Going virtual with your domain controllers

If you plan to convert your physical domain controllers into virtual servers, you probably know there is a lot to consider prior to the move. But what you might not know is that Active Directory doesn't like being restored from the image, which what all physical-to-virtual conversion tools (Acronis, Ghost, etc.) are doing. It doesn't matter if you are trying to convert your physical server to a virtual or if you're converting your server from one virtual format to another (for example, Vmware-to-VPC, or vice versa).

After the conversion, replication process breaks and the error starts appearing in the log files "The source server is currently rejecting replication requests"; the same error pops up when you try to run dcpromo command. Obviously if the problem is not resolved within 60 days, that domain controller will get tombstoned by Active Directory, which is not very good. Most of the websites suggest to forcibly remove that domain controller from the Active Directory by running dcpromo / forceremoval and then cleaning up your schema using metadatacleanup of ntdsutil. To me this solution is not only too drastic, but often is not an option because it might cause more problems than it will resolve.

After an extensive research I have finally found a solution that has worked for me. The solution is actually pretty simple: you simply need to enable inbound and outbound replication on the "faulty" domain controller.

To enable inbound replication, run:

repadmin /options SERVERNAME -disable_inbound_repl

To enable outbound replication, run:

repadmin /options SERVERNAME -disable_outbound_repl

 

And the error disappears J