[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Changed Global Catalog & Operations matser from one DC to the other now can't log into anything!!!

Posted on 2008-06-25
4
Medium Priority
?
177 Views
Last Modified: 2010-04-21
This afternoon I switched the global catalog & operations master from 1 DC to another. Now we are unable to log into anything!!!!!! HELP!!
0
Comment
Question by:leeareanetworks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 21870537
First question has to be why? If you have a single domain its best to leave the FSMO roles where they are. Also if you have multiple DCs on a single domain it makes sense for them ALL to be Global Catalog servers.
I suggest you move the Operations Master back and make all DCs Global Catalogs
0
 
LVL 24

Accepted Solution

by:
ryansoto earned 1200 total points
ID: 21870559
OK any DC can be a global catalog.
So if you still have access to your workstation and use that workstation for active directory operations - start up siotes and services and make the other DC a GC as well, no harm done.
Now for the roles....
You may need to boot into safe mode on the server
Use replmon to see which machine is holding the roles
http://support.microsoft.com/kb/297230

Now transfer roles
http://support.microsoft.com/kb/324801

If that doesnt work then you can try moving the roles using ntdsutil
http://support.microsoft.com/kb/255504

Finally if that wont work to transfer you can use that same tool to seize the roles
0
 
LVL 4

Assisted Solution

by:andrewc2189
andrewc2189 earned 800 total points
ID: 21870579
All you should have to do is log back onto either server, possibly with the local administrator account if no accounts are cached/working for login, and change it back the same way you did before. I'm assuming you don't need instructions for how to do it via GUI.

If the question is more involved then that please provide more details i.e. Do you need the operations master and global catalog on this new server or is it possible to move them back to the old one? Is there a reason you had to move these? More info on your network setup too would be helpful.
0
 

Author Closing Comment

by:leeareanetworks
ID: 31471763
With no Global Catalog the ONLY account you can login as on the Domain is the Administrator account.  We had to reboot in Directory Services Repair mode and reset it, then login, then use what you gave us.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Know what services you can and cannot, should and should not combine on your server.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question