gateguard
asked on
How to remove Active Directory from a Domain Controller when DCPROMO fails?
Trying to dcpromo-down a Domain Controller, getting this error:
Active Directory Installation Failed
The operation failed because:
The Directory Service failed to replicate off changes made locally.
"The DSA operation is unable to proceed because of a DNS lookup failure."
Microsoft articles abound on fixing the DNS in a domain but my DNS IS NOT BROKEN! I can ping every server by name from any server/workstation and all the srv records that should exist do exist.
This is some other problem.
Any idea what ACTUALLY is wrong?
Active Directory Installation Failed
The operation failed because:
The Directory Service failed to replicate off changes made locally.
"The DSA operation is unable to proceed because of a DNS lookup failure."
Microsoft articles abound on fixing the DNS in a domain but my DNS IS NOT BROKEN! I can ping every server by name from any server/workstation and all the srv records that should exist do exist.
This is some other problem.
Any idea what ACTUALLY is wrong?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This computer is remote from me and I'm still waiting to hear whether or not they can log on to directory services restore mode (one of the steps above). As soon as I determine that, I will use the HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion.
To make it clear:
When demotion fails, you have two problems:
1. You still need to remove AD from server in question. You can do this forcebly, but then Active directory on other domain controllers will not be cleared from references to this server.
Hence,
2. You will need to remove references to this server from Active directory (other "live" domain controllers) manually.
"HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion" article addresses second issue. You don't do what described in this article on server which you need to demote. You do this on other domain controllers.
What you need to do with server you trying to demote is described in first and last links mentioned above.
4auHuk
When demotion fails, you have two problems:
1. You still need to remove AD from server in question. You can do this forcebly, but then Active directory on other domain controllers will not be cleared from references to this server.
Hence,
2. You will need to remove references to this server from Active directory (other "live" domain controllers) manually.
"HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion" article addresses second issue. You don't do what described in this article on server which you need to demote. You do this on other domain controllers.
What you need to do with server you trying to demote is described in first and last links mentioned above.
4auHuk
Thanks :)
ASKER
Active Directory Installation Failed
The operation failed because:
The Directory Service failed to replicate off changes made locally.
"Logon Failure: The target account name is incorrect."