[whardman]

I created a backup domain controller and have made it the PDC but it doesn't have the SYSVOL and NETLOGON shares. Only the current BDC has these shares. I want to demote the BDC to a stand alone server. Will the PDC create these shares automatically or will I need to create them? If so, how?

Thanks.

 

[bilbus]

have you rebooted since the install? These are on both BDC/PDC NT4, and all 2000/2003 AD servers.

sounds like there is a replecation problem i would test it inside ADSAS

 

[whardman]

I definitely have a replication problem, but I don't know how to fix it.

Right now I have:
S1: BDC (no copy of AD)
S2: PDC

I want to make S1 the PDC. DCDIAG gives me two errors. The first one:

Starting test: Advertising
Warning: DsGetDcName returned information for \\s2.hardman.wesleyhardman.net, when we were trying to reach S1.
S1 is not responding or is not considered suitable.
......................... S1 failed test Advertising

This is obviously because S1 does not have a copy of the AD.

The other error is

Starting test: VerifyReferences
Some objects relating to the DC S1 have problems:
[1] Problem: Missing Expected Value
Base Object:
CN=S1 ,OU=Domain Controllers,DC=hardman,DC=wesleyhardman,DC=net
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862

[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN=S1 ,CN=Servers,CN=Hardman,CN=Sites,CN=Configuration,DC=hardman,DC=wesleyhardman,DC=net
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862

......................... S1 failed test VerifyReferences

Any idea as to what could be causing the problem? Any other tests that may help?

I could just wipe the AD and start over (there is not much configuration in it), but it would be easier (I think ???) to try to replicate it.

 

[whardman]

OK, AD appears to be replicating ok, but the group policys arn't replicated?

Although now I'm getting ...

NTDS (680) NTDSA: An attempt to read from the file "C:\WINDOWS\NTDS\ntds.dit" at offset 8306688 (0x00000000007ec000) for 8192 (0x00002000) bytes failed after 4 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup.

I think I may just redo the AD. I think it has had an error in it since I originally installed it.

 

[bilbus]

did you test replication in ADSAS?

 

[whardman]

ADSAS = AD sites and services (I'm a noob at this yet)

Yes, it says that it has replicated ok. Replmon says that everything has replicated ok, except that if I show Group Policy replication status nothing is replicated. If I ask to show GC servers it returns none.

Although now ntds.dit on S1 has errors in it. (as posted above) This is leading me to believe that it may be easier to recreate the AD then try to fix it. (There are only 3 users and I can copy the users to local accounts while I recreate the AD)

 

[whardman]

OK, I fixed the errors by reinstalling AD on S1 (S2 still has a copy). The AD is replicating ok, but its the GPO's that aren't replicating. I want to eventually remove S2 as a DC, but I'm afraid to do so until everything is replicated, and S1 is acting as a DC.

 

[bilbus]

sounds like a bad start .. is it a big deal just to start over?

is the dns on s1 and s2 correct? it should be the local server as primary, and the other dc as secondary

 

[whardman]

Hmmm, DNS is set to S1 as DNS Server (on both), would that cause a problem? I will change it and see if that makes a difference.

It is not a big deal to start over just easier to replicate it. If I don't have it solved by the end of the week I'll just start over.