?
Solved

Unable to remove DC using dcpromo

Posted on 2007-10-16
11
Medium Priority
?
1,270 Views
Last Modified: 2008-02-26
I currently have a windows 2003 rc2 sp2 domain with three domain controllers. One of the DC's is running on a low end workstation that i had to use to create a quick DC when i had no other machines to use. i have since introduced two server class machines into the domain and wish to demote and remove the "workstation" DC. The other two DC's were joined successfully and i have transfered all the roles to one of the other DC's. When i run dcpromo on the DC i want to remove it tells me that "although i didnt check the box indicating that this is the last DC no other DC in Active directory can be found. do i want to contiune?" the other two DC are up as i can see them in ADUC. i installed the support tools on the affected DC, ran dcdiag and got these results:

-------------------------------------------------------------------------------------------------------------------------------
C:\Documents and Settings\edward>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SOUNDWAVE
      Starting test: Connectivity
         ......................... SOUNDWAVE passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SOUNDWAVE
      Starting test: Replications
         ......................... SOUNDWAVE passed test Replications
      Starting test: NCSecDesc
         ......................... SOUNDWAVE passed test NCSecDesc
      Starting test: NetLogons
         ......................... SOUNDWAVE passed test NetLogons
      Starting test: Advertising
         Warning: SOUNDWAVE is not advertising as a time server.
         ......................... SOUNDWAVE failed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SOUNDWAVE passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SOUNDWAVE passed test RidManager
      Starting test: MachineAccount
         ......................... SOUNDWAVE passed test MachineAccount
      Starting test: Services
         ......................... SOUNDWAVE passed test Services
      Starting test: ObjectsReplicated
         ......................... SOUNDWAVE passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SOUNDWAVE passed test frssysvol
      Starting test: frsevent
         ......................... SOUNDWAVE passed test frsevent
      Starting test: kccevent
         An Error Event occured.  EventID: 0xC0000583
            Time Generated: 10/16/2007   21:22:14
            (Event String could not be retrieved)
         ......................... SOUNDWAVE failed test kccevent
      Starting test: systemlog
         ......................... SOUNDWAVE passed test systemlog
      Starting test: VerifyReferences
         Some objects relating to the DC SOUNDWAVE have problems:
            [1] Problem: Missing Expected Value
             Base Object: CN=SOUNDWAVE,OU=Domain Controllers,DC=Atlanta,DC=ClosedPorts
             Base Object Description: "DC Account Object"
             Value Object Attribute Name: frsComputerReferenceBL
             Value Object Description: "SYSVOL FRS Member Object"
             Recommended Action: See Knowledge Base Article: Q312862

            [1] Problem: Missing Expected Value
             Base Object:
            CN=NTDS Settings,CN=SOUNDWAVE,CN=Servers,CN=Default-First-Site-Name,CN=Sit
ation,DC=Atlanta,DC=ClosedPorts,DC=com
             Base Object Description: "DSA Object"
             Value Object Attribute Name: serverReferenceBL
             Value Object Description: "SYSVOL FRS Member Object"
             Recommended Action: See Knowledge Base Article: Q312862

         ......................... SOUNDWAVE failed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : Atlanta
      Starting test: CrossRefValidation
         ......................... Atlanta passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Atlanta passed test CheckSDRefDom

   Running enterprise tests on : Atlanta.ClosedPorts.com
      Starting test: Intersite
         ......................... Atlanta.ClosedPorts.com passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
         A Good Time Server could not be located.
         ......................... Atlanta.ClosedPorts.com failed test FsmoCheck

________________________
the knowledge is confusing...any quick fixes out there?

thanks in advance.

_____________________________________________________________
0
Comment
Question by:swflant
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20090308
no quick fixes to make it nicely....you can forcefully remove though

DCPROMO /FORCEREMOVAL and then follwo the next guide to clean it
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

make sure you follow all the way to the bottom to clean AD properly!
0
 
LVL 70

Expert Comment

by:KCTS
ID: 20090346
Have you created a global catalog on at least one of the other DCs?
If not do that first. Go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox.

Also, if you are going to get rid of this server make sure that DNS is installed on at least one of the other machines and that your clients (and other servers) are configured to use it.
0
 
LVL 6

Expert Comment

by:matt_beatt
ID: 20091540
Does the box your attempting to remove have the PDC Emulator FSMO role?

Check your FSMO roles are not held by this computer and as KCTS says check the GC is not solely held on this box
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:swflant
ID: 20092915
I have another GC in the domain.   i have two other DNS servers in the domain that are behaving and functionng correctly. i have transfered all the roles over to another DC but i am still having the issue with the "workstation" DC thinking it is the only DC in the domain. Is seizing and force removal the same thing?

thanks

ed
0
 

Author Comment

by:swflant
ID: 20092953
Can i just continue and remove it even though it thinks it is the only DC left. i have the other two DC up and runinning.

ed
0
 

Author Comment

by:swflant
ID: 20092968
The odd thing is that i can add new DC to the domain without issue. i can also remove the other DC without issue. the error is only on the "workstation" when i try to dcpromo and remove it.

ed
0
 
LVL 6

Expert Comment

by:matt_beatt
ID: 20092972
So long as you have transferred all 5 of the FSMO roles and you have other GC's then yes you should be fine but first check the time service on the DC's - particularly the one holding PDC Master
0
 
LVL 6

Expert Comment

by:matt_beatt
ID: 20093014
Also i missed this in your output earlier - have you gone over this??? You have missing FRS objects in AD
0
 
LVL 6

Expert Comment

by:matt_beatt
ID: 20093024
OOpps forgot link

http://support.microsoft.com/kb/312862

Some objects relating to the DC SOUNDWAVE have problems:
            [1] Problem: Missing Expected Value
             Base Object: CN=SOUNDWAVE,OU=Domain Controllers,DC=Atlanta,DC=ClosedPorts
             Base Object Description: "DC Account Object"
             Value Object Attribute Name: frsComputerReferenceBL
             Value Object Description: "SYSVOL FRS Member Object"
             Recommended Action: See Knowledge Base Article: Q312862
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20097940
froceremoval is not the same as seizing

DCPROMO has always had problems with demoting a domain controller, its virtually a 50/50 hit and miss...thats why the forceremoval switch exists, run it, you will be fine, just clean it afterwards
0
 

Accepted Solution

by:
swflant earned 0 total points
ID: 20105764
none of the suggestions worked. Thanks but it was easier to join the servers and workstations and servers to another domain we own and work thru the printer and permissions issues.

thanks for the help
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Screencast - Getting to Know the Pipeline

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question