsup23
ID: 39670361
Mahesh,

  That worked. Now I need to re-add the same dc and re-seize the role.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39670394
Your comment
"Now I need to re-add the same dc and re-seize the role"

There is no "re-seize" concept exists in active directory
If you have cleared tombstoned DC and removed from network also, then probably you can seize the FSMO roles on other DC and then extend schema
then you can add new servers as ADC if wanted to
then you need to transfer the roles if wanted to

Mahesh
0
 

Author Comment

by:itsup23
ID: 39670595
Thank You!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question