Link to home
Start Free TrialLog in
Avatar of Steve B
Steve BFlag for United States of America

asked on

Windows 2012 and Windows 2003 domain controllers not replicating after restore

I had a situation where I had to restore a Windows Server 2012 Domain Controller from backup that was a month old.  There is another Windows Server 2003 domain controller.  Yes, I know, but I am still decommissioning it.  When the Windows 2012 DC came back online, it will no longer replicate with the 2003 server.  For example, I am getting all kinds of errors that I have posted in the dcdiag attached.  The computer databases are inconsistent (contents of Computers is different on the domain controllers) and I have trouble with workstations not having a trust relationship (Windows 7).

How can this be corrected?  I know it is because one DC is a month older than the online one, but why won't they exchange info now?

Results of dcdiag.  Server is Windows 2012 and Server1 is Windows 2003 are attached:
dcdiag.txt
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image
Bringing up old DC's is never a good idea. If you aren't making backups more often, do so.  As long as your 2003 DC is healthy, I'd go in, delete all references to the failed DC, clean up the metadata, and then install 2012 again and make it a new DC. It'll replicate fresh (the 2003 is up to date after all, if it is healthy) and you end up with a good DC without the month-old backup problem.  If the 2012 DC was servicing other roles, restore them separately. A file server, for example, can simply restore the files without restoring the system state and AD.

-Cliff
SOLUTION
Avatar of Mal Osborne
Mal Osborne
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Avatar of Will Szymkowski
Will Szymkowski
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Steve B
Steve B
Flag of United States of America image

ASKER

Well, I really am not sure how this happened but after a bit both domain controllers were in synch.  I ran dcdiag and it came back clean with no errors.  I also noticed something in the event viewer directory service category stating that everything has been cleaned up and the domain controllers are replicating successfully.  I didn't do anything at all.  I changed descriptions for Computer objects on both servers and they immediately were replicated.  I also disabled a user account and it showed that way on the other DC. This is a very small environment with a Windows 2012 DC and a Windows 2003 DC with 7 workstations.  Everything seems to be working fine and I am not sure why now.  It is extremely rare that Windows works something out on its own, which is why I was surprised to see that message in the event log.  I have been monitoring the event viewer and it seems like everything is normal.  I am not sure what to think but it is good to know how I should have done it thanks to you guys.  Maybe I just got lucky this time.  I can't wait to decommission the 2003 DC and demote it just to not have to worry as much.
Avatar of Will Szymkowski
Will Szymkowski
Flag of Canada image
I also disabled a user account and it showed that way on the other DC.

Simply creating an account and watching it replicate to another DC does mean that "some" directory partitions are replicating. However, there are other directory partitions that need to replicate as well to ensure that ALL directory partitions are successful in replicating.

Use the commands above, i have provided will help with this.

Will.