?
Solved

Problem with demoting a WIN2K Server

Posted on 2003-03-04
23
Medium Priority
?
1,246 Views
Last Modified: 2012-05-04
Hi All
We recently upgraded 3 servers from NT4 to WIN2k.
server 1 and 2 went well and were added to active directory, however, server 3 seemed to upgrade and was added to active directory (This server is running Exchange 5.5).
We soon discovered the the server was not replicating, or, the other two servers could not map a drive on the third server.
Funny thing is,any of the Teck support PCs could map to the third server.
Exchange 5.5 is running fine, however we cannot backup the third server at all because the other server can not see the Exchange server.
When you map the third server from server 1 or 2, it states that the remote password is incorrect or sometime it states that name is incorrect.
The problem here is, its active directory, so there is no local username.

I have tried to demote the server, however, that fails with the comment "DSA operations is unable to proceed because of a DNS lookup failure".

I have checked all the DNS entries (_tcp, _ldp, -gc, and so on). I have also checked the WINS, and they are talking to each other.
Server 1 is running DHCP, WINS DNS.

I did notice after all this that the machine name has changed from Servername to Server_name.domain_name, this must have happened during the upgarde.

Does anyone have any idea what going on here.
All comments welcome.
0
Comment
Question by:abayliss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 5
  • 5
  • +2
23 Comments
 
LVL 6

Expert Comment

by:night_monkey
ID: 8069795
abayliss, try reading this microsoft article and performing the steps it outlines:

http://support.microsoft.com/?kbid=263624
0
 

Author Comment

by:abayliss
ID: 8069875
Its Ironic that you should pass this on.
I just finished printing the same doco when I recieved your message.
Unfortunately, that did not fix the problem, as the prefered DNS Server is configured correctly.

Much appreciated for the info.
0
 
LVL 6

Expert Comment

by:night_monkey
ID: 8070132
bummer. =(
0
WordPress Tutorial 4: Recommended Plugins

Now that you have WordPress installed, understand the interface, and know how to install new parts, let’s take a look at our recommended plugins.

 
LVL 2

Expert Comment

by:Jonas1
ID: 8071920
Hey Abayliss,

It sounds like the roles are mixed up on the 3rd server.  I had an issue like this with my secondary domain controller.  You can use the ntdsutil.exe that comes with Win2000 (it may be in the resource kit) and force the roles to the proper server.  Before you use this though, I would look in Active Directory users and computers, Right click on the server.local (or domain name) and Check out the RID operations master etc.  If this is correct then run the ntdsutil and check the roles there.  Let me know if I can help more.

-Jonas1
0
 

Author Comment

by:abayliss
ID: 8076285
Good stuff, this RID.
-Jonas1, Thanks your your comments
I did what you recomended and checked the RID operations and FSMO with the following responce:
From the Domain Master (Server1).

server connections: connect to server Server1
Binding to Server1 ...
Connected to Server1 using credentials of locally logged on user
server connections: list roles for connected server
Error 80070057 parsing input - illegal syntax?
server connections: quit
select operation target: list roles for connected server
Server "Server1" knows about 5 roles
Schema - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
Domain - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
PDC - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
RID - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
Infrastructure - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=
uccentre,DC=ucaqld,DC=com,DC=au

However, when I try connect to Server3, I recieve this response:

Binding to bree ...
ldap_bind_sW failed with 0x52(82 (Local Error).
Ldap extended error message is
)
server connections:

My Concern is why the server name is Server.Domain,
rather than Server1.domain.company.com.au, as the other two servers are.
So,-Jonas1, Iam at a loss!

What are your thoughts?
0
 
LVL 2

Expert Comment

by:Jonas1
ID: 8076313
Hey abayliss,

I think I have an answer for you, unfortunately I am fighting my tape backup right now...I should be able to get you an answer later tonight.

-Jonas1
0
 

Author Comment

by:abayliss
ID: 8076954
Good stuff, this RID.
-Jonas1, Thanks your your comments
I did what you recomended and checked the RID operations and FSMO with the following responce:
From the Domain Master (Server1).

server connections: connect to server Server1
Binding to Server1 ...
Connected to Server1 using credentials of locally logged on user
server connections: list roles for connected server
Error 80070057 parsing input - illegal syntax?
server connections: quit
select operation target: list roles for connected server
Server "Server1" knows about 5 roles
Schema - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
Domain - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
PDC - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
RID - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
Infrastructure - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=
uccentre,DC=ucaqld,DC=com,DC=au

However, when I try connect to Server3, I recieve this response:

Binding to bree ...
ldap_bind_sW failed with 0x52(82 (Local Error).
Ldap extended error message is
)
server connections:

My Concern is why the server name is Server.Domain,
rather than Server1.domain.company.com.au, as the other two servers are.
So,-Jonas1, Iam at a loss!

