Active Directory Issues and Solutions
·
windows
ad
Table of Contents
DC Cannot Replicate>
DC Cannot Replicate #
- Problem: Target principal name incorrect during AD replication
- Solution (
Demote and Promote AD):
- Demote the DC at “Remove Roles and Features”
- Manually clean update the metadata:
- Remove the DC record at AD Users and Computers
- Remove the DC-related record at AD Sites and Services & in DNS
- Promote the DC back
- Result:
- Replication resumes, syncing with other DCs
- For “PRC server not operating” error, check DNS issues with dcdiag and try dns scavenging
PDC Gone, Operation Master Role not Transferred>
PDC Gone, Operation Master Role not Transferred #
- Solution: Forceful Takeover
- Use Move-ADDirectoryServerOperationMasterRole to move the Operation Master.
Removing an Orphaned Domain>
Removing an Orphaned Domain #
- Problem: Trusted domain removed without demoting DC, resulting in ghost domain/DC
- Solution:
- Use ntdsutil metadata cleanup for both domain controller and domain
- Delete domain controller with How to remove a domain controller that no longer exists? guide
- Delete domain with remove orphan domain guide