ENTPF
asked on
Infrastructure FSMO role
I have a customer with a very small, simple AD environment. One DC running Server 2008. Domain level Server 2008, forest level Server 2000. They requested a health check due to some odd behaviors. I found that the Infrastructure master is "Unknown". When I check the FSMO roles it simply states "Error" in the GUI. The below event is logged:
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDi
Date: 11/14/2014 9:17:18 AM
Event ID: 2091
Task Category: Replication
Level: Warning
Keywords: Classic
User: ANONYMOUS LOGON
Computer: dc.domain.com
Description:
Ownership of the following FSMO role is set to a server which is deleted or does not exist.
Operations which require contacting a FSMO operation master will fail until this condition is corrected.
netdom query fsmo roles give the following instead of the proper distinguished name.
Infrastructure - CN=NTDS Settings\0ADEL:83aeeec3-ff
SERVER\0ADEL:ebf558d1-3876
ite-Name,CN=Sites,CN=Confi
All other FSMO roles show ok and since there is only one DC, it obviously must host all roles.
I have no idea how long it has been in this state but the oldest log is from 11/2015.
My question: is there a risk of introducing stale objects or creating other problems if I try to fix this issue? The customer is actually wanting to just build a completely new forest/domain with server 2012r2 instead of trying to fix problems with this old environment.
Any comments or observations would be helpful.
Thank you.
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDi
Date: 11/14/2014 9:17:18 AM
Event ID: 2091
Task Category: Replication
Level: Warning
Keywords: Classic
User: ANONYMOUS LOGON
Computer: dc.domain.com
Description:
Ownership of the following FSMO role is set to a server which is deleted or does not exist.
Operations which require contacting a FSMO operation master will fail until this condition is corrected.
netdom query fsmo roles give the following instead of the proper distinguished name.
Infrastructure - CN=NTDS Settings\0ADEL:83aeeec3-ff
SERVER\0ADEL:ebf558d1-3876
ite-Name,CN=Sites,CN=Confi
All other FSMO roles show ok and since there is only one DC, it obviously must host all roles.
I have no idea how long it has been in this state but the oldest log is from 11/2015.
My question: is there a risk of introducing stale objects or creating other problems if I try to fix this issue? The customer is actually wanting to just build a completely new forest/domain with server 2012r2 instead of trying to fix problems with this old environment.
Any comments or observations would be helpful.
Thank you.
Toni Uranjek
Seize infrastructure master role and that's it.
ASKER
So there's no risk to introduce phantoms or stale objects?
Thanks.
Thanks.
The Infrastructure Master role is responsible for updating references from one object to another in remote domain.
As I understand, you have single domain forest? Phantom objects are created if external references till exist.
Was this domain at any time part of multidomain forest?
As I understand, you have single domain forest? Phantom objects are created if external references till exist.
Was this domain at any time part of multidomain forest?
ASKER
No, it was not.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the assistance.