让我先说这个,说我不是广告pipe理员,我们的广告专家是度假的 – 完美的时机 – 所以请原谅我的无知。
我有一个主域控制器ADServer (具有FSMOangular色),这是双向复制到辅助域控制器TWDC 。 domain / dhcp / dns在两台服务器上都被丢弃了,唯一有效的还原点就是备用控制器(大约20天后)。 我试图在还原的服务器上执行DSRM授权还原,但无法连接到主服务器上的域服务。 我有networking启动并运行在二级域控制器上,但是,主要看起来很漂亮的垃圾netlogon服务将无法启动日志中有多个错误: DFS namespace service could not initialize the trusted domain controller , The procession of Group Policy failed , Active Directory Web Services could not change its advertising state , This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it , The DFS Replication service encountered an error communicating with partner TWDC for replication group Domain System Volume Active Directory Domain Services was unable to establish a connection with the global catalog. , This server is the owner of the following FSMO role, but does not consider it valid. For the partition which contains the FSMO, this server has not replicated successfully with any of its partners since this server has been restarted. Replication errors are preventing validation of this role. This server is the owner of the following FSMO role, but does not consider it valid. For the partition which contains the FSMO, this server has not replicated successfully with any of its partners since this server has been restarted. Replication errors are preventing validation of this role.
DCDIAG的
我正在寻找一些关于如何解决这个问题的指导,我的第一个直觉就是将FSMOangular色从ADServer (主要)转移到ADServer (次要),降级主控制器,删除AD服务并重新回收到中学。
任何build议是非常感激,非常需要。 谢谢
我并不清楚Active Directory的当前状态,但将Active Directory恢复到良好状态的基本原则是:
获取有效的function域控制器,如果您还没有。 如有必要,请执行DSRM还原。
将FSMOangular色转移或抓住您的function域控制器。
通过删除对所有损坏的域控制器的引用来清理Active Directory。 这通常被称为元数据清理,并从良好的域控制器完成。 摆脱现实中断的服务器。
用新的,正在工作的(一个或多个)replace已损坏的域控制器。 使用干净的操作系统映像执行此操作通常是最容易的,您可以将其join域并将其提升为域控制器。
如果需要,将FSMOangular色移回到您想要的位置。