Answer the question
In order to leave comments, you need to log in
D
D
Dmitry2018-01-29 10:47:12
Dmitry, 2018-01-29 10:47:12
Active Directory How to synchronize SID pool between domain controllers?
Hello.
There are two domain controllers on the network dc01 (Holds 5 FSMO roles) and dc02. When creating any object in the domain (user, computer, or group), a SID of the form XXX-1613 is issued on dc01, and a SID number greater than XXX-1820 on dc02.
Presumably the SID from DC01 is less than it should be.
Now, user and computer accounts have begun to disappear from AD (apparently due to SID collisions).
Apparently, the SID Pool was out of sync between domain controllers. Can this be fixed without recreating dc01?
2 answer(s)
@wedun
V
Vadim Choporov, 2018-01-29 @wedun
Good afternoon.
What servers? What is the forest level? What is the domain level? What replication mechanism do you use: DFS-R or, if the systems are old - FRS? What does repadmin /showrepl show? What does repadmin /replsummary show?
Force replication to start:
repadmin /replicate dest-dc01 source-dc01 DC=contoso,DC=com
Similar questions
K
D
I
G
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question