(2014-07-29) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 3)
Posted by Jorge on 2014-07-29
PART 2 is here.
WARNING/DISCLAIMER: I provide this information on a FYI basis. Be very very very careful in actually doing these steps on your production systems as it may brake or destroy your AD domain or AD forest. You are fully responsible for any steps you use from this blog post. If you do not understand what you are doing, either hire someone who does, or call Microsoft for support!
To make the rest of the AD forest aware about ‘C1FSRWDC1.CHILD.ADCORP.LAB’ I chose one of the RWDCs in the forest root AD domain and undeleted the Server object and the NTDS Settings object that belonged to ‘C1FSRWDC1.CHILD.ADCORP.LAB’. Be aware though that both objects are deleted objects, but they cannot be found in the deleted objects container in the configuration partition. You will be able to find those objects in their original location. The reason for that is that both objects are configured with the systemFlag ‘DISALLOW_MOVE_ON_DELETE’. To be able to see the deleted objects and undelete them you need to enable the ‘SHOW_DELETED’ LDAP control. In this case the Recycle Bin is not enabled, therefore not every attribute can be restore. However, the previous authoritative restore will take care of that!
REMARK: If you see multiple deleted Server Objects and multiple deleted NTDS Settings Objects for the RWDC you want to undelete objects, how do you know which one to undelete? Correct, get the objectGUID for the Server object and NTDS Settings object on the RWDC ‘C1FSRWDC1.CHILD.ADCORP.LAB’, and then on the other RWDC undelete the corresponding Server object and NTDS Settings object with the same objectGUID. DO NOT just undelete any object as you might end up with multiple live objects, and then you have other issues to resolve!
First undelete the Server object through LDP.
Figure 1: Undeleting The Server Object Of ‘C1FSRWDC1.CHILD.ADCORP.LAB’ On Another RWDC
Then undelete the NTDS Settings object through LDP.
Figure 2: Undeleting The NTDS Settings Object Of ‘C1FSRWDC1.CHILD.ADCORP.LAB’ On Another RWDC
PART 4 continues here.
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
This entry was posted on 2014-07-29 at 23:00 and is filed under Active Directory Domain Services (ADDS), KCC, Metadata Cleanup, Object Deletion/Restore, Promotion/Demotion, Replication, SYSVOL. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.