DCDIAG and the Not-N'sync Home Server

  • Article

A customer called in with questions about the following error she received in Dcdiag:

I ran DCDIAG /V /E /C and found these errors at the end of it:

Starting test: Intersite
Doing intersite inbound replication test on site Contoso-HQ-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Development-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Tecnogen-CE:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site Contoso-Biosint-LT:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>
Doing intersite inbound replication test on site
Contoso-Financial-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
*** ERROR: The home server SRVDC02 is not in sync with
CN=NTDS Settings unable to proceed. Suggest you run:
dcdiag
/s:CN=NTDS Settings <options>

          Doing intersite inbound replication test on site Contoso-CHI:
Locating & Contacting Intersite Topology Generator (ISTG) ...
The ISTG for site SigmaTau-CHI is: ADSRVDC02.
Checking for down bridgeheads ...
Bridghead Contoso-Research-NYSVRBFPDC02 is up and replicating fine.
Bridghead Contoso-CHIADSRVDC02 is up and replicating fine.
Doing in depth site analysis ...
All expected sites and bridgeheads are replicating into site
Contoso-CHI.
......................... Contoso.Local failed test Intersite

I would like to eliminate the errors and confirm that AD is working fine.

Customer had demoted and then rapidly promoted again the DC02 server.

When you demote a DC the NTDS connection objects for it aren’t removed immediately, it can in some cases take up to 14 days for them to be removed automatically.

The tell-tale sign of this being the problem in this case is the DEL+GUID part of the output – this is simply an old NTDS connection object related to the demoted DC that still hasn’t been removed by the KCC and is expected behavior after demoting a DC.