On Fri, Oct 2, 2009 at 1:34 PM, Brian Desmond <[email protected]> wrote: > Hi- > > I'd expect this is a replication issue. You may want to create manual > connection objects temporarily and force replication.
Ah ha! I had also come to that conclusion, and that is what I am doing now. Actually, what I am doing is creating manual connections in my production domain. And then I will blow away the testing copies of the virtual DCs I made to test with, and re-create them from the virtual DCs all over again. They should then have the connections already defined, so that wehn I seize the roles, it should all just go smooth. See, this is good. It helps to point out weak areas in our AD config. And it helps to know that we can recover in a D/R scenario. I did it this way once, a couple years back, but that was on a single site/single domain configuration. Thanks everyone. I'll post more, when I can get back to it (probably Monday) > > Thanks, > Brian Desmond > [email protected] > > c - 312.731.3132 > > Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ > Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian > > > -----Original Message----- > From: Michael Leone [mailto:[email protected]] > Sent: Friday, October 02, 2009 12:00 PM > To: NT System Admin Issues > Subject: Re: Seizing roles in a parent/child domain > > On Fri, Oct 2, 2009 at 12:35 PM, Free, Bob <[email protected]> wrote: >> Hence the "if at all possible" in my query :-) > > Here's the problem I am getting now, tho ... > > The parent DC seized all the roles, and seems OK about it ... > > Server "admnrdc004" knows about 5 roles > Schema - CN=NTDS Settings,CN=ADMNRDC004 > Domain - CN=NTDS Settings,CN=ADMNRDC004 > PDC - CN=NTDS Settings,CN=ADMNRDC004 > RID - CN=NTDS Settings,CN=ADMNRDC004 > Infrastructure - CN=NTDS Settings,CN=ADMNRDC004 > > > The child is *not* happy, in the least .... > > Server "ADMNWDC003" knows about 5 roles > Schema - CN=NTDS Settings,CN=ADMNRDC001 > Domain - CN=NTDS Settings,CN=ADMNRDC001 > PDC - CN=NTDS Settings,CN=ADMNWDC003 > RID - CN=NTDS Settings,CN=ADMNWDC003 > Infrastructure - CN=NTDS Settings,CN=ADMNWDC003 > > So it still seems to want to talk to RDC001 in the parent domain, which > doesn't exist anymore. Seems like RDC004 didn't go and tell > WDC003 that it was seizing all roles. > > How to resolve this? I thought to initiate a replicate from RDC004, but it > doesn't know that WDC003 is an inbound neighbor, It does know that it is an > outbound neighbor, tho ... > > ==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============ > WilsonPark\ADMNWDC003 via RPC > objectGuid: 34a3f66b-148d-4336-bc47-9cf94b7edbff > > The child shows this, for "repadmin /showreps" (edited) > > WilsonPark\ADMNRDC004 via RPC > objectGuid: fce67ece-48f8-4ed5-8165-92887f332c23 > Last attempt @ 2009-10-02 12:49.03 failed, result 1908: > Could not find the domain controller for this domain. > Last success @ 2009-09-29 15:42.46. > 99 consecutive failure(s). > > > Now I am really confused .... can you shed any light? > > Thanks > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
