AD / GC offline in single DC SBS domain after NTFRS error resolution attempt
Good afternoon!
I believe I screwed myself while performing some routine maintenance on our single Domain Controller SBS 2011 Standard domain...
I was looking through the log files and saw this entry:
EVENT ID 13559 : NtFrs
"""""
The File Replication Service has detected that the replica root path has changed from "c:\windows\sysvol\domain"
This was detected for the following replica set:
"DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Changing the replica root path is a two step process which is triggered by the creation of the NTFRS_CMD_FILE_MOVE_ROOT file.
[1] At the first poll which will occur in 5 minutes this computer will be deleted from the replica set.
[2] At the poll following the deletion this computer will be re-added to the replica set with the new root path. This re-addition will trigger a full tree sync for the replica set. At the end of the sync all the files will be at the new location. The files may or may not be deleted from the old location depending on whether they are needed or not.
"""""
I proceeded to follow these instructions to repair this (supposed) issue. I created the file in the indicated location, and sure enough, it triggered some kind of rebuild, it moved the current files out to a "temporary" folder, and I went about my day. About an hour later, I realized that we were having login trouble across the domain, and saw numerous errors in event logs across several servers, indicating that AD was down.
After running more tests and looking at logs, I realized that the "resync" that I had triggered was not completing, and the Server was not advertising Authentication services without it.
So... I'm stuck. I have good backups, and can revert to the last good state if needed, HOWEVER, since this is SBS, I have Exchange data to worry about (as of right now, my last good backup is over 24 hours old), so I'd have to deal with that if I can't repair Active Directory.
Ideas? See attached files for DCDiag and IPConfig output - let me know if other logs/data are needed. Thanks!
ipconfig-all.txt
dcdiag.txt
I believe I screwed myself while performing some routine maintenance on our single Domain Controller SBS 2011 Standard domain...
I was looking through the log files and saw this entry:
EVENT ID 13559 : NtFrs
"""""
The File Replication Service has detected that the replica root path has changed from "c:\windows\sysvol\domain"
This was detected for the following replica set:
"DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Changing the replica root path is a two step process which is triggered by the creation of the NTFRS_CMD_FILE_MOVE_ROOT file.
[1] At the first poll which will occur in 5 minutes this computer will be deleted from the replica set.
[2] At the poll following the deletion this computer will be re-added to the replica set with the new root path. This re-addition will trigger a full tree sync for the replica set. At the end of the sync all the files will be at the new location. The files may or may not be deleted from the old location depending on whether they are needed or not.
"""""
I proceeded to follow these instructions to repair this (supposed) issue. I created the file in the indicated location, and sure enough, it triggered some kind of rebuild, it moved the current files out to a "temporary" folder, and I went about my day. About an hour later, I realized that we were having login trouble across the domain, and saw numerous errors in event logs across several servers, indicating that AD was down.
After running more tests and looking at logs, I realized that the "resync" that I had triggered was not completing, and the Server was not advertising Authentication services without it.
So... I'm stuck. I have good backups, and can revert to the last good state if needed, HOWEVER, since this is SBS, I have Exchange data to worry about (as of right now, my last good backup is over 24 hours old), so I'd have to deal with that if I can't repair Active Directory.
Ideas? See attached files for DCDiag and IPConfig output - let me know if other logs/data are needed. Thanks!
ipconfig-all.txt
dcdiag.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I performed the authoritative restore per your instructions (and the references provided), and am back up and running! Much less painful than I expected - thank you so much!!!!!!