At times, when you have 2 Active Directory Domain Controllers or when you are trying to migrate a domain controller, you inadvertently migrate it without fully moving all required roles over from the old server to the new server. Once the other server is removed from the network and you reboot the "primary" controller, policies are lost and Active Directory responses do not function correctly.
In the case where you have only 1 DC left on the network and a good chunk of the replication has already been done correctly, there is a way to rebuild the Active Directory function, but do note that this option may have some adverse affect. However, it's been done a few times and we've had 100% success on it.
- Stop the FRS services - net stop ntfrs
- Open up the registry editor - regedit or regedt32
- Locate the following registry key:
HKLM\System\CurrentControlSet\Services\NtFrs\Parameters\Backup\Restore\Process at Startup
- Change the BurFlags to D4
- Start the FRS services - net start ntfrs
Run at the command prompt --> dcgpofix /ignoreschema
If this fails, then force an update on the global policies:
This should the trick... make sure the IPs are correct on the server and that all system are to authenticate/report to the server correctly and reboot all systems so that it can see the rebuilt AD. Computer names and systems should still be present.