No announcement yet.

New DC not replicating from old DC & Exchange not working [Was: HELP!! My Domain Died

  • Filter
  • Time
  • Show
Clear All
new posts

  • New DC not replicating from old DC & Exchange not working [Was: HELP!! My Domain Died

    OK, I'm in serious need of help here and freaking out!!

    My current setup which I inherited 5 months ago on a new job is 1 DC with Exchange installed (not SBS either) all FSMO roles on that box.

    I recently purchased 3 new servers, 2 for DCs and 1 for Exchange. I have installed Exchange 2003 on the new server and have been moving mailboxes over and its been going great, but I had 30 large mailboxes (4g+) which i was planning on doing over the weekend.

    Well, I noticed that even though I had promoted the 2 new servers as DCs, that they didn't have SYSVOL shares and the original DC1 was not replicating them. I tracked it down using DCDIAG to an old server which was never removed properly, so I followed this kb216498 and removed it all all looked good. I then couldn't get SYSVOL to replicate so after some digging I did this kb925633

    But as soon as I did that it said my DC1 which had Exchange on was no longer a GC and all hell broke loose! Exchange died then all AD functions died!

    After about an hour of looking around I moved tried transfering all the FSMO roles to the new DC2 server, and this worked but AD still wont work.

    Now I'm getting tons of errors saying my domain isn't available, it can't find FSMO roles. One minute I do netdom query fsmo and I get The specified domain either does not exist or could not be contacted and the next minute all looks fine and shows correct.

    If I run DCDIAG it can't find netlogons, sysvol, All GC's are down!


  • #2
    Re: HELP!! My Domain Died!!

    you need to make one of the new servers a GC.

    If you can't do this in it's current state, you may need to consider an authoritative restore of AD
    Please do show your appreciation to those who assist you by leaving Rep Point


    • #3
      Re: HELP!! My Domain Died!!

      Did you make any backups before attempting this? Also the thread Title is totally unhelpful. I will try and change it to something more descriptive and no more HELP words. That is what you are here for, we don't need to be told.

      Exchange died then all AD functions died!
      What do you mean that all AD functions died? You are going to have to STOP freaking out and let us know in plain English what is and what is not working and exactly what you have done when trying to resolve this issue. Type it up in a Word document then Copy & Paste it in here. If I have a long post I find that is easier than trying to type it in the small windows here and be constantly scrolling up and down.

      Have you moved all the mailboxes off the old Exchange Server?

      When you installed the new Server(s) and ran DCPROMO, did you get Replication from the old AD/Exchange Server? Were you moving the mailboxes to the new Exchange Server even though you didn't have any AD Replication?

      Did you do a SystemState backup before trying the Metadata cleanup? If you did, then Restore SystemState and then figure out what was messed up.

      and this worked but AD still wont work
      What in AD won't work? We can't guess; you need to tell us. Post Event Viewer errors, Id and description.

      Try DCDIAG /fix -

      and NETDIAG /fix -

      Did any user accounts replicate to the new DC, DC2?
      At present this looks like a DNS problem but let's not move the thread to DNS until this can be confirmed as it may be better in the AD Forum.

      Fix one item at a time and not try to do all at once otherwise you will get nowhere except deeper in the doo doo.
      1 1 was a racehorse.
      2 2 was 1 2.
      1 1 1 1 race 1 day,
      2 2 1 1 2


      • #4
        Re: New DC not replicating from old DC & Exchange not working [Was: HELP!! My Domain

        Right, sorry guys. My freakout is over and the problem is fixed.

        What happened was this.

        I inherited a domain with 2 DCs, 1 which didn't have any replication working, and main DC had Exchange installed locally, all on the system volume on a single drive with no raid and no backups!! First thing I did was get backups working etc and tried to get replication working, but had no succses.

        Anyway, last month I managed to conivce the boss they needed some decent kit so I ordered 3 new servers (2x for DCs and fileshares, and 1x for Exchange).

        I built all the servers up, installed Exchange and had migrated everything accross, mailboxes, public folder, routing groups, address book, RUS, OWA, RPC over HTTP, and all was hunky dory. I then got all user data and shares replicated to the new DC and everything pointing there fine. I had DCPROMO'd the 2 new DC servers and they were showing up as DCs but still no replication.

        When I ran DCDIAG I noticed that the replication was trying to find 3 other servers (SUPERDC, MEGADC, POWERDC) I kid you not those were the names, which the previous IT bod must have tried years ago as they no long existed. After a full backup the night before I followed a technet article to remove these rouge DCS and all went fine, they were no longer being looked for and replication now was just looking for the new DCs.

        So, I followed another technet article to do with repairing SYSVOL replication which got me to stop the replication service, set the registry flag for ntfrs to D2 and then start it up. BANG!! When the service restarted it said the DC would no longer be a Global Catalog, which because the server had the original exchange on still, totally killed AD. The SYSVOL share vanished, so did NETLOGON and then when I tried doing netdom query fsmo nothing would show up.

        I left it for 15mins or so in hope it would come back but it didn't, so I tried moving the FSMO roles to the new DC and this worked, but still no domain. I then tried moving them back to the original DC in the hope this would cure it but they all failed and then I couldnt' see them anywhere!

        Queue PANIC! I did some reading up quick, and eventually rebooted all the servers. Once up I managed to move all the FSMO roles back to the original DC, then found KB315457 which got me to disabled the replication service on all the DCs, make sure the file structure was in place on all of them, then start replication on the main DC with the D4 flag so it would contain the authoritative copy of the SYSVOL tree. This brought back the SYSVOL and NETLOGON shares and everything sprung to life!!!

        I didn't restart the replication on the other servers yet as I didn't want to screw it up again, so what I'm going to do now is make sure EVERYTHING possible is off this DC, double and triple check, and then one weekend or evening will try enabling replication on the other servers and hopefully SYSVOL will replicate OK then.

        What a nightmare and sorry to panic.

        I've done this work before and never had a problem, but think it got in the problem because Exchange was on the original DC and if you move the GC, which the replication restart did, it broke AD then. I could throttle the original IT bod here if I ever found then!

        Anyway, all sorted for now so I'm leaving it be.

        Thanks all and sorry to panic.