Sintomi:
- Errore durante l'esecuzione del Adprep /rodcprep comando in Windows Server 2008: Adprep non è riuscito a contattare una replica per la partizione DC=DomainDnsZones,DC=Contoso,DC=com
- Impossibile eseguire la depromozione di un domain controller
- Impossibile eseguire lo spostamento dei ruoli FSMO
- Presenza di record "0ADEL:" all'interno di oggetti ADSI Edit
Event Id 2091 Source NTDS Replication Description Ownership of the following FSMO role is set to a server which is deleted or does not exist. Operations which require contacting a FSMO operation master will fail until this condition is corrected. FSMO Role: CN=Infrastructure,DC=ForestDnsZones,DC=contoso,DC=local FSMO Server DN: CN=NTDS Settings\0ADEL:71802418-3aa6-41d4-be34-05ae893e06f7,CN=SERVERDC1\0ADEL:05c61c7f-2820-492c-bd9a-e9af8914fcea,CN=Servers,
Soluzione:
Correggere il proprietario del ruolo FSMO (Flexible Single Master Operations) "Infrastructure" tramite script vbs
Controllare tramite ADSIEDIT l'effettiva presenza di entità cancellate (0ADEL:) nelle proprietà di CN=Infrastructure
Nello screenshot seguente, il proprietario del ruolo FSMO è stato cancellato
Eseguire lo script come da esempio sotto, specificando DC=forestdnszones,DC=contoso,DC=local
Successivamente specificare anche DC=domaindnszones,DC=contoso,DC=local
Sostituire contoso e local con i propri nomi ed estensioni della foresta Active Directory.
'-------fixfsmo.vbs------------------
const ADS_NAME_INITTYPE_GC = 3
const ADS_NAME_TYPE_1779 = 1
const ADS_NAME_TYPE_CANONICAL = 2
set inArgs = WScript.Arguments
if (inArgs.Count = 1) then
' Assume the command line argument is the NDNC (in DN form) to use.
NdncDN = inArgs(0)
Else
Wscript.StdOut.Write "usage: cscript fixfsmo.vbs NdncDN"
End if
if (NdncDN <> "") then
' Convert the DN form of the NDNC into DNS dotted form.
Set objTranslator = CreateObject("NameTranslate")
objTranslator.Init ADS_NAME_INITTYPE_GC, ""
objTranslator.Set ADS_NAME_TYPE_1779, NdncDN
strDomainDNS = objTranslator.Get(ADS_NAME_TYPE_CANONICAL)
strDomainDNS = Left(strDomainDNS, len(strDomainDNS)-1)
Wscript.Echo "DNS name: " & strDomainDNS
' Find a domain controller that hosts this NDNC and that is online.
set objRootDSE = GetObject("LDAP://" & strDomainDNS & "/RootDSE")
strDnsHostName = objRootDSE.Get("dnsHostName")
strDsServiceName = objRootDSE.Get("dsServiceName")
Wscript.Echo "Using DC " & strDnsHostName
' Get the current infrastructure fsmo.
strInfraDN = "CN=Infrastructure," & NdncDN
set objInfra = GetObject("LDAP://" & strInfraDN)
Wscript.Echo "infra fsmo is " & objInfra.fsmoroleowner
' If the current fsmo holder is deleted, set the fsmo holder to this domain controller.
if (InStr(objInfra.fsmoroleowner, "\0ADEL:") > 0) then
' Set the fsmo holder to this domain controller.
objInfra.Put "fSMORoleOwner", strDsServiceName
objInfra.SetInfo
' Read the fsmo holder back.
set objInfra = GetObject("LDAP://" & strInfraDN)
Wscript.Echo "infra fsmo changed to:" & objInfra.fsmoroleowner
End if
End if
