As I was preparing for Exchange migration from 2010 to 2013 I had two DCs, one of those two DCs was off for about 8 months and has already passed the default tomb stone life so it was not authorized for replication in the forest.
Whenever I try to replicate the server I get the following error
“The following error occurred during the attempt to syncronize naming context CN=Configuration,DC=Domain,DC=Local from Domain Controller AD to Domain Controller AD2; The directory service cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime. This operation will not continue.”
My FSMO roles holder and PDC is the demotesas.local domain so on this DC I will run the following command
W32tm /config /manualpeerlist:time.windows.com,0x1 /syncfromflags:manual /reliable:yes /update
And this
w32time & net start w32time & W32tm /resync /rediscover
On the additional DC
w32tm /config /syncfromflags:domhier /update
w32time & net start w32time & W32tm /resync /rediscover
If the above doesn’t work then I will go ahead and force replication to the tomb stoned DC by using the following command.
repadmin /regkey * +allowDivergent
Now we’ll replicate and see what happens
Problem solved
REF:
http://www.techieshelp.com/active-directory-replication-issues-after-timesync-problems/