Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DC replication broken

Posted on 2016-09-19
4
Medium Priority
?
121 Views
Last Modified: 2016-11-04
I have a network with a few DC. One of them is SBS 2007. That server is no longer running Exchange but it is used for Document redirection and more importantly RD Gateway services.

This was a physical server that recently was converted to a VM.

All of a sudden I am having very strange issues. I believe the problem is all related to replication. An OU is missing on SBS server. Even DNS is not quite working correctly.  I can't access a member server by \\servername  I get the error "The target account name is incorrect." I can ping servername and servername.domain.local What is very bizarre is any workstation that has SBS server as it's DNS server, also gets this message. I change the workstation  DNS to point to another server and they can access the member server.
      
In HKLM\System\CurrentControlSet\Services\NTDS the key DSA not writable is set to 4. That appears to be from converting to VM

In sites and services when I try to replicate from that server I get "The naming context is in the process of being removed or is not replicated from the specified server"

I ran repadmin /showutdvec servername dc=lf,dc=local.
It shows the SBS server as "Retired" and it also shows it it replicating. I believe this is the way it should be since I converted it to VM.

Is there a way to fix this. Is demoting the SBS server the only option?
0
Comment
Question by:ajdratch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 20

Assisted Solution

by:Peter Hutchison
Peter Hutchison earned 1000 total points
ID: 41805579
If replication has not worked for 60 days or more, then it is effectively passed its tombstone limit and should be demoted to a member server. Run dcpromo and remove it from your domain, use ntdsutil to do any meta data cleanup afterwards.
0
 
LVL 10

Assisted Solution

by:Zenvenky
Zenvenky earned 1000 total points
ID: 41805732
Is the old SBS still in the network??
DO NOT DEMOTE SBS server.

As per your update I think that replication was broken before you converted SBS to VM. If SBS server still in network, bring it back and remove VM SBS completely. Fix replication first and then convert SBS to VM again. If you tries to demote current VM SBS server then I guess it might give you more issues. Because you have USN rollback issue at this moment.
0
 

Accepted Solution

by:
ajdratch earned 0 total points
ID: 41806422
I tried this and so far it looks like it has solved my problem
http://exchangeserverpro.com/recovering-a-single-domain-controller-from-a-usn-rollback/
1

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question