I have an environment that has a root domain and several subdomains. The networks are connected between the root and each subdomain, but connections between subdomain controllers are not possible. Now lingering objects have occured, where copies of other subdomain NCs are out of sync. I cant remove them with repadmin, as I can't compare a read-only copy of a subdomain to the writeable copy, as there is no network connectivity between the DCs of the two subdomains. How do I get rid of the lingering objects without changing the firewall for all subdomains?
Example: child1.root.tld holds a read-only copy of child2.root.tld, that contains lingering objects. I would need to run a repadmin /removelingeringobjects from child2 against child1, but there is no network connectivity between those. As root.tld also holds a read-only copy of child1.root.tld, I can't use it for my repadmin.
Best regards, Marc