• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 121
  • Last Modified:

PDC - DC Sync error

Hi.
Saw an error on a Terminal server (win 2012).
Event ID: 1058 - The processing of Group Policy failed

Checked the SYSVOL\domain\policies folder on the PDC and it was very outdated compared to the DC. (are one PDC and one DC)

Checked PDC- found this under Server manager - AD DS:
#
The DFS Replication service stopped replication on the folder with the following local path: C:\Windows\SYSVOL\domain. This server has been disconnected from other partners for 325 days, which is longer than the time allowed by the MaxOfflineTimeInDays parameter (60). DFS Replication considers the data in this folder to be stale, and this server will not replicate the folder until this error is corrected.
 
To resume replication of this folder, use the DFS Management snap-in to remove this server from the replication group, and then add it back to the group. This causes the server to perform an initial synchronization task, which replaces the stale data with fresh data from other members of the replication group.
 
Additional Information:
Error: 9061 (The replicated folder has been offline for too long.)
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 5FD9E88D-E92E-4097-B908-4BD018490764
Replication Group Name: Domain System Volume
Replication Group ID: 50FCAE6F-BD3C-4145-B8FF-7A0685ECFBF3
Member ID: 7832896E-76E7-457D-AC7A-BB3B960E66D6
#

Says to use the DFS management (?) to remove the server from replication group. Safe to do with a PDC?
Also saw that the PDC was set to use DC as first DNS server but not itself as nr 2. Changed that.

Thanx
0
Tore Jacobsen
Asked:
Tore Jacobsen
  • 7
  • 6
2 Solutions
 
No MoreCommented:
I deleted previous comment, because I realize you can't do it that way

1. You could move PDC role to good server and uninstall ADDS on bad server and install it back

2. run dfsrdiag pollad command on good DC

3. run dfsrdiag syncnow /RGName:”Domain System Volume” /Partner:OTHER_DC /Time:20 /v
From your good DC to DC with PDC, replace Other_DC with your name of PDC server

You must have DFS snap-in installed for dfrsdiag to be available

After about 20 min restart DFS services on PDC server
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Hi!
To clearify naming, PDC (not synking) is Named PDC1 (win 2012R2).
DC working, is named DC1(win 2008R2)

So, I moved PDC and other operational roles from PDC1 to DC1
Demoted and unsinstalled ADDS on PDC1

And now I should install ADDS on PDC1 , promote it and move PDC role back to it?
after that run "dfsrdiag pollad" command on DC1?

then run "dfsrdiag syncnow /RGName:”Domain System Volume” /Partner:PDC1 /Time:20 /v"
on DC1?

Thank you so much for helping.
Tore
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Is there a problem that DC1 is still Win 2008 r2, and PDC1 is updated to Win 2012R2?
Domain function level is 2008 R2
Reason I want the PDC1 to be PDC and not led DC1 be PDC is that PDC1 is physical while DC1 and all other servers other than Hyper-V server are virtual.
Been recomended to keep a physical PDC so that the hyper-V hosts have a DC to talk to when they boot up.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
No MoreCommented:
If you choosed do option number 1 you don't have to do 2 and 3
0
 
No MoreCommented:
2008r2 and 2012r2 work ok together

You should then have all FSMO roles on psychical server and yes whoever advice you that was correct
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Ok. Thnx.
So after I installed ADDS, promoted, I can move over PDC role and all should sync up after some time?
Thanks alot m8
0
 
No MoreCommented:
You could use this, but it should sync the normal way after promote in couple minutes

dfsrdiag syncnow /RGName:”Domain System Volume” /Partner:PDC1 /Time:20 /v"
on DC1?
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Great help. Thanx alot
0
 
No MoreCommented:
You are welcome
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Hi.
Have let the PDC run for some time, also run the command
 dfsrdiag syncnow /RGName:”Domain System Volume” /Partner:PDC1 /Time:20 /v
on DC1 and restartet det DFS replication service after 20 min on PDC1
Still nothing in SYSVOL\ domain folder
and stil event 6016
#
The DFS Replication service failed to update configuration in Active Directory Domain Services. The service will retry this operation periodically.
 
Additional Information:
Object Category: msDFSR-LocalSettings
Object DN: CN=DFSR-LocalSettings,CN=PDC1,OU=Domain Controllers,DC=dto,DC=local
Error: 2 (The system cannot find the file specified.)
Domain Controller: dc1.dto.local
Polling Cycle: 60
#

and event id 4012
#
The DFS Replication service stopped replication on the folder with the following local path: C:\Windows\SYSVOL\domain. This server has been disconnected from other partners for 326 days, which is longer than the time allowed by the MaxOfflineTimeInDays parameter (60). DFS Replication considers the data in this folder to be stale, and this server will not replicate the folder until this error is corrected.
 
To resume replication of this folder, use the DFS Management snap-in to remove this server from the replication group, and then add it back to the group. This causes the server to perform an initial synchronization task, which replaces the stale data with fresh data from other members of the replication group.
 
Additional Information:
Error: 9061 (The replicated folder has been offline for too long.)
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 5FD9E88D-E92E-4097-B908-4BD018490764
Replication Group Name: Domain System Volume
Replication Group ID: 50FCAE6F-BD3C-4145-B8FF-7A0685ECFBF3
Member ID: 8CC46FD4-5DFA-483F-84D3-47D042BBCB37
#
0
 
No MoreCommented:
I think you need to do it properly,

Uninstall - demote dc, Uninstall ADDS restart server, make sure that you remove that DC from Active Directory (clear metadata) in OU= Domain Controllers

Also after restart make sure you don't have sysvol / ntds folder in c:\windows

Also clear your event log
0
 
Tore JacobsenSystem adminstratorAuthor Commented:
Hi and thanx.
tried this:
Uninstall - demote , then uninstall ADDS and restart.
checked that the PDC1 was not listed under the OU=Domain controllers.
(was this what you ment with "clear metadata" or to run some NTDSUTIL commands?)

Removed SYSVOL and NTDS Folder under C:\Windows.
Installed ADDS, promoted, and gave FSMO roles.

No luck. Same 4012 event

Started again. Now the plan is to demote and uninstall ADDS, move to workgroup, rename, join domain, and install ADDS, promote and give FSMO roles. hopefully that does the trick.

Other suggestions before I swap it for a new machine taking the PDC role?

Thanx again!
0
 
No MoreCommented:
That DC could be still listed in sites as replication partner of DC1

There is an option which involves System Volume Information folder - but I would say you should try new VM

Also since you mentioned primary server is 2008 I wonder is the server even replicating ?

dfsdiag /testdcs

and run also

dcdiag /v /c /e


also run
DFSRDIAG.EXE POLLAD
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now