W2K? I Thought you were doing this on 2003. Sounds like a symptom of Replication Metadata Preservation. They *should* go away in 2 weeks.
http://blogs.dirteam.com/blogs/jorge/archive/2008/02/09/rpc-errors-and-w eird-repadmin-output-after-demotion.aspx http://technet.microsoft.com/en-us/library/cc772726(WS.10).aspx How Replication Metadata is Preserved in Windows Server 2003 The period of time during which the replication metadata of the NTDS Settings object is maintained after Active Directory is removed from the respective domain controller is determined by an attribute of the Directory Service object (cn=Directory Service,cn=Windows NT,cn=Services,cn=Configuration,dc=ForestRootDomainName). This attribute, replTopologyStayOfExecution, has a default value of 14 days and a maximum value of half the tombstone lifetime. -----Original Message----- From: Michael Leone [mailto:[email protected]] Sent: Wednesday, October 07, 2009 6:59 AM To: NT System Admin Issues Subject: Seeing "DEL:" in replication messages As some may remember, I am setting up a clone of my domain on a private virtual switch in VMware ESX. And so far, it *seems* to be going well. I have a Win2000 parent/child domain; I was able to seize all the applicable FSMO roles, and the servers know their roles (as shown by "dcdiag /v /test:knowsofroleholders", for both parent and child domains). I have removed all other DCs references, using a script I downloaded called "MetadataCleaner.VBS" and ADSIEDIT. I followed: "How to remove data in Active Directory after an unsuccessful domain controller demotion", <http://support.microsoft.com/kb/216498> And that all looks good - I see no references to the other DCs, using ADSIEDIT. But when I do a "repadmin /showreps" (to make sure the 2 remaining DCs are talking and replicating OK, I get this, on the parent domain: ==== INBOUND NEIGHBORS ====================================== CN=Schema,CN=Configuration,DC=mydomain-info WilsonPark\WDC001 DEL:31d1f718-0fd7-4ba1-9270-4fbacf9acbda (deleted DSA) via RPC objectGuid: 2b2388d7-e553-435c-b53f-a18a14474724 WDC001 (working, or child, DC #1) is one of the DCs that I did delete, from this testing version of my domain. And it does seem to know that I deleted it, from the message. And later, I do see: WilsonPark\WDC003 via RPC objectGuid: 34a3f66b-148d-4336-bc47-9cf94b7edbff Last attempt @ 2009-10-07 09:32.27 was successful. So that tells me that replication is happening to the child domain. Also, "replmon" shows only successful replications. So: should I be worried about the fact that I still see all the deleted servers in the "INBOUND NEIGHBORS" list? The "OUTBOUND NEIGHBORS" list is clean, and shows only the 1 proper DC. Or is there something more I should be doing ? Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