What are your thoughts?
0
 

Author Comment

by:abayliss
ID: 8077226
Good stuff, this RID.
-Jonas1, Thanks your your comments
I did what you recomended and checked the RID operations and FSMO with the following responce:
From the Domain Master (Server1).

server connections: connect to server Server1
Binding to Server1 ...
Connected to Server1 using credentials of locally logged on user
server connections: list roles for connected server
Error 80070057 parsing input - illegal syntax?
server connections: quit
select operation target: list roles for connected server
Server "Server1" knows about 5 roles
Schema - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
Domain - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre
,DC=ucaqld,DC=com,DC=au
PDC - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
RID - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC
=ucaqld,DC=com,DC=au
Infrastructure - CN=NTDS Settings,CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=
uccentre,DC=ucaqld,DC=com,DC=au

However, when I try connect to Server3, I recieve this response:

Binding to bree ...
ldap_bind_sW failed with 0x52(82 (Local Error).
Ldap extended error message is
)
server connections:

My Concern is why the server name is Server.Domain,
rather than Server1.domain.company.com.au, as the other two servers are.
So,-Jonas1, Iam at a loss!

What are your thoughts?
0
 

Author Comment

by:abayliss
ID: 8077237
Sorry about the Duplicate entry guys
0
 

Author Comment

by:abayliss
ID: 8077446
Sorry about the Duplicate entry guys
0
 

Author Comment

by:abayliss
ID: 8077478
I don't know why the text is duplicating?

Anyway, I have discovered that the Infrastructure master is running on Server1 and server3.
As ya all know, it can only work on one server in a domain.

I am using a program called Spotlight on Active Directory.  A graphical interface showing the complete workings of AD.

This program has shown that the Infrastructure master is running on Servers 1 and 3.  
The problem is, how do I remove it, and is this the cause of my problems?
 
0
 
LVL 6

Expert Comment

by:night_monkey
ID: 8077524
are you sure that the double inframaster is your problem?

from your comments, "My Concern is why the server name is Server.Domain, rather than Server1.domain.company.com.au, as the other two servers are," it sounds to me like they're not even part of the same domain (or a subdomain). which may explain why there is more than one infrastructure master. i'm probably off, but i wanted to throw it out there for you to think over.

0
 
LVL 6

Expert Comment

by:night_monkey
ID: 8077529
here's some interesting reading:

sorry if it outlines stuff you already know.

http://support.microsoft.com/default.aspx?scid=KB;en-us;q216498
0
 

Author Comment

by:abayliss
ID: 8084497
Again thanks for all comments
A very good question from Night Monkey
 
The servers were all upgraded from NT4 to Win2000 Server.
All 3 DC were from the one domain.
The order that they were upgraded were:
Server 1
Server 3
Server 2

Why Server 3 ended up with that name, is beyond me.

However, I look at that site that Nighth Monkey posted, followed the steps to a T, and this was the results.

select operation target: list servers in site

Found 3 server(s)

0 - CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=a
u
1 - CN=TIRIAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=
au
2 - CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au


select operation target: select server 2

Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
Domain - DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
Server - CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au DSA object - CN=NTDS Settings,CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,
DC=uccentre,DC=ucaqld,DC=com,DC=au
DNS host name - bree.narnia
Computer object - CN=BREE,OU=Domain Controllers,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
No current Naming Context
select operation target: quit

metadata cleanup: remove selected server
DsRemoveDsServerW error 0x2094(The DSA object cannot be deleted.)
metadata cleanup:

As you all can see, Unsuccessful.
When I try to demote the server, :Active directory is busy" comment.

I guess the aother option I might have is to physically remove the network cable, select demote and say that it is the last DC on the domain.
What do you think Guys/Girls.
0
 

Author Comment

by:abayliss
ID: 8084681
Again thanks for all comments
A very good question from Night Monkey
 
The servers were all upgraded from NT4 to Win2000 Server.
All 3 DC were from the one domain.
The order that they were upgraded were:
Server 1
Server 3
Server 2

Why Server 3 ended up with that name, is beyond me.

However, I look at that site that Nighth Monkey posted, followed the steps to a T, and this was the results.

select operation target: list servers in site

Found 3 server(s)

0 - CN=ASLAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=a
u
1 - CN=TIRIAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=
au
2 - CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au


select operation target: select server 2

Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
Domain - DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
Server - CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au DSA object - CN=NTDS Settings,CN=BREE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=narnia,
DC=uccentre,DC=ucaqld,DC=com,DC=au
DNS host name - bree.narnia
Computer object - CN=BREE,OU=Domain Controllers,DC=narnia,DC=uccentre,DC=ucaqld,DC=com,DC=au
No current Naming Context
select operation target: quit

metadata cleanup: remove selected server
DsRemoveDsServerW error 0x2094(The DSA object cannot be deleted.)
metadata cleanup:

As you all can see, Unsuccessful.
When I try to demote the server, :Active directory is busy" comment.

