DFSR DC replication using wrong DC

Brass Contributor

We have a strange issue with a domain with 2 DC.

Originally the domain had 2 DC name it DC1 and DC2.

DC2 has been successfully demoted.and there was only DC1 remaining.

Now a new DC, DC3, has been installed and promoted.

All went fine but the initial synchronization of the SYSVOL fails.

The error states that it cannot reach the "old demoted" DC2.

We checked the AD and that DC is not present anymore.

There was still an entry in the AD Site and Services which we removed.

Any attempt to restart DFSR sync fails with the same error.

 

Is there a way to force DFSR on the new DC to make the initial Sync with the active DC ?

 

4 Replies
DC1 was your primary domain? and you move the FSMO roles from it to DC2 before you demote it?

@eliekarkafy 

The demoted DC was DC2, I don't know which was holding the FSMO roles at that time.

For sure they were moved successfully.

 

I found this article, sorry if it's in italian, that explain how to solve it 

https://www.dell.com/support/kbdoc/it-it/000202712/replica-sysvol-non-riuscita-sul-controller-di-dom...

 

Changing the parameter on the new DC "moved" the problem to the active DC that now reports that it has to replicate to the new DC.

We planned to perform an authorative syncronization on the former DC and a non-authorative sync on the new one 

thanks

 

you can run repadmin /syncall / AeDp on you primary DC to make sure that the replication is healthy with no errors.

for the link you shared, this is a fix if your SYSVOL and NETLOGON are not healthy on your new DC after promotion

Sounds like the demotion did not complete cleanly. You can perform cleanup to remove the remnants.    

Clean up Active Directory Domain Controller server metadata
Step-By-Step: Manually Removing A Domain Controller Server