There are two phenomena. 1. Failed trust relationship 2. Failed demotion of DC. I am not sure, if we still have the first problem, because of the change in the forests. If you were publish your first problem before doing demoting, we will be in different situation. Start with dcdiag and dig out more diagnostic information Regards Milos (PS: Have you done all the "tricks" with adprep, before you add W2K8 R2?)

Thank you for the reply, I was on holiday so I'm just posting the results now I have done all the the tricks with adprep, it seems to me a duplication issue here are the logs: C:\Users\administrator.PARIS>dcdiag Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = DC2 * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\DC2 Starting test: Connectivity ......................... DC2 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\DC2 Starting test: Advertising ......................... DC2 passed test Advertising Starting test: FrsEvent ......................... DC2 passed test FrsEvent Starting test: DFSREvent ......................... DC2 passed test DFSREvent Starting test: SysVolCheck ......................... DC2 passed test SysVolCheck Starting test: KccEvent ......................... DC2 passed test KccEvent Starting test: KnowsOfRoleHolders ......................... DC2 passed test KnowsOfRoleHolders Starting test: MachineAccount ......................... DC2 passed test MachineAccount Starting test: NCSecDesc Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDnsZones,DC=paris,DC=mycompany,DC=local Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=DomainDnsZones,DC=paris,DC=mycompany,DC=local ......................... DC2 failed test NCSecDesc Starting test: NetLogons ......................... DC2 passed test NetLogons Starting test: ObjectsReplicated ......................... DC2 passed test ObjectsReplicated Starting test: Replications ......................... DC2 passed test Replications Starting test: RidManager ......................... DC2 passed test RidManager Starting test: Services ......................... DC2 passed test Services Starting test: SystemLog An error event occurred. EventID: 0x00000457 Time Generated: 11/08/2011 08:39:51 Event String: Driver KONICA MINOLTA C360SeriesPCL required for printer KONICA MINOLTA C360SeriesPCL is unknown. Contact th e administrator to install the driver before you log in again. ......................... DC2 failed test SystemLog Starting test: VerifyReferences ......................... DC2 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : paris Starting test: CheckSDRefDom ......................... paris passed test CheckSDRefDom Starting test: CrossRefValidation ......................... paris passed test CrossRefValidation Running enterprise tests on : paris.mycompany.local Starting test: LocatorCheck ......................... paris.mycompany.local passed test LocatorCheck Starting test: Intersite ......................... paris.mycompany.local passed test Intersite C:\Users\administrator.PARIS> and C:\Documents and Settings\Administrator.LONDON>dcdiag Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\DC2 Starting test: Connectivity ......................... DC2 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\DC2 Starting test: Replications ......................... DC2 passed test Replications Starting test: NCSecDesc ......................... DC2 passed test NCSecDesc Starting test: NetLogons ......................... DC2 passed test NetLogons Starting test: Advertising ......................... DC2 passed test Advertising Starting test: KnowsOfRoleHolders ......................... DC2 passed test KnowsOfRoleHolders Starting test: RidManager ......................... DC2 passed test RidManager Starting test: MachineAccount ......................... DC2 passed test MachineAccount Starting test: Services ......................... DC2 passed test Services Starting test: ObjectsReplicated ......................... DC2 passed test ObjectsReplicated Starting test: frssysvol ......................... DC2 passed test frssysvol Starting test: frsevent ......................... DC2 passed test frsevent Starting test: kccevent ......................... DC2 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0x00000C8A Time Generated: 11/08/2011 07:39:39 Event String: This computer could not authenticate with An Error Event occured. EventID: 0xC000001A Time Generated: 11/08/2011 07:54:32 Event String: While processing an AS request for target service An Error Event occured. EventID: 0xC000001B Time Generated: 11/08/2011 08:09:06 Event String: While processing a TGS request for the target An Error Event occured. EventID: 0xC000001A Time Generated: 11/08/2011 08:09:20 Event String: While processing an AS request for target service An Error Event occured. EventID: 0xC000001B Time Generated: 11/08/2011 08:27:40 Event String: While processing a TGS request for the target An Error Event occured. EventID: 0xC000001B Time Generated: 11/08/2011 08:30:08 Event String: While processing a TGS request for the target An Error Event occured. EventID: 0x00000457 Time Generated: 11/08/2011 08:36:59 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 11/08/2011 08:37:01 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 11/08/2011 08:37:01 (Event String could not be retrieved) ......................... DC2 failed test systemlog Starting test: VerifyReferences ......................... DC2 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : london Starting test: CrossRefValidation ......................... london passed test CrossRefValidation Starting test: CheckSDRefDom ......................... london passed test CheckSDRefDom Running enterprise tests on : london.mycompany.local Starting test: Intersite ......................... london.mycompany.local passed test Intersite Starting test: FsmoCheck ......................... london.mycompany.local passed test FsmoCheck C:\Documents and Settings\Administrator.LONDON> Do you think that the best solution is to demote using forceremoval and clean the metadata manually?

Hi all. we have 2 domains in tree-root trust relationship Recently we have added a 2008 R2 BDC on paris Here is the topology: paris-master.paris.mycompany.local (win 2003 SP2 primary DC) dc2.paris.mycompany.local (win 2008 R2 backup DC) dc2.london.mycompany.local (win 2003 SP2 primary DC) dc1.london.mycompany.local (win 2008 R2 backup DC) We have some problems into accessing some servers from paris to london and viceversa For example we cannot access from paris-master.paris.mycompany.local to dc2.london.mycompany.local, it gives me this error: The trust relationship between the primary domain and the trusted domain failed. while we can access dc1.london.mycompany.local withouth problems same problem is with accessing from dc2.london.mycompany.local to dc2.paris.mycompany.local (win 2008 R2 backup DC) Here are some logs: FROM london (dc1): nltest /server:dc1 /sc_verify:paris Flags: b0 HAS_IP HAS_TIMESERV Trusted DC Name \\paris-master.paris.mycompany.local Trusted DC Connection Status Status = 0 0x0 NERR_Success Trust Verification Status = 0 0x0 NERR_Success The command completed successfully nltest /server:dc1 /sc_verify:paris Flags: 80 Trusted DC Name Trusted DC Connection Status Status = 5 0x5 ERROR_ACCESS_DENIED Trust Verification Status = 5 0x5 ERROR_ACCESS_DENIED The command completed successfully From paris(dc2): nltest /server:paris-master /sc_verify:london Flags: b0 HAS_IP HAS_TIMESERV Trusted DC Name \\dc1.london.mycompany.local Trusted DC Connection Status Status = 0 0x0 NERR_Success Trust Verification Status = 0 0x0 NERR_Success The command completed successfully nltest /server:dc2 /sc_verify:london Flags: 80 Trusted DC Name Trusted DC Connection Status Status = 5 0x5 ERROR_ACCESS_DENIED Trust Verification Status = 5 0x5 ERROR_ACCESS_DENIED The command completed successfully What I tried is to demote the BDC installed on paris, but I got tihs error: The operation failed because: Active Directory Domain Services could not transfer the remaining data in directory partition DC=DomainDnsZones,DC=paris,DC=mycompany, DC=local to Active Directory Domain Controller \\paris-master.paris.mycompany.local. "The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles." The trust relationship between the primary domain and the trusted domain failed. Maybe the problem is that the there are two dc with the same name? What to do now? Thank you

I have successfully demoted the dc with forceremoval and cleaned the metadata manually, now it works like it should be. Does someone know if the issue would be the same computer name (dc2) even if they were on different domains, or just replication error? Can I use the same computer name ? Thank you