I guess the aother option I might have is to physically remove the network cable, select demote and say that it is the last DC on the domain.
What do you think Guys/Girls.
0
 
LVL 2

Expert Comment

by:Jonas1
ID: 8089643
I have a pretty good idea how this happened (cause I've done it too).  There was a domain suffix in the network setting on the NT4 server, when this one was upgraded to windows 2000 it became what microsoft calls a disjointed domain (something to that extent).  I believe that in order to remove this, you must demote the server to a member server, remove the domain suffix out of network properties and then repromote.  Let me see if I can find the microsoft Q article for this...

-Jonas1
0
 
LVL 2

Expert Comment

by:Jonas1
ID: 8089736
Hey Abayliss,

Go to the command prompt and send me the text from ipconfig /all.  Then tell us what the domain name is supposed to be.

-Jonas1
0
 

Author Comment

by:abayliss
ID: 8100400
Hi Jonas1

This is the ipconfiguration form my workstation and,
the server with the problem.

Windows IP Configuration

   Host Name . . . . . . . . . . . . : copper
   Primary Dns Suffix  . . . . . . . : narnia.uccentre.ucaqld.com.au
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : narnia.uccentre.ucaqld.com.au
                                       uccentre.ucaqld.com.au
                                       ucaqld.com.au
                                       com.au

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : narnia.uccentre.ucaqld.com.au
   Description . . . . . . . . . . . : Intel(R) PRO/100+ Management Adapter
   Physical Address. . . . . . . . . : 00-D0-B7-4D-9E-17
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 192.168.0.207
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.254
   DHCP Server . . . . . . . . . . . : 192.168.0.201
   DNS Servers . . . . . . . . . . . : 192.168.0.201
   Primary WINS Server . . . . . . . : 192.168.0.201
   Lease Obtained. . . . . . . . . . : Sunday, March 09, 2003 10:47:48 PM
   Lease Expires . . . . . . . . . . : Monday, March 10, 2003 10:47:48 PM

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


The Server with the problem.

C:\>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : bree
        Primary DNS Suffix  . . . . . . . : narnia
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : narnia
                                            narnia.uccentre.ucaqld.com.au

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : narnia.uccentre.ucaqld.com.au
        Description . . . . . . . . . . . : Intel(R) PRO/100+ PCI Adapter
        Physical Address. . . . . . . . . : 00-90-27-6D-36-66
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.202
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.254
        DNS Servers . . . . . . . . . . . : 192.168.0.201
        Primary WINS Server . . . . . . . : 192.168.0.201


As you can see, there is no difference, excepth for the DNS suffix

The server name is surposed to be BREE with a FQDN "BREE.NARNIA.UCCENTRE.UCAQLD.COM.AU"
0
 
LVL 2

Expert Comment

by:Jonas1
ID: 8103132
Hey Abayliss,

Follow my previous post.  Run DC Promo > Demote the server > Remove the dns suffix from the IP Settings > DC Promo and Join the domain.  That should handle the issue.

-Jonas1

Whew...That's a lotta work for 50 point..LOL
0
 

Author Comment

by:abayliss
ID: 8106533
PROBLEM, DCPROMO will not work on this DC!

Everytime you run DCPROMO, it states that the credentials supplied is not authenticated on the primary server, or AD is busy.

I have used many Administrative logons and all fail.

Pevious to the upgrade to 2000, I Ghosted the nt4 Servers.
Last night. I dump ghosted the existing server, then dumped the original NT4 image down, hoping that we might be able to rebuild,.
We removed everything that was not required, including checking server name and DNS suffix.  All seem OK, We upgraded to 2000, When it was almost finished the installation, it asked if we wanted to set up as a DC or a member server. I selected to remain as member server.  At this time it tried to istall AD, I cancelled that.
When it rebooted, it gave us a domain logon minus the local logon, and would not any credentials.
We rebooted again, this time there was a local logon and we were able to get in, however, we had no options to change Machine name as everything was greyed out, (Spat the dummy and went home, after we dumped the lastest image back.

Today we are going to put Exchange 5.5 on to another server and try to move the users and mail boxes.


 
0
 
LVL 6

Expert Comment

by:night_monkey
ID: 8106977
wow, what a pain in the arse. after racking my brain and coming up short i've been watching to see what the answer would turn out to be.

thanks for the updates, abayliss.

good luck on this latest attempt to complete your project.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9222068
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is to:

Be PAQ'd/Points No Refunded

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Paul
EE Cleanup Volunteer
0
 

Accepted Solution

by:
AnnieMod earned 0 total points
ID: 9271063
Per recommendation.

AnnieMod
Community Support Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question