none
Old DC is still primary FILE REPLICATION SERVICE member

    Question

  • Hi,

    An old DC which was recently demoted running Server 2003 is still listed as the primary member of FRS when I run ntfrsutl ds.

    The server that replaced it is running 2008 R2 which seems to be working fine. 

    I'm trying to add an RODC to the domain which is going to live in our branch office but after running dcpromo a sysvol and netlogon is never created, in my search to try and fix this issue I ran into this FRS issue. Could this be what is causing my RODC issues?

    I found the old server in ASDI edit under CN=FileReplicationService, I didn't want to delete it because its listed as the primary member.

    I ran through the steps in KB article 216498 but the old-dc doesnt show up when you run list servers in site

    Any help on fixing the below issue would be appreciated. 

    SETTINGS: FILE REPLICATION SERVICE

       DN   : cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

       Guid : a02a87d5-c64c-4515-aedf5fd47fc211b5

       WhenCreated  : 9/19/2007 13:34:32 GMT Standard Time GMT Daylight Time [0]

       WhenChanged  : 8/13/2013 15:23:50 GMT Standard Time GMT Daylight Time [0]

       SET: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)

          DN   : cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

          Guid : 7ee172a2-5881-4047-b02dd3d58e241c3d

          Type          : 2

          Primary Member: CN= OLD-DC-2003,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=sub,DC=MyDomain,DC=com

          File Filter   : *.tmp, *.bak, ~*

          Dir  Filter   : (null)

          FRS Flags     : (null)

          WhenCreated  : 9/19/2007 13:41:33 GMT Standard Time GMT Daylight Time [0]

          WhenChanged  : 8/13/2013 15:25:0 GMT Standard Time GMT Daylight Time [0]

          MEMBER: RODC-BRANCH-DC

             DN   : cn=RODC-BRANCH-DC,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

             Guid : 54d7b52d-e302-473e-b1d198ed7aec507e

             Server Ref     : CN=NTDS Settings,CN=RODC-BRANCH-DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sub,DC=MyDomain,DC=com

             Computer Ref   : cn=RODC-BRANCH-DC,ou=domain controllers,dc=sub,dc=MyDomain,dc=com

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : 00000002 SUB\RODC-BRANCH-DC$

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : fffffff4 S-1-5-21-1292428093-1715567821-725345543-2119

             Computer's DNS : RODC-BRANCH-DC.sub.MyDomain.com

             WhenCreated  : 8/28/2013 16:46:2 GMT Standard Time GMT Daylight Time [0]

             WhenChanged  : 8/28/2013 16:46:2 GMT Standard Time GMT Daylight Time [0]

             CXTION: RODC CONNECTION (FRS)

                DN   : cn=rodc connection (frs),cn=ntds settings,cn=RODC-BRANCH-DC,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Guid : c7425dd2-24c9-414f-944b90e021adc8fc

                Partner Dn   : cn=ntds settings,cn=NEW-DC-2008,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Partner Rdn  : NTDS SETTINGS

                Enabled      : TRUE

                WhenCreated  : 8/28/2013 16:46:2 GMT Standard Time GMT Daylight Time [0]

                WhenChanged  : 8/28/2013 16:54:55 GMT Standard Time GMT Daylight Time [0]

                Options      : 0x00000041 [AutoGenCxtion 0x00000040 ]

                Schedule

                Day 1: 111111111111111111111111

                Day 2: 111111111111111111111111

                Day 3: 111111111111111111111111

                Day 4: 111111111111111111111111

                Day 5: 111111111111111111111111

                Day 6: 111111111111111111111111

                Day 7: 111111111111111111111111

          MEMBER: NEW-DC-2008

             DN   : cn=New-DC-2008,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

             Guid : 842f495a-da47-4d68-97c32022b7b75c4c

             Server Ref     : CN=NTDS Settings,CN=NEW-DC-2008,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sub,DC=MyDomain,DC=com

             Computer Ref   : cn=New-DC-2008,ou=domain controllers,dc=sub,dc=MyDomain,dc=com

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : 00000002 SUB\NEW-DC-2008$

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : fffffff4 S-1-5-21-1292428093-1715567821-725345543-1639

             Computer's DNS : NEW-DC-2008.sub.MyDomain.com

             WhenCreated  : 8/13/2013 15:37:23 GMT Standard Time GMT Daylight Time [0]

             WhenChanged  : 8/13/2013 15:37:23 GMT Standard Time GMT Daylight Time [0]

             CXTION: 733652D3-0393-4030-933F-6503AA104CA1

                DN   : cn=733652d3-0393-4030-933f-6503aa104ca1,cn=ntds settings,cn=New-DC-2008,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Guid : e30d8701-4ec5-4197-ac4e9b8dcbcd4408

                Partner Dn   : cn=ntds settings,cn=SECONDARY-DC-2003,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Partner Rdn  : NTDS SETTINGS

                Enabled      : TRUE

                WhenCreated  : 8/13/2013 15:42:10 GMT Standard Time GMT Daylight Time [0]

                WhenChanged  : 8/27/2013 10:53:8 GMT Standard Time GMT Daylight Time [0]

                Options      : 0x00000001 [AutoGenCxtion ]

