gpedit.msc will not load, sysvol will not update, I am living in a cracked domain....

Discussion in 'Active Directory' started by Harry, Aug 24, 2005.

  1. Harry

    Harry Guest

    I demoted a single dc and in it's place put two dc's. I transferred roles
    but did not run 'gpprep'. Mea culpa. Now I cannot edit GPO's and 'ntfrsutl
    ds' indicates a cracked domain on both dc's. I am not recieving Event 13562
    in the FRS event log. The solution in Q312862 is to use ADSIEdit and copy
    the DN path of the NTDS settings Configuration container to the
    Server-Reference attribute of the nTRFS member. Okay, sounds easy, but there
    is already a reference to itself in each of the dc's. It is not a null
    reference. Not only that, you get an error indicating this attrib is owned
    by the System and you cannot change it, even if you are supposed to.

    I believe that the two dc's are still looking for <sysvol> on the demoted

    Excerpt from repladmin shows a connection to the old DC (RICK);

    DC object GUID: 28620fc9-d885-4039-bde9-d361045767c5
    Address: 28620fc9-d885-4039-bde9-d361045767c5._msdcs.GI.MUSC.EDU
    Last attempt @ 2005-06-27 12:09:31 was successful.
    MUSC-GI\RICK (deleted DSA) via RPC
    DC object GUID: 35fed016-0c6c-446a-b89c-23a4754209a1
    Address: 35fed016-0c6c-446a-b89c-23a4754209a1._msdcs.GI.MUSC.EDU
    Last attempt @ 2005-06-27 12:09:34 was successful.

    Excerpt from ntfrsutl:

    DN : cn=gastro,cn=domain system volume (sysvol share),cn=file replication
    Guid : 90822ae1-bf86-4d57-91e533468a8eea26
    Server Ref : CN=NTDS
    Computer Ref : cn=gastro,ou=domain controllers,dc=gi,dc=musc,dc=edu
    Cracked Domain : GI.MUSC.EDU
    Cracked Name : 00000002 GI\GASTRO$
    Cracked Domain : GI.MUSC.EDU
    Cracked Name : fffffff4 S-1-5-21-1957994488-2052111302-1801674531-1450
    Computer's DNS : gastro.GI.MUSC.EDU
    WhenCreated : 3/7/2005 13:51:41 Eastern Standard Time Eastern Daylight Time
    WhenChanged : 4/1/2005 10:31:13 Eastern Standard Time Eastern Daylight Time

    Any suggestions would be apprecated.
    Harry, Aug 24, 2005
    1. Advertisements

  2. Harry

    Harry Guest

    I have installed and run Sonar on this dc and discovered that the sysvol
    folder is not shared. Huh?
    Harry, Aug 24, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.