Change FSMO and replication

active-directorydomain-controller

I have the following infrastructure:

DC1 as main domain controller
DC2 as a replicated domain controller from DC1 in another office, connected through VPN

Everything was working OK, but a few days ago I changed the FSMO from DC1 to DC3 in the same office. When I check DC2 with

netdom query /domain:MyDomain fsmo

the result values are still DC1

How can I change this from DC1 to DC3?

I followed these steps to change the FSMO: http://support.microsoft.com/kb/255690/en-us

The output of netdom:

Schema master               DCUCACSA.ucacsa.org  <-- DC1 = DCUCACSA
Domain naming master        DCUCACSA.ucacsa.org
PDC                         DCUCACSA.ucacsa.org
RID pool manager            DCUCACSA.ucacsa.org
Infrastructure master       DCUCACSA.ucacsa.org
The command completed successfully.

The output of repadmin:

Replication Summary Start Time: 2014-06-11 09:23:34

Beginning data collection for replication summary, this may take awhile:
  ......

Source DSA          largest delta    fails/total %%   error
 DCNCG                     05m:14s    0 /   5    0  
 DCUCACSA                  35m:21s    0 /   5    0  

Destination DSA     largest delta    fails/total %%   error

 UCACSA-DOMINIO            35m:28s    0 /  10    0  

Note: DC1 = DCUCACSA, DC2 = DCNCG, DC3 = UCACSA-DOMINIO



Experienced the following operational errors trying to retrieve replication information:

        8341 - DCUCACSA.ucacsa.org

Best Answer

You probably want to run ntdsutil for this as it's nice and step by step and you can verify as you go.

Microsoft NTDSUTIL docs

Follow the instructions to transfer, not to seize.

Strongly suggest you back up your AD (ie, system state on both DC's) before doing this :-)

-- But!

If your actual problem is that DC1 says one thing, and DC2 says a different thing, then you most likely have an entirely different problem. For this you better say what version of Windows on each DC etc.

Without further knowledge on what you're running you could have a replication issue or a DNS issue. Make sure DC2 is using DC1 as it's DNS server during migration. Also make sure you don't have NTFRS Journal Wrap errors in your event log. If Windows 2003 this is quite common and you'll possibly have to do a burflags D4 restore. But you must make a backup of your SYSVOL share on both servers in case you get it wrong.

Microsoft Burflags docs re replication

Related Topic