                Schedule

                Day 1: 111111111111111111111111

                Day 2: 111111111111111111111111

                Day 3: 111111111111111111111111

                Day 4: 111111111111111111111111

                Day 5: 111111111111111111111111

                Day 6: 111111111111111111111111

                Day 7: 111111111111111111111111

          MEMBER: OLD-DC-2003

             DN   : cn=OLD-DC-2003,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

             Guid : f7fa620a-b514-4f56-afa3ec9a06d69fe7

             Server Ref     : (null)

             Computer Ref   : (null)

             WhenCreated  : 9/19/2007 13:41:33 GMT Standard Time GMT Daylight Time [0]

             WhenChanged  : 8/13/2013 15:25:0 GMT Standard Time GMT Daylight Time [0]

             WARN - OLD-DC-2003 lacks a settings reference

          MEMBER: SECONDARY-DC-2003

             DN   : cn=Secondary-DC-2003,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=sub,dc=MyDomain,dc=com

             Guid : b8b5ef68-7c8b-47ff-b880a30fe6167703

             Server Ref     : CN=NTDS Settings,CN=SECONDARY-DC-2003,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sub,DC=MyDomain,DC=com

             Computer Ref   : cn=Secondary-DC-2003,ou=domain controllers,dc=sub,dc=MyDomain,dc=com

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : 00000002 SUB\SECONDARY-DC-2003$

             Cracked Domain : sub.MyDomain.com

             Cracked Name   : fffffff4 S-1-5-21-1292428093-1715567821-725345543-1621

             Computer's DNS : SECONDARY-DC-2003.sub.MyDomain.com

             WhenCreated  : 3/21/2011 14:36:49 GMT Standard Time GMT Daylight Time [0]

             WhenChanged  : 8/13/2013 15:25:1 GMT Standard Time GMT Daylight Time [0]

             CXTION: F4197068-1754-49E3-8DBE-FF6E85A520E2

                DN   : cn=f4197068-1754-49e3-8dbe-ff6e85a520e2,cn=ntds settings,cn=Secondary-DC-2003,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Guid : c0ea21fa-1f01-41b7-80bf8ead91cfed38

                Partner Dn   : cn=ntds settings,cn=New-DC-2008,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=sub,dc=MyDomain,dc=com

                Partner Rdn  : NTDS SETTINGS

                Enabled      : TRUE

                WhenCreated  : 8/13/2013 15:27:16 GMT Standard Time GMT Daylight Time [0]

                WhenChanged  : 8/27/2013 10:4:14 GMT Standard Time GMT Daylight Time [0]

                Options      : 0x00000001 [AutoGenCxtion ]

                Schedule

                Day 1: 111111111111111111111111

                Day 2: 111111111111111111111111

                Day 3: 111111111111111111111111

                Day 4: 111111111111111111111111

                Day 5: 111111111111111111111111

                Day 6: 111111111111111111111111

                Day 7: 111111111111111111111111



    Thursday, August 29, 2013 9:51 AM

Answers

All replies

  • Hello,

    did you remove the old DC from AD sites and services, DNS zones and if it was DNS server also from the zone properties Name server tab also, after demoting and removing from AD UC?


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Thursday, August 29, 2013 10:02 AM
  • remove the old DC from AD sites and services - Yeah, just double checked and no references to it

    zone properties Name server tab - Yeah its been removed

    demoting and removing from AD UC - Yeah been done

    DNS zones - I thought so, but I just found a reference to it in ForesetDNSZones > _sites > Default-First-SN > _tcp

    Record was - Name=_ldap Type=SRV Data=OLD-DC-2003

    I cant find any other reference to it in the DNS.

    Is this what would be causing the problem?

    I just reran ntfrsutl ds and the output is still exactly the same


    • Edited by siu07 Thursday, August 29, 2013 10:20 AM
    Thursday, August 29, 2013 10:14 AM
  • Is this at all related?
    http://blogs.dirteam.com/blogs/paulbergson/archive/2013/06/24/clean-up-dcs-sysvol-frs-member-object.aspx

    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Twitter @pbbergs
    http://blogs.dirteam.com/blogs/paulbergson

    Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, August 29, 2013 12:07 PM
  • Yeah this looks similar, and I was just going to delete it using ADSIEdit but as it is listed as the Primary Member of the FRS I'm worried about the repercussions it may cause to my other DCs. 

    Suppose I need a way of making my new DC the Primary Member, then I can just delete the old DC using this method?

    Thursday, August 29, 2013 12:19 PM
  • I followed this, 

    www.windowsnetworking.com/kbase/WindowsTips/WindowsServer2008/AdminTips/Admin/HowToKnowThePrimaryMemberofASYSVOLReplicaSet.html

    Set the new DC as the primary and deleted the reference to the old server.

    Hope it was safe to do. Everything seems fine so far..

    • Marked as answer by siu07 Friday, August 30, 2013 8:24 AM
    Thursday, August 29, 2013 2:31 PM
  • You should be fine.  I doubt this will be what was causing your problem though.

    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Twitter @pbbergs
    http://blogs.dirteam.com/blogs/paulbergson

    Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, August 29, 2013 2:53 PM
  • I've totally started from scratch for the new RODC, got a better feel for what I'm doing now. I'll start a new thread if I run into more issues.

    Thanks for the help.

    Friday, August 30, 2013 8:23 AM