• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 295
  • Last Modified:

Active Directory issue

OK, here is the problem.  My PDC crashed on Sunday.  The PDC is SBS2003.  I have a second server and it was added to active Directory as a domain controller.  Well I was forced to re-install the PDC and restore from Backup.  My problem is this, is there a way I can add the second server to the PDC active directory with out re-installing it?  Same with the client computers.  None are showing up in active directory and none of my users can remote in from off site.  Any help would be great and the less complicated.  I would hate to have to re-install the second server again and the local machines.  Please any help would be great

Sincerely,

Adam Gamache
0
agamache
Asked:
agamache
  • 7
  • 2
  • 2
  • +2
1 Solution
 
NetworkArchitekCommented:
Hi agamache,
Well, I'm not really sure what is going on exactly. But yes you can join the second server to the domain and make it a DC. As for the clients, have you tried rejoining them to the domain?

Cheers!
0
 
agamacheAuthor Commented:
I tried adding the second server to the PDC but it doesn't show in the directory.  I have tried adding a client machine to the domain again, but same issue
0
 
agamacheAuthor Commented:
I tried Demoting the Second server so I can rejoin it, but it gives me errors when I try to demote.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
NetworkArchitekCommented:
Ok, what errors are you getting in each case?
0
 
agamacheAuthor Commented:
The error on the second server is, unable to demote server since there is no systems account on this machine and the client machines just aren't showing up in the directory, there is no error
0
 
agamacheAuthor Commented:
Do I add the second server from the PDC?
0
 
frajicoCommented:
┬┐Do you have DNS configured on the new PDC? Check DNS settings

Salu2
0
 
zerofieldCommented:
if it's not a simple DNS issue such as frajico suggested, then you've really run yourself off a cliff with reinstalling that PDC in the manner that you did.

What you should have done/might still be able to do, i dont know:

1) When the primary server crashed, and it was deemed totally dead, you should have seized the FSMO roles with the other DC
2) Deleted references to the dead server assuming it'd allow you to

Seizing FSMO roles:
http://support.microsoft.com/kb/255504

If you can still see the users and computers on the second DC you have, you should be ok - granted if that were the case it'd sound like they'd be authenticating against them now and you wouldnt have a problem..
0
 
agamacheAuthor Commented:
Ok, now the second server still has all the client computers listed.  Should I promote the second server to the pdc and have him take control of active directory?  Should I try and transfer the data from the second to the first, if so, which commands is it I should be using.  I read the info you posted from Microsoft and I wasn't sure if I should perform this on the first server or the second.

Thanks again for all your help

Sincerely,
Adam
0
 
zerofieldCommented:
take the server that doesnt show any computers/users and get it as far away from the network as you can.  dont do anything else, just unplug it, get that thing off if you still have the AD intact on the other server.

On the server that DOES show the users/computers, run the FSMO seize process, assuming it doesnt already have those roles.  If you are in a native mode AD, a few of those roles will transfer themselves, but i'd still be 10000% sure of it.
0
 
agamacheAuthor Commented:
Then I take it I would just add the originall server to the second one as a domain controller?  How does that work when it is running exchange?  

Adam
0
 
rafael_accCommented:
a PDC is one of the 5 master roles in Active Directory. Additionally this is a very important one. YOu can only have one DC holding a specific master role. Therefore you cannot have two PDCs or two Schema masters, etc in your network.
But you can configure some kind of automatic redundancy for in case of a failure ...

Take a look at this article and have some fun!!! Very insteresting information.

http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd04.mspx

Cheers.
0
 
agamacheAuthor Commented:
Now I tried to make the second server the PDC but it gives me an error when I try to run the command ntsdutil.  I also noticed on the server that crashed it reads the domain as JLINE.LOCAL and on the Second server it reads jline.local, what should I try at this point?  The second server still has the list of user computers and accounts but it wont replicate to the server that was the PDC.  Thanks for the help

Adam
0
 
rafael_accCommented:
As already posted, you cannot have two pdcs in your network. If you want to "demote" the actual one and create another one, you have to do it in a "conversion" process described in the link I already gave you.

"Role transfer

Role transfer is the preferred method to move an operations master role from one domain controller to another. During a role transfer, the two domain controllers replicate to ensure that no information is lost. After the transfer completes, the previous role holder reconfigures itself so that it no longer attempts to perform as the operations master while the new domain controller assumes those duties. This prevents the possibility of duplicate operations masters existing on the network at the same time, which can lead to corruption in the directory."

How to transfer roles (from the link http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part2/adogdapb.mspx#EZAA) ?

"To transfer a domain-level operations master role

1.
 In the Active Directory Users and Computers snap-in, at the top of the console tree in the left pane of the snap-in, right-click Active Directory Users and Computers. Click Connect to Domain Controller.
 
2.
 In the list of Available controllers, click the name of the server you to which you want to transfer the role. Click OK.
 
3.
 At the top of the console tree in the left pane of the snap-in, right-click Active Directory Users and Computers. Click Operations Masters.

The name of the current operation master role holder appears in the upper box. The name of the server to which you want to transfer the role appears in the lower box.
 
4.
 Click the tab that belongs to the role you want to transfer: RID, PDC, or Infrastructure. Verify the computer names that appear and then click Change. Click Yes to transfer the role.
 
5.
 Repeat step 4 for each role that you want to transfer.

Note: Hosting the infrastructure master on a global catalog server is not recommended. If you attempt to transfer the infrastructure master role to a domain controller that is a global catalog, the system displays a warning stating that this is not recommended. Click OK to override the warning and transfer the role. If you click Cancel, you do not transfer the role.
 
6.
 Click Yes to confirm the transfer, and click OK to confirm that the operation is complete."


Cheers
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 7
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now