Solved

Changed Global Catalog & Operations matser from one DC to the other now can't log into anything!!!

Posted on 2008-06-25
4
174 Views
Last Modified: 2010-04-21
This afternoon I switched the global catalog & operations master from 1 DC to another. Now we are unable to log into anything!!!!!! HELP!!
0
Comment
Question by:leeareanetworks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 21870537
First question has to be why? If you have a single domain its best to leave the FSMO roles where they are. Also if you have multiple DCs on a single domain it makes sense for them ALL to be Global Catalog servers.
I suggest you move the Operations Master back and make all DCs Global Catalogs
0
 
LVL 24

Accepted Solution

by:
ryansoto earned 300 total points
ID: 21870559
OK any DC can be a global catalog.
So if you still have access to your workstation and use that workstation for active directory operations - start up siotes and services and make the other DC a GC as well, no harm done.
Now for the roles....
You may need to boot into safe mode on the server
Use replmon to see which machine is holding the roles
http://support.microsoft.com/kb/297230

Now transfer roles
http://support.microsoft.com/kb/324801

If that doesnt work then you can try moving the roles using ntdsutil
http://support.microsoft.com/kb/255504

Finally if that wont work to transfer you can use that same tool to seize the roles
0
 
LVL 4

Assisted Solution

by:andrewc2189
andrewc2189 earned 200 total points
ID: 21870579
All you should have to do is log back onto either server, possibly with the local administrator account if no accounts are cached/working for login, and change it back the same way you did before. I'm assuming you don't need instructions for how to do it via GUI.

If the question is more involved then that please provide more details i.e. Do you need the operations master and global catalog on this new server or is it possible to move them back to the old one? Is there a reason you had to move these? More info on your network setup too would be helpful.
0
 

Author Closing Comment

by:leeareanetworks
ID: 31471763
With no Global Catalog the ONLY account you can login as on the Domain is the Administrator account.  We had to reboot in Directory Services Repair mode and reset it, then login, then use what you gave us.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Alert on Server memory 2 45
Windows Server 2012 R2 -- event log "NIGHTLY" summary ? 1 38
How to install a font on WIN2003SBS/IIS 6 & test 17 54
Drive mapping problem 7 48
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question