On Mon, Dec 19, 2011 at 9:17 PM, Greg Sweers <gswe...@acts360.com> wrote: > Server1 doesn’t have Server2 listed and is giving the cannot find Server > SPN. Nothing in AD Sites and Services other than itself.
That's usually bad. What does Server2 show if you ask it the same questions? If it's a mirror image (i.e., Server2 only shows Server, and no Server1), then you actually have two different Active Directories, both with the same name. Each server has lost AD replication with the other server for so long they've forgotten about the other one. I've seen this twice. Both times I called MSFT because it's a complicated mess and paying $250 for expert help was money well spent. I'd recommend that here. The short version is you have to pick one AD, nuke the other. On the keeper you seize the FSMO roles, go into low-level tools and delete everything to do with the loser DC, and do metadata cleanup. On the loser, you forcible demote it, disjoin and then rejoin to the domain. Then you spend a bunch of time cleaning up loose ends. If the two ADs have diverged significantly it's a minor kind of hell. It's been awhile, too, maybe there's some new tool that can fix things up less drastically now. Call MSFT. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
