Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


rejoining a domain controller to the same domain.

Posted on 2007-08-01
Medium Priority
Last Modified: 2013-12-05
A Domain controller on the domain had it's account reset, since then dcpromo was run on that domain controller, and active directory has been removed from that domain controller. the computer account has been removed from the PDC. How do you rejoin a domain controller to the domain.
Question by:cciavola
LVL 51

Expert Comment

ID: 19610165
Run DCPROMO again.

Remove all DNS entries for the old DC and delete it from AD Sites and Services first.

Author Comment

ID: 19610262
when i run DCPROMO, it acts as if it were never nun before and gives the error:
active directory installation failed
the operation failed because:
the directory service failed to replicate off chances made locally.
the DNA operation is unable to procede because of a DNS lookup failure.

Author Comment

ID: 19610361
ok, I missunderstood someone here active directory is still installed on the domain controller but the account has been removed from the PDC.
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

LVL 10

Expert Comment

by:Walter Padrón
ID: 19611098
You must demote the domain controller and clean the AD before you rejoining http://www.petri.co.il/forcibly_removing_active_directoy_from_dc.htm

LVL 70

Expert Comment

ID: 19611447
You must first make sure the machine does not think it is a domain controller any more - to do this run DCPROMO again fo demote the machine. If you fails to demote then use the DCPROMO /forceremoval option.

You also need to make sure it is gone from Active directory see http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Once this has been done then you can add it back again.
LVL 51

Accepted Solution

Netman66 earned 1500 total points
ID: 19611563
OK, so you've got all the info you need now.

DCPROMO /forceremoval
MetaData cleanup
DNS cleanup
AD Sites and Services cleanup

Wait for at least one replication cycle to converge.  Depending on your infrastructure this could be as long as 2 hours.

Retry DCPROMO to bring the server back into the domain as a DC.


Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question