Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Block DC replication
Block DC replication [message #299392] Mon, 26 October 2009 23:59 Go to next message
aconti  is currently offline aconti  United States
Messages: 113
Registered: August 2009
Senior Member
Hello,

let's say that I have 2 DCs and on one of them I have made a
big mistake and deleted several groups but the other DC luckily has not
got the replication applied. How would I be able to stop the other DC
from getting the replication and recover back to the original status on
the screwed up DC.

I would assume that the first thing is to disconnect the other DC from
the network so that it does not get the replication...

Thank you


--
aconti
------------------------------------------------------------ ------------
aconti's Profile: http://forums.techarena.in/members/73272.htm
View this thread: http://forums.techarena.in/active-directory/1263667.htm

http://forums.techarena.in
Re: Block DC replication [message #299430 is a reply to message #299392] Tue, 27 October 2009 01:42 Go to previous messageGo to next message
Meinolf Weber MVP-DS  is currently offline Meinolf Weber MVP-DS  Germany
Messages: 129
Registered: July 2009
Senior Member
Hello aconti,

If you really get them disconnected before replication, see "Recovering Deletions
Without Restoring from Backup":
http://technet.microsoft.com/en-us/library/cc779573(WS.10).aspx#BKMK_RecoveringWithoutRestoring

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
>
> let's say that I have 2 DCs and on one of them I have made a
> big mistake and deleted several groups but the other DC luckily has
> not
> got the replication applied. How would I be able to stop the other DC
> from getting the replication and recover back to the original status
> on
> the screwed up DC.
> I would assume that the first thing is to disconnect the other DC from
> the network so that it does not get the replication...
>
> Thank you
>
> http://forums.techarena.in
>
Re: Block DC replication [message #299437 is a reply to message #299392] Tue, 27 October 2009 01:54 Go to previous messageGo to next message
florian  is currently offline florian  Switzerland
Messages: 484
Registered: July 2009
Senior Member
Howdie!

aconti wrote:
> let's say that I have 2 DCs and on one of them I have made a
> big mistake and deleted several groups but the other DC luckily has not
> got the replication applied. How would I be able to stop the other DC
> from getting the replication and recover back to the original status on
> the screwed up DC.
>
> I would assume that the first thing is to disconnect the other DC from
> the network so that it does not get the replication...

Correct, you either plug it off and start from there or you simply
disable replication by using repadmin:

repadmin /options ServerName +DISABLE_INBOUND_REPL

Then do an auth restore and after that, re-enable replication:

repadmin /options ServerName -DISABLE_INBOUND_REPL

(note the + and - in front of DISABLE_INBOUND_REPL)

Cheers,
Florian
Re: Block DC replication [message #300263 is a reply to message #299392] Tue, 27 October 2009 16:41 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"aconti" <aconti.40pbzc@DoNotSpam.com> wrote in message
news:aconti.40pbzc@DoNotSpam.com...
>
> Hello,
>
> let's say that I have 2 DCs and on one of them I have made a
> big mistake and deleted several groups but the other DC luckily has not
> got the replication applied. How would I be able to stop the other DC
> from getting the replication and recover back to the original status on
> the screwed up DC.
>
> I would assume that the first thing is to disconnect the other DC from
> the network so that it does not get the replication...
>
> Thank you
>
>
> --
> aconti
> ------------------------------------------------------------ ------------

Aconti,

In addition to Meinolf's and Florian's suggestions, you can use ADRESTORE to
recovery deleted objects.

AdRestoreAdRestore v1.1. By Mark Russinovich. Published: November 1, 2006.
Download AdRestore (42 KB) ...
This MS KB article describes the use of AdRestore: ...
http://technet.microsoft.com/en-us/sysinternals/bb963906.asp x

Microsoft Supportability e-Newsletter : Using ADRestore tool to recover
deleted objects ...
Have ever encountered the following scenarios? User accounts, groups,
computers, OUs or other objects in domain accidentally deleted?
http://blogs.technet.com/asiasupp/archive/2006/12/14/using-a drestore-tool-to-restore-deleted-objects.aspx

ADRestore.NET The GUI version of ADRestore | Windows ReferenceAccidentally
deleted user, computer account or OU's from Active Directory. Don't worry,
now you can get them back using ADRestore tool using GUI.
http://www.windowsreference.com/free-utilities/adrestorenet- the-gui-version-of-adrestore

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Re: Block DC replication [message #300730 is a reply to message #299437] Wed, 28 October 2009 06:25 Go to previous message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
Make sure you understand how to do and Authoritative Restore and what it
does.

Here is a nice little primer on it:
http://computerperformance.co.uk/w2k3/utilities/windows_auth oritative_restore.htm

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Florian Frommherz [MVP]" <florian@frickelsoft.net> wrote in message
news:O%23O3$qtVKHA.1232@TK2MSFTNGP05.phx.gbl...
> Howdie!
>
> aconti wrote:
>> let's say that I have 2 DCs and on one of them I have made a
>> big mistake and deleted several groups but the other DC luckily has not
>> got the replication applied. How would I be able to stop the other DC
>> from getting the replication and recover back to the original status on
>> the screwed up DC.
>>
>> I would assume that the first thing is to disconnect the other DC from
>> the network so that it does not get the replication...
>
> Correct, you either plug it off and start from there or you simply disable
> replication by using repadmin:
>
> repadmin /options ServerName +DISABLE_INBOUND_REPL
>
> Then do an auth restore and after that, re-enable replication:
>
> repadmin /options ServerName -DISABLE_INBOUND_REPL
>
> (note the + and - in front of DISABLE_INBOUND_REPL)
>
> Cheers,
> Florian
Previous Topic:copying users form one group to a new group
Next Topic:Phantom Sites connection object causing NTDS Replication 1411 Erro
Goto Forum:
  


Current Time: Tue Jan 16 10:42:16 MST 2018

Total time taken to generate the page: 0.02538 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software