A cause of this could be that the AD Exchange object was deleted, and it doesn't come back after restore and AD replication changes things including in sysvol. I tried to do an authoritative restore but got an error message.
Should I remove AD from the second DC and then restore the system state to the main DC so it won't replicate? Would this fix it? I'm trying to avoid reinstalling everything. Thanks!
I appreciate the fast answer, and I suppose I should have said in my question, but I have been all over the MS Knowledge Base looking for answers that I couldn't find. But your answer is too vague; I have no idea where I am supposed to search and what command line utilities you are talking about. Maybe you could mention one or two that might help me?
This step is found at Microsoft Technet > Windows Server 2003 Operations (applies to Win2K also) > Active Directory Operations Guide > Administering Active Directory Backup and Restore > Managing Active Directory Backup and Restore > Restoring and Domain Controller through Reinstallation.
If the controller is sill listed in the AD U&C Domain Controller OU, right-click the computer object for the failed/removed controller and click DELETE then click "Yes."
Most likely that won't work because the entry went away when you removed the controller manually, but the metadata links did not and that is causing replication errors.
These procedures are found at Microsoft Technet > Windows Server 2003 > Active Directory Operations Guide > Administering Active Directory > Administering Domain Controllers > Managing Domain controllers.
- In the left pane, choose Products and Technologies.
- In the pop-up box, choose Server Operating Systems.
- In that pop-up box, choose Windows Server 2003 Tech Center.
- From the alphabetical listing choose Active Directory.
- On the Active Directory Home page choose Active Directory Operations Guide.
- On the Guide homepage choose Administering Domain Controllers.
- Choose "Managing Domain Controllers" from this page.
- You have to scroll to the bottom of the list to choose "Forcing the Removal of a Domain Controller."
- Print this page then go to link #1, "Identify replication partners."
- Print the page(s) at "Identify replication partners," then go back to "Forcing …."
- Go to the link #2, "Force domain controller removal."
- Print this page and then go back to "Forcing …."
- Go to the last link, "Clean up server metadata."
- Print these pages.
Having saved myself the typing of six or seven pages and the potential for mistakes, I will tell you that these procedures do work and while not every prompt will look the same since you are on Windows 2000 and not Windows 2003, the steps are easy to follow. There is a LOT of "two steps forward, one step back" to get through.