Error 8350 (0x209c) while removing Lingering Object through command.

EPSrookie 81 Reputation points
2022-08-11T02:18:31.27+00:00

My client's has over 10 sites , a few domains and many DCs,
From parent domain to one child domail the trust properties are not showing anything.
230266-picsart-08-11-074252.jpg
Somewhere found it could be due to replication issue, when checked found 8606 for lingering object.
DC abc is also giving this 1988 which is for lingering object, where the Server GUId and the object GUId is mentioned. Tried using the LOL tool for removing the lingering objects but that is not finding any.
I ran the showobjmeta command but this is giving the 8530 error where I stuck.
Can't find anything for this error 8350 (0x209c) .
230216-picsart-08-11-074220.jpg

If anyone has any idea please tell.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,173 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,900 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gary Reynolds 9,391 Reputation points
    2022-08-11T08:24:31.117+00:00

    Hi @EPSrookie

    The error you are getting from the repadmin is because you have entered the server and DN in the wrong format, I'm not sure which object you are trying to get the metadata for but this is the command to get the metadata for the domain controllers OU, w2k19 is the name of the DC.

    230347-image.png

    I would suggest that you run dcdiag /v /f on each domain controllers and resolve any errors.

    Also have a look at the Lingering Object Liquidator tool which might help you clean up your lingering objects.

    https://learn.microsoft.com/en-US/troubleshoot/windows-server/identity/lingering-object-liquidator-tool
    https://learn.microsoft.com/en-au/archive/blogs/askds/introducing-lingering-object-liquidator-v2

    Gary.