Solved

Removing Windows 2003 server from ADS and adding it in again?

Posted on 2006-11-19
18
195 Views
Last Modified: 2010-04-18
I seem to have a problem with one server and want to remove the server from ADS and put it back in ADS. The problem server is not the FSMO. So can I run dcpromo on the problematic server to remove the problematic server and how do I remove the problematic server from the FSMO.

The problematic server is also running MS SQL 2005, so can I put it back in ADS without restoring all the data and SQL server?

If this does work how long would this process take, as there is only 2 servers in this ADS.

Thanks
0
Comment
Question by:john_s99
  • 9
  • 7
  • 2
18 Comments
 
LVL 2

Expert Comment

by:resourcepc
ID: 17975072
SQL does not really care about Active Directory, so you don't have to worry about losing your data.  You should have no problem running dcpromo to remove it as a DC and then adding it back since the server does not contain any FSMO roles.  Depending on how fast your hardware is, I would give it at least 30 to 45 minutes for each dcpromo process because they'll both require reboots.
0
 

Author Comment

by:john_s99
ID: 17975758
Do I need to do anything on the FSMO based server besides rebooting it?
0
 
LVL 2

Expert Comment

by:resourcepc
ID: 17975763
You shouldn't even have to reboot the other DC that contains all the FSMO roles.
0
 

Author Comment

by:john_s99
ID: 17975786
Ok. What about the DNS entries on the FSMO server, as the FSMO server has DNS installed.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17975894
thats fine, dont worry about DNS, if yoru worried, then just remove the host entry for the server that you have just removed
0
 

Author Comment

by:john_s99
ID: 18023653
Ok, after doing this I have the following problem

1. On the server that I demoted and promoted I get the following:

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            11/27/2006
Time:            5:39:19 PM
User:            NT AUTHORITY\SYSTEM
Computer:      DB
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Warning
Event Source:      MSDTC
Event Category:      SVC
Event ID:      53258
Date:            11/27/2006
Time:            5:39:16 PM
User:            N/A
Computer:      DB
Description:
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Any idea on what is causing these two issues?

Thanks

0
 

Author Comment

by:john_s99
ID: 18023797
And now on the non demoted / promoted server I'm getting the following:

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            11/27/2006
Time:            6:25:08 PM
User:            NT AUTHORITY\SYSTEM
Computer:      MAIL
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18025619
for those errors, there are heaps of possibilites...most DNS   your best bet is eventid.net for a starting point
0
 

Author Comment

by:john_s99
ID: 18039078
Ok, using dcpromo it asks me for a new admin password, I put one in and after that dcpromo fails with no more endpoints.

So, I can't remove the server from ADS using dcpromo. Is there another way to remove it from the Active Directory?

Thanks
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18049148
hmm no more end points....often caused by windows firewall and the RPC service

you can use dcpromo /forceremoval but then you need to follow this link

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:john_s99
ID: 18082096
Ok, I tried that and when I used the ntdsutil I got the no more endpoints available.

I eventually got it working thou and now a few services won't start automatically. They will start manually, i.e. if i go into services.msc then click on start the service the services start ok. One of the ones is kerbous distribution. (Which I suspect is needed for ADS?)

Any other idea's?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18082382
you need to run that tool from the alive dc..i would rebuilsd the other one
0
 

Author Comment

by:john_s99
ID: 18112661
Ok, when I run it from the live dc I get the following error:

DsBindW error 0x6d9(There are no more endpoints available from the endpoint mapper.)

And I can't go beyond this error.

Any idea's?

Thanks
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18121158
is your RPC service when you run this?
0
 

Author Comment

by:john_s99
ID: 18128050
Is RPC running as a service?

Yes...

when I used the ntsdutil utility do I put in the problematic server or the good domain controller?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18128858
on the good DC to remove dodgy traces
0
 

Author Comment

by:john_s99
ID: 18130132
so both RPC services should be running on the good DC?

0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18130154
all auto services should be running my friend
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

939 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now