Fixing orphaned Inter Site Topology Generators (ISTG) entries

Inter Site Topology Generators – in shortcut ISTG, is used as repadmin command to generate report of all topology generators in a AD forest.

Unfortunatelly it happens that instead of your DC name, you will see long ID number instead (starting with 0ADEL: …). It can happen when DC was removed improperly (metadata cleanup was not done) or there used to be writeable DC in past and now it’s RODC.

istg

2015-06-15_12-58-37

If currently, there is no DC in this site, entry should be removed, if there is DC (but it used to be a different one – for example writeable, and now it’s RODC) – then this entry has to be updated using adsiedit.

Step 1: Run adsiedit.msc and go to Configuration partition -> Sites and find site with broken DC entry.

Step 2: Expand it’s tree and double click on CN=NTDS Site Settings

Step 3: Find and double click on InterSiteTopologyGenerator:

2015-01-06 10_40_44-sneu0223 - Remote Desktop Connection

Step 4: This field should be filled with proper DN (not 0ADEL-… entries) of Domain Controller in this site. How to get this DN? Using ADSIEdit -> Configuration Partition -> Sites -> CN=SiteName -> CN=ServerName -> double click on CN=NTDS Settings. Find property called “distinguishedName” and copy it’s value. Now, when you have DC’s DN, just paste it into interSiteTopologyGenerator and apply changes.

Step 5: Run AD replication and then generate repadmin /istg report again to make sure bad entries are gone.

 

Leave a Reply