Event ID 2042: It has been too long since this machine replicated域控超过墓碑期未进行复制

原始出处：http://yxzhao.com/2013/event-id-2042-it-has-been-too-long-since-this-machine-replicated/

场景提要：如果一台域控制器长时间没有与其他伙伴进行复制，当你在Active Directory Sites and Services里手动触发复制时，会报错，同时在Directory Services事件日志中会记录Event ID 为2042的错误日志，大致内容如下：

Event Type:Error
Event Source:NTDS Replication
Event Category:Replication
Event ID:2042
Date:3/22/2005
Time:7:28:49 AM
User:NT AUTHORITY\ANONYMOUS LOGON
Computer:DC3
Description:
It has been too long since this machine last replicated with the
named source machine. The time between replications with this source
has exceeded the tombstone lifetime. Replication has been stopped
with this source.
The reason that replication is not allowed to continue is that
the two machine’s views of deleted objects may now be different.
The source machine may still have copies of objects that have
been deleted (and garbage collected) on this machine. If they
were allowed to replicate, the source machine might return
objects which have already been deleted.
Time of last successful replication:
2005-01-21 07:16:03
Invocation ID of source:
0397f6c8-f6b8-0397-0100-000000000000
Name of source:
4a8717eb-8e58-456c-995a-c92e4add7e8e._msdcs.contoso.com
Tombstone lifetime (days):
60

The replication operation has failed.

User Action:

Determine which of the two machines was disconnected from the
forest and is now out of date. You have three options:

1. Demote or reinstall the machine(s) that were disconnected.
2. Use the “repadmin /removelingeringobjects” tool to remove
inconsistent deleted objects and then resume replication.
3. Resume replication. Inconsistent deleted objects may be introduced.
You can continue replication by using the following registry key.
Once the systems replicate once, it is recommended that you remove
the key to reinstate the protection.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication With Divergent and Corrupt Partner

使用repadmin /showrepl也会报错8614：

Source: Default-First-Site-Name\DC1
******* 1502 CONSECUTIVE FAILURES since 2005-01-21 07:16:00
Last error: 8614 (0x21a6):
The Active Directory cannot replicate with this server
because the time since the last replication with this server has
exceeded the tombstone lifetime.

这个问题的原因是，域控制器超过墓碑生命周期未与其他伙伴域控进行复制，inbound replication会自动停止。
因为这么长时间未复制，可能会有不正常的、不一致的对象，两边的差异会很大，为避免出现问题，目标域控会停止复制。

解决方法是，在需要被覆盖复制的一方，修改注册表，允许超过墓碑生命周期的复制发生，然后从权威的域控中复制数据。具体注册表键值如下：

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
DWORD Value：Allow Replication With Divergent and Corrupt Partner

将其值改为1后，重启复制服务，在手动触发复制即可。

当确认所有数据已经复制过来，再将以上注册表键值改回0值。