Solved

Server 2003 FSMO roles reported wrong

Posted on 2008-10-01
4
299 Views
Last Modified: 2012-05-05
We have a statewide network, with each office having a 2003 AD server as a backup.  At our hq, we have  the main 2003 AD server.
Recently, we had problems with the original server.  Rolese were transerverd to our ms-vicksburg server from the original AD ms-dc1.  Now, we have a new 2003 server box ms-dc.  We transfered the roles to this box, and everything seems to be replicating through the districts.
Recently, trying to add a user to a computer, AD said on ms-dc that the user was there.  However, when trying to add him, it would not.  Looking at ms-dc1's AD, the user was not there.
I did a netdom query fsmo roles, and everything is pointing to the ms-vicksburg server.  However, do the same on the ms-dc, and everything is pointing to the ms-dc server.
Is there any way to without removing AD from ms-dc1 to force it to look at ms-dc?  I would like to keep dc1 as a backup for the main server.
Thanks.
0
Comment
Question by:Heath Calhoun
  • 2
  • 2
4 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22616269
Use Ntdsutil to sieze the FSMO role
see http://support.microsoft.com/kb/255504
0
 

Author Comment

by:Heath Calhoun
ID: 22624967
All other servers are showing ms-dc as the 5 FSMO's.  Just ms-dc1 is still showing ms-vicksburg as the holder of the FSMO's.  I used the GUI's to transfer from vicksburg to dc.
0
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22625067
Possiblt because ms-dc1 was the original role holder, it has not registered the change from ms-vicksburg to the new role master; try setting the roles back to dc1 and then transferring them to the new primary
0
 

Accepted Solution

by:
Heath Calhoun earned 0 total points
ID: 23265362
Wound up having to do a forceremoval of dc1 server.  Then did a meta cleanup.  Had one issue moved user shares to new server, gave everyone read of the root shares, but no one could modify their files.  Found I had to give  domain users instead read rights.  That fixed that problem.  I did not have domain users on dc1.  Wonder if it was because it was a dc.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now