Fixing Active Directory Replication/FSMO Transfer issues

For several weeks, we’ve had some odd behavior at our internal network here at Paradigm. In typical shoemaker fashion, I have not looked at this issue because we’ve been busy taking care of client issues instead, but I finally decided I’d had enough and today was the day.

One of our domain controllers has been acting up. It would fail to process logons sometimes, not give us the right logon scripts, fail to allow joining to a domain, not deploy software, etc. – very annoying.

Since the first controller was acting up, I decided I would simply strip all of its functions and transfer them to the second one, which was fine, except that it was down to 200MB of free disk space and, as a result, still didn’t have Service Pack 2 installed. (Are you starting to see why I was putting this off?) A new virtual disk and a quick application of partedmagic fixed this issue, so I was able to resume working on the actual problem.

I followed the standard procedure to trasfer the FSMO roles from Microsoft, and everything went well until I tried to transfer the RID Operations Master role. This failed because the current RID master could not be found!

Fortunately, a little Googling revealed this article, which suspected the issue was related to the AD replicas being out of sync – something I had personally observed. I followed the steps and within moments, the AD replicas were again in sync and I was able to transfer all roles from the old server to the new.

Leave a Reply