Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForsetDnsZones
Got this Error when demoting a Domain Controller (DC).
The operation failed because:
Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForsetDnsZones,DC=domain,DC=org to Active Directory Domain Controller \\DC01.domain.org
"The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles."
"The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles."
Debug log:
C:\%systemroot%\Debug\DCPROMO.LOG
C:\dsquery * CN=Infrastructure,DC=ForestDnsZones,DC=domain,DC=org -attr fsMORoleOwner
Cannot find ForestDnsZones
Cannot find ForestDnsZones
Could not find questions from:
C:\dnscmd /directorypartitioninfo ForestDNSZones.domain.org
Directory partition info:
DNS root: ForestDnsZones.domain.org
Flags: 0x19 Enlisted Auto Forest
State: 0
Zone count: 2
DP head: DC=ForestDnsZones,DC=domain,DC=org
Crossref: CN=aaaa-bbbb-cccc-dddd-eeee,CN=Partitions,CN=Configuration,DC=domain,DC=org
Replicas: 2
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Command completed successfully.
Directory partition info:
DNS root: ForestDnsZones.domain.org
Flags: 0x19 Enlisted Auto Forest
State: 0
Zone count: 2
DP head: DC=ForestDnsZones,DC=domain,DC=org
Crossref: CN=aaaa-bbbb-cccc-dddd-eeee,CN=Partitions,CN=Configuration,DC=domain,DC=org
Replicas: 2
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Command completed successfully.
C:\dnscmd /directorypartitioninfo DomainDNSZones.domain.org
Directory partition info:
DNS root: DomainDnsZones.domain.org
Flags: 0x15 Enlisted Auto Domain
State: 0
Zone count: 5
DP head: DC=DomainDnsZones,DC=domain,DC=org
Crossref: CN=aaaa-bbbb-cccc-dddd-eeee,CN=Partitions,CN=Configuration,DC=domain,DC=org
Replicas: 2
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Command completed successfully.
Directory partition info:
DNS root: DomainDnsZones.domain.org
Flags: 0x15 Enlisted Auto Domain
State: 0
Zone count: 5
DP head: DC=DomainDnsZones,DC=domain,DC=org
Crossref: CN=aaaa-bbbb-cccc-dddd-eeee,CN=Partitions,CN=Configuration,DC=domain,DC=org
Replicas: 2
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
CN=NTDS Settings,CN=DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Command completed successfully.
Finally, got the question from:
C:\ldifde -f DomainDnsZones.ldf -d "CN=Infrastructure,DC=DomainDnsZones,DC=domain,DC=org" -l fSMORoleOwner
To solve it:
1. %SystemRoot%\system32\adsiedit.msc
2. Connection Point
DC=ForestDnsZones,DC=domain,DC=org
3.
CN=Infrastructure,DC=ForestDnsZones,DC=domain,DC=org
3.1. fsMORoleOwner, the source of the question. It marked the wrong server.
CN=NTDS Settings\0ADEL:6ad01d66-8aa9-47f8-89f5-2b5b447072c8,CN=DC-A\0ADEL:4b19c26f-fbcc-4289-a2ab-e6f61fbe28ee,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Note: Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified.
3.2. Modified it to be the correct one.
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
4.
CN=Infrastructure,DC=DomainDnsZones,DC=domain,DC=org
4.1
CN=NTDS Settings\0ADEL:6ad01d66-8aa9-47f8-89f5-2b5b447072c8,CN=DC-A\0ADEL:4b19c26f-fbcc-4289-a2ab-e6f61fbe28ee,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
4.2
CN=NTDS Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=org
Select the Connection Point: DC=ForestDnsZones,DC=domain,DC=org
References
Clean up Active Directory Domain Controller server metadata
https://docs.microsoft.com/en-au/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://docs.microsoft.com/en-au/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
Troubleshooting Domain Controller Deployment
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/troubleshooting-domain-controller-deployment
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/troubleshooting-domain-controller-deployment
Update