Pages

Tuesday, March 29, 2005

Reviving a DC

Boy, that was fun... NOT!

I had a DC that was offline for just one day and when it came back up it was super not happy.
I kept getting event id 1388 entries that had the following:
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1388
Date: 3/29/2005
Time: 9:04:21 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer:
Description:
Another domain controller (DC) has attempted to replicate into this DC an object which is not present in the local Active Directory database. The object may have been deleted and already garbage collected (a tombstone lifetime or more has past since the object was deleted) on this DC. The attribute set included in the update request is not sufficient to create the object. The object will be re-requested with a full attribute set and re-created on this DC.


Source DC (Transport-specific network address):
664ac474-d7cf-440f-a410-45c236f7bf5e._msdcs.ROOT.COM
Object:
DC=236.23.112\0ACNF:a39a2943-1908-458d-ab93-c32f0fb56811,DC=10.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=ROOT,DC=com
Object GUID:
a39a2943-1908-458d-ab93-c32f0fb56811
Directory partition:
DC=ROOT,DC=com
Destination highest property USN:
4776482
User Action:
Verify the continued desire for the existence of this object. To discontinue re-creation of future similar objects, the following registry key should be created.

Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Strict Replication Consistency


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Well, I didn't want to do any registry entries so.... After some good googlin', the MS Premier site didn't help at first. I found this entry:
http://support.microsoft.com/default.aspx?scid=kb;en-us;870695

Outdated Active Directory objects generate event ID 1988 in Windows Server 2003
Article ID : 870695
Last Review : November 16, 2004
Revision : 1.0
On this page
SYMPTOMS
CAUSE
RESOLUTION
MORE INFORMATION

SYMPTOMS
On your Microsoft Windows Server 2003-based domain controller, the following Error event is logged in the Directory Service event log:Type: Error
Source: NTDS Replication
Category: Replication
Event ID: 1988
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: Computer_name
Description:
The local domain controller has attempted to replicate the following object from the following source domain controller. This object is not present on the local domain controller because it may have been deleted and already garbage collected.

Source domain controller:
GUID-based_domain_controller_FQDN
Object:
object_distinguished_name
Object GUID:
object_GUID

Replication will not continue with the source domain controller until the situation has been resolved.
---
Now, I was seeing 1388 entries and the KB shows 1988... Everything else looked the same so I chalked it up to typo and continued.

So, running

repadmin /showrepl goodserver
SITE\Goodserver
DC Options: (none)
Site Options: (none)
DC object GUID: 664ac474-d7cf-440f-a410-45c236f7bf5e
DC invocationID: 69cdaf5b-4957-4a11-b2ea-0e10630acb13


repadmin /removelingeringobjects badserver 664ac47
4-d7cf-440f-a410-45c236f7bf5e dc=ROOT,DC=com
RemoveLingeringObjects sucessfull on badserver.

repadmin /removelingeringobjects badserver 664ac47
4-d7cf-440f-a410-45c236f7bf5e cn=Configuration,dc=ROOT,dc=com
RemoveLingeringObjects sucessfull on badserver.

repadmin /removelingeringobjects badserver 664ac47
4-d7cf-440f-a410-45c236f7bf5e cn=schema,cn=configuration,dc=ROOT,dc=com
RemoveLingeringObjects sucessfull on badserver.

repadmin /removelingeringobjects badserver 664ac47
4-d7cf-440f-a410-45c236f7bf5e dc=domaindnszones,dc=ROOT,dc=com
RemoveLingeringObjects sucessfull on badserver.

repadmin /removelingeringobjects badserver 664ac47
4-d7cf-440f-a410-45c236f7bf5e dc=forestdnszones,dc=ROT,dc=com
RemoveLingeringObjects sucessfull on badserver.


After all that.... KCC is starting to repair itself. Whew, I don't want to do that again... Names have changed to protect the innocent.