FRS/DFS Replication issue

Question

Dear Support,
due to some reason we restored complete image base restore for Primary and Secondary Domain controller but after restoration exchange server working fine but we are facing below issue and need your expert advise appreciate for your advise.

1- we are facing issue with DFS server we are unable to access share by namespace but by normal share is fine.
we observe that FRS is trying to reach to DR domain controller which is off now. so how can we force FRS to connect with Primary domain controller

The File Replication Service is having trouble enabling replication from DR-DC to AD2 for c:\windows\sysvol\domain using the DNS name dr-DC.contoso.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name dr-DC.contoso.com from this computer.
[2] FRS is not running on dr-DC.contoso.com.
[3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

DR-DC is shutdown server. Please advise how can we force the replication to Primary DC

Note: we have total 4 domain controller out of DR 2 domain controller we shutdown. only kept 2 PDC and ADC is up and running.

Please advise..
Your prompt reply will be highly appreciated.

Answer 1

Ok, understood. What is the plan for these ones? While they are off you'll get the replication warnings. If you left them off for longer than tombstone life (60 to 180 days depending on settings) then the only fix is to perform cleanup to remove them, then rebuild if needed again.

As a side note if the domain controllers are 2008 or newer you should migrate FRS to DFSR
https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 2

You can follow along here. I'd try a nonauthoritative restore as first step.
https://learn.microsoft.com/en-US/troubleshoot/windows-server/networking/use-burflags-to-reinitialize-frs#nonauthoritative-restore

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 3

Hi,
Thanks for your prompt reply,
Could you please confirm me as i had restore the Both Primary and secondary DC from backup, so now if i do no authoritative Restore the. Will impact any things?
My exchange and other services running well
Only FRs and group policy issue
So please advise me if i do non authoritative restore will impact or it will safe to do

Answer 4

Well two things.
A non authoritative restore would be the safer option.
Restoring multiple domain controllers from backup is not recommended. Better option is to restore the PDC emulator (if that's an option), the do cleanup to remove remnants of others,
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564

then build new ones for replacement.

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 5

So now since i already restored both domain controller from backup in this case what i should do now. do i need to do cleanup or is there anything else commands i can run to make it heathy.
i am afraid to do metadata cleanup may impact on production

really appreciate you prompt reply