Sounds like you just have some extra NTFRS or DFS replication objects that have been missed--take a look at http://support.microsoft.com/kb/216498.
-Bonnie -----Original Message----- From: Mike Leone [mailto:oozerd...@gmail.com] Sent: Wednesday, June 01, 2011 9:57 AM To: NT System Admin Issues Subject: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862 OK. I have a Win2008 AD in a parent/child configuration. I am trying to set up a "testing" version of it, using VMware. (I have a VM DC of both the parent and child domains). We want a lab version of our domain, to test proposed changes to OUs, GPOs, etc. So I cloned both DCs, and set them on a private vswitch that is assigned to no physical adapters (so the only things they could talk to was each other). I went and seized roles, and they seized fine (using <http://support.microsoft.com/kb/255504>. In the parent I seized all 5 roles, and on the child I seized the 3 roles for the child (PDC, RID, Infrastructure). I then went to clean up the metadata (< http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx>). I deleted the 2 missing DCs in the parent domain from AD U&C, and also the same 2 server objects from that site in Sites and Services. All seemed fine. In the child DC, I deleted the 5 missing DCs there the same way. Again, all seemed fine. I cleaned up DNS by deleting every record I could find that mentioned the missing DCs - removed them form the Nameservers tab on each zone name (including reverses), and every record in all the sub-areas - _msdcs, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones. Did the same on the child DC. DNSLint came up clean. DCDiag did not ... parent DC: says service "NtFrs is stopped". It also says that it has problems in "VerifyRefernces". The system object references (serverRefernce) and backlink are correct. Says there is a Missing Expected Value in the object "SYSVOL FRS Member Object:, and to see Q312862. Same message for "VerifyEnterpriseReferences". And I don't understand Q312862 at all. :-( <http://support.microsoft.com/kb/312862> I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up ERROR - Cannot bind w/authentication to computer, computer; 000006ba (1722) ERROR - Cannot bind w/o authentication to computer, computer; 000006ba (1722) ERROR - Cannot RPC to computer, computer; 000006ba (1722) I can't "net start ntfrs"; says it's disabled or has no enabled devices. So: what did I do wrong? How can I fix it? The MS KB is making no sense to me, and I'm not seeing what it describes. And would it be easier to start over, but this time don't do $WHATEVER BAD THING I DID LAST TIME$? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
