Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

AD replication issue.

Viewing 1 post (of 1 total)
  • Author

  • Krys

    I’ve new client with two DC’s.
    Old sbs2008 ( I know!)- FSMO holder and new S2016 server. Last Friday they problem to access data and issue with password. I was sure that this was related to dns issue. However, when I logon to both DC’s I’ve more serious issue.
    SBS server I not replicating with new DC ( S2016 ).
    I’ve found this log in SBS server
    “If a domain controller has not replicated with its partner for longer than a tombstone lifetime, it is possible that a lingering object problem exists Event ID 2042”
    As I found out. Once new server has been connected. They just switch off sbs without transferring FSMO and performing proper dc promo and they use 2016 to create AD object etc.

    At this moment I’ve two DC’s that are completely out of sync.
    FSMO ( sbs2008) holder that is completely out dated and new DC ( server 2016) that has all latest AD updates but is not FSMO role holder.
    I just wonder if you could advice that my plan is correct.
    I’m things about edit reg on SBS and Allow Replication With Divergent and Corrupt Partner.
    Is there anything that I should try before?
    Best Regards

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: