Recently, some of our users reported that they encountered a replication error that exceeded the tombstone lifetime.

The tombstone lifetime attribute is a credit that contains the time period since the object was physically moved out of Active Directory. The default tombstone lifetime value is 60 days.

Replicate After Tombstone Expiration

How do you increase your tombstone lifetime?

Right-click “Site” and select “Properties” from the context menu. In the CN=Directory Service Properties dialog box, locate the attribute on the tombstoneLifetime Attributes tab of the editor. Click Change. value Set to “730” (corresponding to 2 years).

When I was preparing to transfer Exchange from 2010 to 2013, I had two DCs, one of the two DCs was down for about 8 months and exceeded the tombstone lifespan already set by default, after that it wasn’t used to enable the replication forest.

Whenever I try to finally replicate the server, I get the following error from someone

Active Site Submission Service And Site Error

“The following error occurred while trying to synchronize the CN=Configuration,DC=Domain,DC=Local credential context from an AD domain controller to an AD2 domain controller; The service may not replicate on this system because the time that has elapsed since actual replication with this server has expired tombstone. In fact, this operation will not be continued.” Roles FSMO Owner

my primary domain controller and demotesas.local domain, and on this domain controller I will manage the following command

Forced Replication

replication error exceeded tombstone lifetime

If the transition doesn’t work, I continue to force and replicate to each tombstone domain controller using the followingThe next command Use.

Problem Solved

https://social.technet.microsoft.Tombstone-lifetime?forum=winserverDS>

I ran the entry com/forums/windowsserver/en-us/893b09d8-636e-4f87-8260-11613a2a4e43/unable-to-replicate-between-2-dcs-error-message-exceeded-the- with two controllers that the domain doesn’t managed to reproduce. DC2 originally got this:

“Error Active Directory may not be replicated with this server because the specified time since the last replication with this server has exceeded this tombstone lifetime.”

Below you will find the steps I took to solve this amazing situation and worked like a charm.

1. Check which domain controller is generating error 8614 using:

Where is the tombstone lifetime?

Navigate to CN=Windows cn=directory service, NT, CN=Configuration, DC=Domain, cn=services, DC=com. Right-click the CN=Directory Service object and select Properties. You are looking for the TombstoneLifetime value.

> /showreplor> repadmin repadmin /showreps* Run this command line almost in DC, not DC-A.* Also, open the Event Viewer in Application Viewer and services and services will register the phone book. You will see an error with event ID 2042

According to the Microsoft Knowledge Base, this may be because the domain controller comes with something called persistent objects: http://support.microsoft.com/kb/2020053. This is the most likelyThis is the reason for the error, because often everything is different (time, tombstone default life) stone.2. So I need to remove these persistent objects from all DC: . MYDOMAIN.COM: domain fully qualified name: dc-a+ 5b0b944e-de7b-4f96-942b-1e040169db36 DC-A domain GUID. you can get it from the query /showrepl repadmin DC-A.+ “cn=configuration,dc=mydomain,dc=com”:nc where DC-A causes the wrong choice (from repadmin /showrepl output) < br>* Repeat in all other DCs in the forest.

3. Evaluate the strict processing option for all forests. In DCS: > /regkey repadmin * +strict4. “Allow repset to divergent, meaning partner 1 corruption” on all domain controllers: > repadmin * +allowDivergent5 /regkey. Flush the DNS cache and Netlogon restart service at +> dc -a: /flushdns+> web ipconfig stop netlogon+ Rename netlogon.dns and keep netlogon.dnb located at > c:windowssystem32+ ipconfig / flushdns+ > ipconfig /registerdns6 . Again check the processing of all DCs by Repadmin using Repadmin Event Viewer > /showrepl7. In all domain controllers registry, remove “Allow replication with deviant and infecting partner” partner, set “Allow replication with deviant and corrupt partner equal to 0”. Repadmin > /regkey -allowDivergent8 *. Double check the replication of all domain controllers by running repadmin and configuring the viewer. If everything is correct, the domain controllers will almost certainly try to replicate themselves successfully.

Replicatiefout Overschreden Tombstone Levensduur
복제 오류가 삭제 표시 수명을 초과했습니다
Errore Di Replica Ha Superato La Durata Della Rimozione
Replikationsfehler Hat Tombstone Lebensdauer Uberschritten
El Error De Replicacion Supero La Vida Util Del Desecho
Erro De Replicacao Excedido Tempo De Vida Da Marca De Exclusao
Replikeringsfelet Overskred Gravstenens Livslangd
Blad Replikacji Przekroczyl Czas Zycia Reliktu
L Erreur De Replication A Depasse La Duree De Vie De La Desactivation
Oshibka Replikacii Prevysila Vremya Zhizni Zahoroneniya