DCDIAG and the Not-N'sync Home Server

  • [アーティクル]

A customer called in with questions about the following error she received in Dcdiag:

I ran DCDIAG /V /E /C and found these errors at the end of it:

Starting test: Intersite
Doing intersite inbound replication test on site Contoso-HQ-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Development-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Tecnogen-CE:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Biosint-LT:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site
Contoso-Financial-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>

          Doing intersite inbound replication test on site Contoso-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
The ISTG for site SigmaTau-CHI is: ADSRVDC02.
Checking for down bridgeheads ...
Bridghead Contoso-Research-NYSVRBFPDC02 is up and replicating fine.
Bridghead Contoso-CHIADSRVDC02 is up and replicating fine.
Doing in depth site analysis ...
All expected sites and bridgeheads are replicating into site
Contoso-CHI.
......................... Contoso.Local failed test Intersite

I would like to eliminate the errors and confirm that AD is working fine.

Customer had demoted and then rapidly promoted again the DC02 server.

When you demote a DC the NTDS connection objects for it aren’t removed immediately, it can in some cases take up to 14 days for them to be removed automatically.

The tell-tale sign of this being the problem in this case is the DEL+GUID part of the output – this is simply an old NTDS connection object related to the demoted DC that still hasn’t been removed by the KCC and is expected behavior after demoting a DC.

Comments

  • Anonymous
    January 01, 2003
    You can either locate it using ADSIEdit.msc and delete it manually or wait for the KCC to delete it. I.e. this is a cosmetic issue and is expected behaviour after demoting a DC. The KCC typically cleans this itself out when it performs garbage collection - garbage collection may however be delayed on a DC if it is busy with other things.

  • Anonymous
    October 12, 2011
    OK, how do you remove that object?