[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

W2K3 domain controller offline temporarily

Posted on 2008-06-15
3
Medium Priority
?
3,585 Views
Last Modified: 2010-05-19
I am jointly responsible for administering and managing a Windows 2003 Active Directory environment, comprsing around 200 servers, around 20 of which are domain controllers. 3 domains exist within the forest, 2 child domains and one root domain.  

One of the domain controllers needs to be powered off for around a week and management do not want to dcpromo the box, for various reasons.  I have been asked to investigate how long a domain controller can theoretically be powered off for before problems could oocur.  I am well aware of the tombstone lifetime and also have a fairly good understanding of the replication process.  However, what else could affect this scenario?  Could the machine be powered off for a month for example?  I appreciate that replication could hammer the machine once powered back on but I just need a few more bits of info.  By the way, no FSMO roles exist on this domain controller.

Thanks in advance.
0
Comment
Question by:gkeane
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 21789601
I think that 30 days is max, since after that the AD data will not be accepted via replication , so that is your max.


I hope this helps !
0
 

Author Comment

by:gkeane
ID: 21789623
I wasn't aware of that limit, cheers.  What is the process/mechanism that controls this?  Is it the KCC?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 21791224
There is a limit to the length of time a Domain Controller to be offline. I always thought it was 30 days as well, but it looks like, according to http://support.microsoft.com/kb/198793/, that in Windows Server 2003, this limit has been increased to 180 days.

This limit is all related to the garbage collection process in Active Directory.

You might want to review http://technet2.microsoft.com/windowsserver/en/library/ab0ad0e9-2f7a-417c-a312-676c0fc9cd771033.mspx?mfr=true which details a checklist of things to do before you take a DC offline for a long period of time.

-tigermatt
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question