Hi!
I have a metadata problem that I need help with. This is confusing to read, so I will try to add as much as possible without getting too confusing.
My domain had six 2012R2 DCs (DC1, DC2, DC3, DC4, DC5 and DC6) and four 2012R2 RODCs (ROa1, ROa2, ROb1 and ROb2). I added six 2016 DCs to the enterprise (DC161, DC162, DC163, DC164, DC165 and DC166). There was a problem with the six 2016 DCs (DC161-6) where they wouldn't replicate properly. This was due to them residing in an OU in which a lot of policies were applied. These weren't reversed prior to promotion which is why the replication issues. To fix this, I created six additional 2016 servers (DCNew161-6) where no policies, other than the default domain policies, were applied.
Before promoting DCNew161-6 to DCs, I demoted the misbehaving DC161-6. One of the "bad" 2016s (DC165) is still listed on the 2012R2 DCs when doing a "repadmin /replsummary." This was a week ago and DC165 is still listed on DC1-6. The RODCs in site "a" (ROa1 and 2) are still seeing all the previously demoted DCs, DC161-6. The ROb1 and 2 in site "b" mimic DC1-6 and list only DC165.
When I use NTDSUtil to clean up the metadata (Connections (bind to the domain, site and the bad DC) then Remove Selected Server), I get the following error (on all RODCs and writeable):
"DsRemoveDsServerW error 0x57(The parameter is incorrect.)"
I read that there is a different way of trying to try and remove the target server. I then followed that and ran the following on ROa1 and 2 seeing all six demoted 2016s:
--------------
C:\Windows\system32>ntdsutil
ntdsutil: metadata cleanup
metadata cleanup: remove selected server "CN=server,OU=Domain Controllers,DC=domain,DC=local"
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x20(32 (No Such Object).
Ldap extended error message is 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=server,OU=Domain Controllers,DC=domain,DC=local'
Win32 error returned is 0x208d(Directory object not found.)
)
Unable to determine the domain hosted by the Active Directory Domain Controller (5). Please use the connection menu to specify it.
--------------
Also, in ADSI Edit on the local machine of ROa1 and ROa2, in the Domain Controllers OU, it lists DC1-6, DC161-6 and two of the new/good 2016 DCs (DCNew161 and DCNew162), but not DCNew3-6.
Does anyone know how I can clean up the metadata on the RODC's and the 2012R2 DC's? The RODC's won't replicate changes because of this issue.
::- T.I.A. -::