• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 360
  • Last Modified:

FSMO seized - failed server online - what now?

I have a very simple network with about 10 workstations (windows xp) and 2 domain controllers (windows 2000).  

Roughly 3 weeks ago the primary domain controller was having serious stability issues and I was unable to get it to boot for a successfull transfer of FSMO roles.  As users were unable to login I seized the FSMO roles on secondary DC and operations resumed as normal.

Now I have the unstable server back online how do I inform this server that it is no longer pdc master.   When trying to access the Operations Masters tab through active directory I am unable to use the "change roles" as it is unable to contact the current FSMO.  Im assuming it still thinks it is the current FSMO but it has been stripped away.

Is there a way to manually fix it through NTDSutil?

Do I have to reinstall windows again?

The unstable server is also the Exchange server (go figure?) and the re-installation of this one would be tricky?

Would I be better off requesting a server upgrade (it is a bit underpowered for an exchange server) and migrate the current exchange 2000 to a windows 2003/exchange 2003 enviornment?
  • 3
  • 2
1 Solution
Kini pradeepIT Technology Senior ConsultantCommented:
no you need not reinstall windows but you cannot keep the old role master online,
you need not to rmove that m/c as a dc.
a normal dcpromo might not work, get that DC offline again and demote it with dcpromo /forceremoval (make sure sp4 ) then do a metedata cleanup.  
readd the m/c after deleting any of its dns entries and then again promote it to a dc.
i think thats the only way out, if you find anything new let me know.
mulcahyjAuthor Commented:
will the dcpromo /forceremoval have an effect on the exchange installation?  
Kini pradeepIT Technology Senior ConsultantCommented:
do not have much experience with exchange, but the dcpromo /forceremoval should not impact the exchange, because what it does is it demotes the domain controller without notifying any other DC in the domain, due to which we have to do the metadata cleanup.
but make sure you have exchange backed up, if you have a good backup then you need not worry abou anything.
mulcahyjAuthor Commented:
Here is what I have decided to do, although I have not done this as of yet.  

I am going to make the unstable server the operations master once again. The reason I want to do this is because this machine is running my exchange service which requires active directory.  I can not do a dcpromo /forceremove on this box as it could potentially have drastic effects on my exchange.  I have sifted through some other problems somewhat similar to mine and removing and reinstalling exchange seems to be a rather large headache.

So the current machine holding the operations master fsmo roles, the power house, I will dcpromo /forceremove him and do the metedata cleanup.
After this is complete I will make sure our exchange server is once again in full control of the network.  (is this possible?  Can i seize the pdc master back after it has been seized away?)
Once everything is running as intended I will bring our powerhouse back online, dcpromo him back as a domain controller.

Now here is what I would like to end up with.  The exchange server I just want to be an exchange server (requires active directory so i cant demote him)  And the power house server is where i want all the login, dns, profiles, file storage ect. to be taking place. (this server is built for this type of service)

So after this server is back online and promoted as an additional domain controller of that domain. Is this when i should TRANSFER fsmo roles to him?  Do I need to do anythingn else besides the 5 roles to make him the big man in the domain?

- Jason
Kini pradeepIT Technology Senior ConsultantCommented:
well since you have 2 Dc's in the domain
exchange and powerhouse.
exchange previously had the FSMO roles which were seized to powerhouse, now according to your strategy, what you would need to do is take powerhouse offline.
get exchange online, (make sure its a GC as well). no need to seize the roles back because exchange would still show the FSMO roles (they were seized and not transferred so ideally the server should not be brought online before a metadata cleanup).

few things to remember :
backup the Dc's.
take the powerhouse offline.
bring the exchange online.
make sure the domain is functional, up and kicking.
if you can afford to bring a swing server online ( another piece of hardware) as a Dc would be good, it would eliminate any harm to the domain.
do a metadata cleanup for the powerhouse Dc on exchange.
do a dcpromo /forceremoval on the powerhouse.
add it to the domain and then promote it.
make sure the replication among the Dc's is consistent (AD as well as file replication)
then transfer the fsmo roles to powerhouse and do a graceful demotion on exchange and keep it as only an exchange server.
i know its gonna be time consuming but its good to take precautions to prevent a Dissaster.
let me know if i could be of any further assistance.

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now