I'm having an issue performing adprep that I think has been caused by a failed DC.
The infrastructure master role had to be seized from a failed DC and the meta data was cleaned up.
When running adprep /rodcprep I get the following error:
Adprep found partition DC=DomainDnsZones,DC=####,DC=com, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=DomainDnsZones,DC=####,DC=com.
LDAP API ldap_search_s finished, return code is 0x0
Adprep could not contact a replica for partition DC=DomainDnsZones,DC=####,DC=com.
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=DomainDnsZones,DC=redingtonpartners,DC=com. Skipping to next partition.
I have run DCDiag and get the following error yet the permissions are set:
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=####,DC=com
Finally I have run "ldifde -f Infra_DomainDNSZones.ldf -d "CN=Infrastructure,DC=DomainDnsZones,DC=####,DC=com" -l fSMORoleOwner"
which returns the infrastructure master role still seems to be assigned to the domain controller that failed and had the role seized from it, checking in Active Directory Users and Computers the Infrastructure master role is not assigned to the DC that the ldifde query returns.
How can I update or remove the erroneous entry so the adprep /rodcprep command will complete successfully?