Solved

AD replication tombstone - exchange query

Posted on 2008-06-11
5
413 Views
Last Modified: 2010-04-21
We have had a replication failure and the server in question has gone into stand alone mode.  i have searched these pages and the received wisdom is to demote the server, clear off any reference to the AD on it (plus the primary DC) and then re-promote and start replication.

this is fine.  however - the server in question is also our exchange server for that site, and i would appreciate some reassurance that doing what i have outlined above wont interfer with exchange operations?

Its a windows 2003 server with exchnage 2003 on it as well.
Many thanks in advance

alex
0
Comment
Question by:Brookdaleal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 16

Expert Comment

by:Redwulf__53
ID: 21760194
You don't have any choice...
Your Exchange services should survive the operation.
Well, since it is never recommended to combine AD and Exchange (and now you know why), you might consider adding a new server as domain controller after you demote the Exchange server, instead of promoting it again.
0
 

Author Comment

by:Brookdaleal
ID: 21760297
thanks for the quick reply!  
If i demoted this server, it would leave the Primary domain controller on that site (called server A) and this server as a member server, and third member server running SQL (server C)
would you suggest promoting serve C or could we just leave the PDC (server A) on its own?
i guess the risk is that if the PDC goes down, there's no-one else around to run the shop?

thanks!
alex
0
 
LVL 16

Accepted Solution

by:
Redwulf__53 earned 300 total points
ID: 21760558
Thinking about it a bit more, you may run into a couple of problems.
I suggest following this method for safest result:
-Disconnect the Exchange box from the network
-Make sure server A holds all FSMO roles (seize the roles if necessery)
-On server A: in AD Users& Computers, move the server B account to the Computers OU, and remove the membership from the "Domain Controllers" Group.
-On server A: in AD Sites And Services, remove all references to Server B
-On server A: in DNS, remove all records referring to server B
-Do not delete the computer account from AD, as Exchange server is linked to that account!
-Stop all Exchange services and set startup type to "disabled"
-Run DCPromo, and mark the server as last domain controller in the domain.
-Restart. The server will now be stand-alone
-Reconnect the server to the network, and make it member of the domain (again). It should now reconnect to its still existing account in AD, so it's exchange server group memberships should still be intact.
-Start the Exchange services.

Good luck!

PS about redundancy: combining AD with SQL may also not be a good idea... especially if you need high availability of either... ultimately it's your own choice, but now you've experienced it's not a good idea to combine roles, you may convince your managers to invest in another Windows license. If you virtualize it, the additional hardware cost would be minimal.

0
 

Author Comment

by:Brookdaleal
ID: 21761015
thanks for the pointers!

i dont plan to do this until either tomorrow night or the weekend when people are off line... whats the EE protocol on closing this question before testing out... can i leave open for a few days in case i have further questions?
thanks
alex
0
 

Author Closing Comment

by:Brookdaleal
ID: 31466154
there were some really useful caveats here - and some good general advice about server setup.  thanks for the help!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
how to add IIS SMTP to handle application/Scanner relays into office 365.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question