Difficulty with one DC in a multi-site AD setup - Naming Context is in the process of being removed or is not replicated from the specified server

stsanford
stsanford used Ask the Experts™
on
Difficulty with one DC in a multi-site AD setup - Naming Context is in the process of being removed or is not replicated from the specified server
It appears that syncing FROM the master DC (schema, FSMO roles holder) TO the out-of-sync DC works without error, however the receiving DC cannot initiate a sync via GUI in AD Sites and Services nor can it via repadmin /replicate.

Promoted another server in the remote site to DC and was able to successfully get it working, so WAN / VPN / DNS appears to be working as expected.

Is there a way I can force the sync From the main to the out-of-sync DC and get it to pick back up again?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jeff GloverSr. Systems Administrator

Commented:
Sounds like the remote DC may have some DNS configuration issues. How long has it been like this? As long as it has been less than 60 days, it should start working once issues have been resolved.
  I use portqryui.exe ( https://www.microsoft.com/en-us/download/details.aspx?id=24009  ) to check my connections.

  Last, make sure the time is correct.

Author

Commented:
Remote DC has the primary DC's IP as the DNS entry #1 and did have 127.0.0.1 as secondary, but I have since removed that to force DNS queries to go to the main DC.

Server is relatively new, installed on 1/4/19

Time is in sync.

It seems that any time I attempt to force a sync, it's like it doesn't know about the other part of AD, yet Netlogon / Sysvol and at least the initial copy of AD propagated, so something went wonky after the initial replication.
Jeff GloverSr. Systems Administrator

Commented:
So it has been bad for over a month? I would try to remove AD and then re-promote it. Since you didn't specify what version of Server, you may have to force remove and do a metadata cleanup after.
Thank you. I actually contacted Microsoft Support and Discovered the following, in the hopes it helps others:

DNS was fine, and AD was okay, the servers were technically out-of-sync because I had Site Links named properly, but when one of our sites split and moved out of the company's domain, the bridges went THROUGH that site, so almost all of the site links were severed. initial DC propagation worked because I would point them to the master DC for the domain / forest, but after a period of time, it was in essence 6 separate domains with little to no sync between 3 or 4 sites. the repairs corrected, reset the KCC and I have re-established the site links, and even setup some redundant links so that if this happens again, we have alternate pathways for replication.

Thanks so much for your assistance.
Jeff GloverSr. Systems Administrator

Commented:
The extra information may have helped but I am glad you got it fixed.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial