hello
i have been battling with this issue now for weeks, and i have exhausted all documentation i can find on the web, so time to ask the question.
many moons ago we had a sub domain:" unit12.isenterprisesintl.dom", which was in use for only a short amount of time
the domain controller on this sub domain was removed from the network and disposed off before it was demoted
back then all servers ran 2003, since then the controller in the parent domain has been upgraded to server 2008 and a 2nd 2008 domain controller added, functional level has been changed on them both
but i am having issues with the 2nd domain controller and i have traced these back to this old defunct child domain, the 2nd DC is getting the following error constantly, it is also struggling to promote itself to a global catalog, after a bit of research, it appears this broken child domain is most likely the cause:
The attempt to establish a replication link to a read-only directory partition with the following parameters failed.
Directory partition:
DC=unit12,DC=isenterprisesintl,DC=dom
Source domain controller:
CN=NTDS Settings,CN=SERVER01,CN=Servers,CN=ISE,CN=Sites,CN=Configuration,DC=isenterprisesintl,DC=dom
Source domain controller address:
1e40a9dc-7af5-4331-a637-ac06b542f13c._msdcs.isenterprisesintl.dom
Intersite transport (if any):
Additional Data
Error value:
8464 Synchronization attempt failed because the destination DC is currently waiting to synchronize new partial attributes from source. This condition is normal if a recent schema change modified the partial attribute set. The destination partial attribute set is not a subset of source partial attribute set.
but i am struggling to remove this child domain
i first attempted to use ADSI edit, but the child domain does not display anywhere within this except if "right click, select properties on the parent domain, it shows as a value in "subref " but the option to remove it is greyed out.
i can see the sub domain within "active directory domains and trusts", but i cannot remove from there
so next tried removing using ntdsutil as directed by KB ARTICLE B230306
when i get to the stage to "remove selected domain" i receive the error:
the directory service can perform the requested operation only on a leaf object
ok so the domain must still contain some objects, so used KB ARTICLE 216498 to remove the domain controllers
i can see within the child domain there are 2 sites
ones of these sites contains nothing, i cannot find any documentation on deleting sites using ntdsutil?
the others contains my 2 current domain controllers (which i find slightly strange as one of these didnt even exist when the old child domain was in use?)
but any attempts to remove these using ntdsutil gives me the error
dsremovedsserverw error 0x5 (access is denied)
i have used the set creds command to ensure i am using enterprises admin account
i have also heard mention of a check box that can be checked to prevent accidental deletion, but there are no objects in "sites and services" to have a checkbox!
so basically at every step of the way i get confronted with a new error and no nearer resolving
am not really sure what else to try? i am hoping someone can help
thanks