Right now, DC2 in this site has already exceeded tombstone life time and the computer password has been inconsistent between them(RPC service unavailable), the correct action plan right now is demote DC2 and promote it back.
Clear lingering object won’t help because the DC password has been inconsistent.
Here is the steps:
====
1. Forcefully demote DC2.
Gracefully demotion is not possible because RPC connection is broken.
Domain controllers do not demote gracefully when you use the Active Directory Installation Wizard to force demotion in Windows Server 2003 and in Windows 2000 Server
http://support.microsoft.com/kb/332199
Simply speaking, run “dcpromo /forceremoval”
2. Clean up meta data for this dc.
How to remove data in Active Directory after an unsuccessful domain controller demotion
http://support.microsoft.com/kb/216498
3. Wait for AD replication and ensure the cleanup replicated to all other DCs.
4. Promote DC2 again.
After demote and promote, The next action we should take is check the DC1. Verify if DC1 is working healthy and other DC can build RPC connection with it correct.
You can run repadmin /showrepl on DCs in HQ site and DC2(after promotion finished) to check it. If everything OK, the issue was resolved.
Otherwise, send me MPS report of DC1.
a. Please download MPS Reporting Tool from the following link:
(http://www.microsoft.com/downloads/details.aspx?FamilyID=00ad0eac-720f-4441-9ef6-ea9f657b5c2f&DisplayLang=en)
b. Right click MPSRPT_PFE.EXE and select Run as Administrator to run this tool, and you will see a Command Window start up.c. Please type Y with the message of
No comments:
Post a Comment