2k AD not replicated!

[MadGutts]

HELP !

I have an 2k domain controller which was upgraded from NT. so all profiles and emails were brought up to an AD. I then joined another clean built 2k server to the AD to enable more storage and some new programs to run.

This has been working fine until reciently when i noticed the DNS was not running correctly and various DNS errors appeared.

It turns out the AD does not replicate between the 2 servers. i cannot see any reason why, but it is now causing problems with joining new PC's to the network.

Has anyone come accross this before? or know why it would fail?

Since i cant replicate, i want to de-join the new server from the domain and hopefully the other server will continue to run correctly. The problem is... how do i demote the server by force, when it cant see the rest of the AD?

Thanks in advance ppl !

[tguy]

The root cause seems to be DNS. I'm surprised AD let you join another ADC to the domain without DNS working correctly. I would focus your efforts on insuring that DNS is setup correctly. There are tons of white papers from MS, try http://www.microsoft.com/dns, and on the NET explaining how to set DNS up correctly.

As for forcibly removing the server if it can't see AD, you could just down the server. Go to your ADC that is working and remove it from Users and Computers, and Sites and Services.

[MadGutts]

When the two servers were joined the DNS and all the pc's were working ok. the other server was promoted to join the AD which it did, but now some 8 months down the line, there are these replication errors....

I dont know what has caused it, but i need a solution.

I as far as i can see, a forced demotion is the only way... but will i loose anything?

[tguy]

A forced demotion may cause you to lose changes that were implemented from the DC that is having replication issues. Those changes may only be stored in the local database.

On a side note, just forcibly removing this DC from AD may not solve your problems. Replication happens between all domain controllers. If it is not replicating between the problem server and the first server you mentioned, how would you know if it is replicating to another DC?

Check your event logs for DNS, Directory Service, FRS errors and try and resolve. You could, should probably open a support case with MS as well. There are some sharp folks out there who work solving these problems all the time.

[MadGutts]

All the users and profiles are stored on the older server. The only thing that is on the new server is the main database and other odds.

If i demote it, then make it a member server, i will not loose any of the user profiles as this has not been updated since the original problem. All the users and accounts work on the older server and are updating.

My theory is this: I dont really need 2 servers running the domain. The older server is only running the network and the email, So that is fine. By demoting the new server, and then making it a member server, i will still have the user list, and full functionality of the network.

Since the Email server will be getting replaced, i may as well run it like that and see if it is stable. Then once i am happy with the servers, try again to move AD over. The AD was replicating for some time, but i cannot find what has caused it to stop.

At this point in time i need the system running smoothly, rather than "correctly" if you will. Once we are in the new year, i will sort it all out properly.

Is that a better idea? or am i missing something?

Thanks again...

[rion]

I find it more useful to troubleshoot with more information.

And i usualy use the following tool from microsoft.

http://download.microsoft.com/download/b/b...SRPT_DirSvc.EXE

to collect the info.

Check the logs from this one..