Domain controller was setup, then taken offline for longer than the tombstone limit. Now I can't get it to replicate again with DC2. please, any solution to replicate back
Domain controller was setup, then taken offline for longer than the tombstone limit. Now I can't get it to replicate again with DC2. please, any solution to replicate back
If a domain controller has tombstoned then the solution is to seize roles (if necessary) to a healthy one.
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/transfer-or-seize-fsmo-roles-in-ad-ds
then perform cleanup to remove remnants
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564
then rebuild the failed one. I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hello,
Thank you for your question.
If the tombstone limit already passed then it may not Sync with AD properly and its better to decommission and promote new one with new name and ip or you have to use meta cleanup for AD objects.
Please also consider to download Active Directory Replication Status Tool and see how How is the health of AD now.
https://www.microsoft.com/en-in/download/details.aspx?id=30005
If the reply was helpful, please don’t forget to upvote or accept as answer.
9 people are following this question.