Eden-IT
asked on
New Domain Controller
Hi Guys,
A two part question for you!
Our 2003 server (only one server on the network) went bang last weekend and we found out on Monday that our IT support company had not been checking backup as they were meant to and no backups had completed for over a couple of months. Anyhow I have spent this week putting in a new server with exactly the same settings down to machine name, domain name, IP address user accounts / passwords shares etc. The only thing that is different is the admin password. The issue I have when trying to get the xp desktops to log back onto the domain, I get an error message saying "Logon failed, unable to find or join the *** domain". If I make the desktop join a workgroup and then join the domain again everything is fine, all I have to do is copy the users profile into their new profile. The question is there a different way of getting the machines back on to the domain without having to do the whole join workgroup and then domain again (I've got about 30 machines to do so it will take some time)?
The second question is that the machine I have put in place for the above problem is only a temporary machine until a new proper server arrives next week, I was going to setup the new server just as I did above, so how can I get round the above problem next time?
Thanks in advance.
Ed.
Ed.
A two part question for you!
Our 2003 server (only one server on the network) went bang last weekend and we found out on Monday that our IT support company had not been checking backup as they were meant to and no backups had completed for over a couple of months. Anyhow I have spent this week putting in a new server with exactly the same settings down to machine name, domain name, IP address user accounts / passwords shares etc. The only thing that is different is the admin password. The issue I have when trying to get the xp desktops to log back onto the domain, I get an error message saying "Logon failed, unable to find or join the *** domain". If I make the desktop join a workgroup and then join the domain again everything is fine, all I have to do is copy the users profile into their new profile. The question is there a different way of getting the machines back on to the domain without having to do the whole join workgroup and then domain again (I've got about 30 machines to do so it will take some time)?
The second question is that the machine I have put in place for the above problem is only a temporary machine until a new proper server arrives next week, I was going to setup the new server just as I did above, so how can I get round the above problem next time?
Thanks in advance.
Ed.
Ed.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Oh, I forgot to mention...after you dcpromo the new machine let it run for a day or two to make sure everything is working correctly.
Take the FSMO roles over with the new server and make sure it's a Global Catalog. If you have more sites make sure it's a bridgehead server too.
Install the Windows Support Tools from the /support/tools directory on the Windows CD and run "dcdiag" on the new DC.
Once you are sure the new DC is working correctly and has all the correct roles just run dcpromo on the "temp" box again to demote it from the domain. Once that's done voila AD has been moved to a new server.
Take the FSMO roles over with the new server and make sure it's a Global Catalog. If you have more sites make sure it's a bridgehead server too.
Install the Windows Support Tools from the /support/tools directory on the Windows CD and run "dcdiag" on the new DC.
Once you are sure the new DC is working correctly and has all the correct roles just run dcpromo on the "temp" box again to demote it from the domain. Once that's done voila AD has been moved to a new server.
sounds like you are discovering the joys of a single domain controller with no backup.
When you setup the domain it creates an ID key for that domain and is used for all aspects. If you setup another domain with exactly the same, these keys will still be different so the clients will not pick up on it. The only way you can join them to new domain (even though it is the same name) is put them to a workgroup and then join the domain. This will also create a new profile on the machine which you will have to straighten out.
If the machine is only temporary, I would recommend just leaving the machines in a workgroup until you get the proper hardware in place.
When you setup the domain it creates an ID key for that domain and is used for all aspects. If you setup another domain with exactly the same, these keys will still be different so the clients will not pick up on it. The only way you can join them to new domain (even though it is the same name) is put them to a workgroup and then join the domain. This will also create a new profile on the machine which you will have to straighten out.
If the machine is only temporary, I would recommend just leaving the machines in a workgroup until you get the proper hardware in place.
ASKER
Thanks guys, I was hoping there was going to be a simple way but never mind, I'd like to give you both the points, but first come first serverd! Sorry robberbaron
So you have to rejoin the PCs to the domain and the workstation then gets a new ID as well.
If you have Server2003, not SBS, I think you can install the new server, DCPromo, let the settings sync between the server, then grab the master roles for the new server. Then remove the old server after transferring data.
Server names will change though.......
there is a Swing Migration technique that involves a temporary domain controller being installed as an intermediate step.
www.swingmigration.com
Supposed to be very good if you have exchange etc on this server .