At one of our clients we have following setup:
City A : DC1 ( Primary holding FSMO roles )
City B: DC2 ( Server 2008 R2 in a process of decommissioning )
DC-NEW ( Server 2012 R2 is in process of becoming the only DC for City B after DC2 shuts down. DC roles are installed )
Currently facing two issues which may be related ( not sure ) and may be simple but not sure what is wrong:
I wanted to make sure the replication for DC-NEW is working fine so I did following:
Ran repadmin /showrepl command which showed no errors. So that's good.
Under group Policy management tried created test GPO and showed up on the other dc with no errors.
Checked by creating a new user and no errors.
Under Group Policy Management Clicked on domain.com and under Status tab after clicking detect now on the DC-NEW and it shows:
DC1 is the baseline domain controller for this domain
2 domain controller with replication in progress:
DC2 AD - ACLs and SysVol inaccessible
DC-NEW AD - ACLs and SysVol inaccessible
When I click on inaccessible it shows me list of all GPOs but doesn't pin point whats happening.
Why is it showing in inaccessible on both secondary DCs ? should I be worried ?
Under AD site and services I checked Servers DC2 and DC-New NTDS settings
DC2 is showing replicating from DC1 and DC-New
This is ideal
But the new DC-NEW is showing only DC2 ( automatically generated ) and not DC1. Why ?
Specially because I am going to take DC1 down. Shouldn't there be DC1 automatically generated as well ? Am I missing any step here ?
I can manually add DC1 by clicking New and add a new connection but I am curious why is it not automatically getting generated ?
Thank you all.