FSMO seized - failed server online - what now?

Posted on 2006-06-20
Last Modified: 2010-04-13
I have a very simple network with about 10 workstations (windows xp) and 2 domain controllers (windows 2000).  

Roughly 3 weeks ago the primary domain controller was having serious stability issues and I was unable to get it to boot for a successfull transfer of FSMO roles.  As users were unable to login I seized the FSMO roles on secondary DC and operations resumed as normal.

Now I have the unstable server back online how do I inform this server that it is no longer pdc master.   When trying to access the Operations Masters tab through active directory I am unable to use the "change roles" as it is unable to contact the current FSMO.  Im assuming it still thinks it is the current FSMO but it has been stripped away.

Is there a way to manually fix it through NTDSutil?

Do I have to reinstall windows again?

The unstable server is also the Exchange server (go figure?) and the re-installation of this one would be tricky?

Would I be better off requesting a server upgrade (it is a bit underpowered for an exchange server) and migrate the current exchange 2000 to a windows 2003/exchange 2003 enviornment?
Question by:mulcahyj
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 13

Accepted Solution

Kini pradeep earned 100 total points
ID: 16944893
no you need not reinstall windows but you cannot keep the old role master online,
you need not to rmove that m/c as a dc.
a normal dcpromo might not work, get that DC offline again and demote it with dcpromo /forceremoval (make sure sp4 ) then do a metedata cleanup.;EN-US;216498
readd the m/c after deleting any of its dns entries and then again promote it to a dc.
i think thats the only way out, if you find anything new let me know.

Author Comment

ID: 16945480
will the dcpromo /forceremoval have an effect on the exchange installation?  
LVL 13

Expert Comment

by:Kini pradeep
ID: 16945758
do not have much experience with exchange, but the dcpromo /forceremoval should not impact the exchange, because what it does is it demotes the domain controller without notifying any other DC in the domain, due to which we have to do the metadata cleanup.
but make sure you have exchange backed up, if you have a good backup then you need not worry abou anything.

Author Comment

ID: 16953811
Here is what I have decided to do, although I have not done this as of yet.  

I am going to make the unstable server the operations master once again. The reason I want to do this is because this machine is running my exchange service which requires active directory.  I can not do a dcpromo /forceremove on this box as it could potentially have drastic effects on my exchange.  I have sifted through some other problems somewhat similar to mine and removing and reinstalling exchange seems to be a rather large headache.

So the current machine holding the operations master fsmo roles, the power house, I will dcpromo /forceremove him and do the metedata cleanup.
After this is complete I will make sure our exchange server is once again in full control of the network.  (is this possible?  Can i seize the pdc master back after it has been seized away?)
Once everything is running as intended I will bring our powerhouse back online, dcpromo him back as a domain controller.

Now here is what I would like to end up with.  The exchange server I just want to be an exchange server (requires active directory so i cant demote him)  And the power house server is where i want all the login, dns, profiles, file storage ect. to be taking place. (this server is built for this type of service)

So after this server is back online and promoted as an additional domain controller of that domain. Is this when i should TRANSFER fsmo roles to him?  Do I need to do anythingn else besides the 5 roles to make him the big man in the domain?

- Jason
LVL 13

Expert Comment

by:Kini pradeep
ID: 16953961
well since you have 2 Dc's in the domain
exchange and powerhouse.
exchange previously had the FSMO roles which were seized to powerhouse, now according to your strategy, what you would need to do is take powerhouse offline.
get exchange online, (make sure its a GC as well). no need to seize the roles back because exchange would still show the FSMO roles (they were seized and not transferred so ideally the server should not be brought online before a metadata cleanup).

few things to remember :
backup the Dc's.
take the powerhouse offline.
bring the exchange online.
make sure the domain is functional, up and kicking.
if you can afford to bring a swing server online ( another piece of hardware) as a Dc would be good, it would eliminate any harm to the domain.
do a metadata cleanup for the powerhouse Dc on exchange.
do a dcpromo /forceremoval on the powerhouse.
add it to the domain and then promote it.
make sure the replication among the Dc's is consistent (AD as well as file replication)
then transfer the fsmo roles to powerhouse and do a graceful demotion on exchange and keep it as only an exchange server.
i know its gonna be time consuming but its good to take precautions to prevent a Dissaster.
let me know if i could be of any further assistance.

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question