Options
FRS Sysvol Replication Issue
crrussell3
Member Posts: 561
in Off-Topic
I have a question regarding a FRS Sysvol Replication issue I am working on:
I am having a difficult time determing how this originally happened, as my predecessor must have caused the issue, but here's the deal:
We have three DCs, two W2k3 R2 and one W2k8 domain controllers. One of the w2k3 dc's hasn't replicated Sysvol since 10/28/2009 (I started this job 1/4/2010). I discovered this issue when we started having Group Policy issues in the site where the problem DC is located.
I have debugged this issue using the following:
ntfrsutl
frsdiag
FRSdiag/ntfrsutl come up saying its missing serverReference and Computer Ref for the dc in question. So I drill down into adsiedit and discover the following:
Under CN=Domain System Volume (SYSVOL share) I find two references to DCs that no longer exist, and an even stranger issue with them. When I look at the properties for one of the non-existent DCs (ORCHARD2), it is mostly configured as ORCHARD, which is the current name of the DC. The ORCHARD sysvol setting is pretty much blanked out, with nothing configured.
So here are my questions:
1. Can I deleted the BDC object (this DC no longer exists at all) from the Domain System Volume (Sysvol share), and if so is there anything else I should look for to clean it up?
2. How should I handle the ORCHARD and ORCHARD2 duplication issue? Should I deleted ORCHARD and reconfigure ORCHARD2 as ORCHARD? Or deleted ORCHARD2 and finalize configuration for ORCHARD?
I have been referencing the following KB on Microsoft (Recovering missing FRS objects and FRS attributes in Active Directory) but of course they don't have any contingencies for duplication.
Thanks!
I am having a difficult time determing how this originally happened, as my predecessor must have caused the issue, but here's the deal:
We have three DCs, two W2k3 R2 and one W2k8 domain controllers. One of the w2k3 dc's hasn't replicated Sysvol since 10/28/2009 (I started this job 1/4/2010). I discovered this issue when we started having Group Policy issues in the site where the problem DC is located.
I have debugged this issue using the following:
ntfrsutl
frsdiag
FRSdiag/ntfrsutl come up saying its missing serverReference and Computer Ref for the dc in question. So I drill down into adsiedit and discover the following:
Under CN=Domain System Volume (SYSVOL share) I find two references to DCs that no longer exist, and an even stranger issue with them. When I look at the properties for one of the non-existent DCs (ORCHARD2), it is mostly configured as ORCHARD, which is the current name of the DC. The ORCHARD sysvol setting is pretty much blanked out, with nothing configured.
So here are my questions:
1. Can I deleted the BDC object (this DC no longer exists at all) from the Domain System Volume (Sysvol share), and if so is there anything else I should look for to clean it up?
2. How should I handle the ORCHARD and ORCHARD2 duplication issue? Should I deleted ORCHARD and reconfigure ORCHARD2 as ORCHARD? Or deleted ORCHARD2 and finalize configuration for ORCHARD?
I have been referencing the following KB on Microsoft (Recovering missing FRS objects and FRS attributes in Active Directory) but of course they don't have any contingencies for duplication.
Thanks!
MCTS: Windows Vista, Configuration
MCTS: Windows WS08 Active Directory, Configuration
MCTS: Windows WS08 Active Directory, Configuration
Comments
-
OptionsHeroPsycho Inactive Imported Users Posts: 1,940Use DCDiag first of all. I recommend:
dcdiag /c /v >dcdiag.log
Open that with notepad and search for "fail" and see what other nasties are in AD.
My recommendation is don't go in AD willy nilly and start deleting stuff with ADSIEdit. Clean metadata up using supported methods like ntdsutil if at all possible.
I would also demote the DC at this point having problems with FRS, ensure metadata is cleaned up, and then repromote it.Good luck to all! -
Optionscrrussell3 Member Posts: 561Ya I ran through dcdiag on the problematic dc along with the others to see what they were all saying. Don't remember exactly what came up, but there was one issue, but not frs related. Monday I will go back in and rerun dcdiag and drill down what the failure was, and run ntdsutil to clean up the other non-existent dc metadata.
We talked about demotion/repromotion, but in the end just decided to do what needed to be done. Currently that server holds w2k3 ad ds, dhcp, dns, file, and print services, so we are getting a new server to host only w2k8 ad ds, dns, dhcp. Then we will wipe the old server, and bring it back up on w2k8 as just a file and print server.MCTS: Windows Vista, Configuration
MCTS: Windows WS08 Active Directory, Configuration