?
Solved

W2K3 domain controller offline temporarily

Posted on 2008-06-15
3
Medium Priority
?
3,566 Views
Last Modified: 2010-05-19
I am jointly responsible for administering and managing a Windows 2003 Active Directory environment, comprsing around 200 servers, around 20 of which are domain controllers. 3 domains exist within the forest, 2 child domains and one root domain.  

One of the domain controllers needs to be powered off for around a week and management do not want to dcpromo the box, for various reasons.  I have been asked to investigate how long a domain controller can theoretically be powered off for before problems could oocur.  I am well aware of the tombstone lifetime and also have a fairly good understanding of the replication process.  However, what else could affect this scenario?  Could the machine be powered off for a month for example?  I appreciate that replication could hammer the machine once powered back on but I just need a few more bits of info.  By the way, no FSMO roles exist on this domain controller.

Thanks in advance.
0
Comment
Question by:gkeane
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 21789601
I think that 30 days is max, since after that the AD data will not be accepted via replication , so that is your max.


I hope this helps !
0
 

Author Comment

by:gkeane
ID: 21789623
I wasn't aware of that limit, cheers.  What is the process/mechanism that controls this?  Is it the KCC?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 21791224
There is a limit to the length of time a Domain Controller to be offline. I always thought it was 30 days as well, but it looks like, according to http://support.microsoft.com/kb/198793/, that in Windows Server 2003, this limit has been increased to 180 days.

This limit is all related to the garbage collection process in Active Directory.

You might want to review http://technet2.microsoft.com/windowsserver/en/library/ab0ad0e9-2f7a-417c-a312-676c0fc9cd771033.mspx?mfr=true which details a checklist of things to do before you take a DC offline for a long period of time.

-tigermatt
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month15 days, 16 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question