Solved

Preserve the user accounts and security groups during a win2ksrv(dc) demotion?

Posted on 2004-04-20
4
212 Views
Last Modified: 2010-04-13
I have recently taken over the network administration duties at the company that i work for. I now understand why the network never seemed to work. Its a nightmare. I need some help.

I have a Dell server running Windows 2000 Server(DC). We do have a domain and it is registered. (We are not hosting the DNS for the domain on our server though.)  I have managed to clean-up a lot of the mess by uninstalling unused services (Media Services, RIP, etc.) This has given us back a lot of resources.

Problems:
1.   The NetBIOS and Domain names are different.
2.   The domain is set as domain.com as if we were hosting it. It should be domain.local
3.   I need to preserve the user accounts and passwords

The answer that i see to my first two problems is that i need to demote the server to a member server. Then promote it back to being the DC. I think that will erase the domain user accounts, security groups, and all other domain level configurations. Is there a way to preserve the user accounts and security groups during a win2ksrv(dc) demotion?

A new server is not an option, so sayith accounting. (believe me, I TRIED.)
0
Comment
Question by:teksamurai
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
YarnoSG earned 125 total points
ID: 10869115
Do you have another box that you could TEMPORARILY make a DC?  If so, you could join this computer into the domain, promote it to DC, then DEMOTE the original box, using the temporary box as a Domain LIFEBOAT, until you can clean up and re-promote the original box.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 10869185
any domian will have a netbios domain name and a DNS domain name,, these will always be different b/c the netbios name cannot have the .com in it.  this is perfectly normal and if you have your dns and wins servers setup correctly with the proper type of records this will work fine,,, then you can get to your domain (adding new machines etc) by using either the DNS name or the netbios name.   on your second point about the domain.local....  this is an option but as you mentioned it will require you to rename your entire domain which to the best of my knowledge requires you to lose all of your domain info like you mentioned,,, yes there is probably a work around if you are dead set on renaming your dns  domain to domain.local,, but this isn’t necessary at all… If your dns is set up correctly you can have your internal domain dns domain name the same as your external registered domain.com name,,,, this is how mine is set up and it works fine.. the trick is to have proper DNS settings.  Basically have all of your internal clients point to an internal dns server with private mappings so your internal clients can connect to internal servers… if an external client needs to get to your servers,, they will get the proper DNS info from your ISPs DNS servers since you don’t host your own. This system has been working fine for me and it will prevent you from having to redo your AD.
0
 
LVL 1

Author Comment

by:teksamurai
ID: 10879743
Thank you all for your comments. Please keep them coming.

mikeleebrla,
#1
I understand what you are saying about the netbios and domain name being different. But in this case, it is a little different.
The domain is dog.com
The netbios is server
I wouldn't have a problem if the netbios was "dog".

#2
We are running a DNS server that is thinks that it is hosting the domain for dog.com and the DNS entries are FUBAR. My internal clients can not get to our own website(Which is hosted with an outside provider along with the domain). This is one of the reasons that i want to change the domain to be dog.local, rather than dog.com.

I was afraid that i would just have to rebuild the AD and DNS from scratch. i was looking for a way to save myself that pain.

Thank you
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 10879921
why couldn't your inside clients get to your own website??  If DNS was set up correctly they could. is your web server on your lan or not?  
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2000 and 2008 Servers Network Stopping 7 916
Windows 8 in a W2K Domain 7 581
Virtualise server 2000 for Hyper V 4 841
cant not receive emails, due to low disk space. 16 255
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now