This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have 2 DC, one onpremDC, one hostedDC. There was some previous work where an RDS server was made a DC and FSMO moved to it, then the hostedDC was made the DC & FSMO moved to it, then AD removed from the RDS server. However, the onpremDC still sees the RDSserver as holding all the FSMO (even though it is no longer an AD server). Each DC was only pointing to itself for DNS, so I fixed that, however "netdom query fsmo" from onpremDC still shows the RDSserver (that doesn't exist as an AD server now) as the holder. HostedDC shows itself as fsmo holder (which it should be). Obviously AD/dns/replication issues abound. Onprem will be going away soon anyways, so I was wondering should I put more time in trying to fix onpremDC (thought was it wouldn't take long to fix it, then it could be cleanly decommissioned)? I am not 100% sure AD is perfectly healthy with cloudDC (all clients are only pointing to cloudDC currently & "seem" to be working), otherwise, I would be tempted to just decom onpremDC and run through any metadata/cleanup needed to purge any reference to onpremDC & if there are any leftovers of RDS-DC. Eventually, I'll add a second hostedDC for the environment, but that is not currently scheduled. If I should fix onpremDC first, how do I tell it to pull the correct server as the fsmo role holder, assuming that is the big issue that needs to be fixed first? All server 2016.
Please run;
Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\dc3.txt
then put unzipped text files up on OneDrive and share a link.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Some info, working to onedrive upload the rest
This is the status after using ntdsutil to metadata cleanup the RDSdc server which is no longer a DC
"netdom query fsmo"
onpremDC:
netdom query fsmo
Schema master *** Warning: role owner is a deleted DC: CN=NTDS Settings\0ADEL:guid1,CN=RDSdc
Domain naming master onpremDC.addomain.tld ***** Before this pointed to the RDSdc, it was not pointing to itself
PDC ** Warning: role owner is a deleted DC: 0ADEL:guid1,CN=RDSdc
RID pool manager Warning: role owner is a deleted DC: 0ADEL:guid1,CN=RDSdc
Infrastructure master * Warning: role owner is a deleted DC: 0ADEL:guid1,CN=RDSdc
hostedDC:
netdom query fsmo
Schema master hostedDC.addomain.tld
Domain naming master onpremDC.addomain.tld * Before this pointed to hostedDC, not onpremDC *
PDC hostedDC.addomain.tld
RID pool manager hostedDC.addomain.tld
Infrastructure master hostedDC.addomain.tld
"nltest /dclist:addomain"
onpremDC - only sees itself
nltest /dclist:addomain
Get list of DCs in domain 'addomain' from '\onpremDC'.
onpremDC.addomain.tld [DS] Site: Default-First-Site-Name
hostedDC - sees both DC
nltest /dclist:addomain
Get list of DCs in domain 'addomain' from '\hostedDC'.
onpremDC.addomain.tld [DS] Site: Default-First-Site-Name
hostedDC.addomain.tld [PDC] [DS] Site: Default-First-Site-Name
Please put up the requested files;
Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\dc3.txt
then put unzipped text files up on OneDrive and share a link.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hello,
Thank you for your question.
I would like to suggest you to check below Troubleshooting steps.
If netdom query still FSMP roles holing to RDS server then it could be due to Replication is not being completed or its still pending.
I would suggest you to download Active Directory Replication Status Tool and Fix replication issues before removing old RDSserver .
https://www.microsoft.com/en-in/download/details.aspx?id=30005
Please also disable any firewall or Antivirus program which may blocking to get AD synced between DCs.
If the reply was helpful, please don’t forget to upvote or accept as answer.