Solved

Server 2003 FSMO roles reported wrong

Posted on 2008-10-01
4
298 Views
Last Modified: 2012-05-05
We have a statewide network, with each office having a 2003 AD server as a backup.  At our hq, we have  the main 2003 AD server.
Recently, we had problems with the original server.  Rolese were transerverd to our ms-vicksburg server from the original AD ms-dc1.  Now, we have a new 2003 server box ms-dc.  We transfered the roles to this box, and everything seems to be replicating through the districts.
Recently, trying to add a user to a computer, AD said on ms-dc that the user was there.  However, when trying to add him, it would not.  Looking at ms-dc1's AD, the user was not there.
I did a netdom query fsmo roles, and everything is pointing to the ms-vicksburg server.  However, do the same on the ms-dc, and everything is pointing to the ms-dc server.
Is there any way to without removing AD from ms-dc1 to force it to look at ms-dc?  I would like to keep dc1 as a backup for the main server.
Thanks.
0
Comment
Question by:Heath Calhoun
  • 2
  • 2
4 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22616269
Use Ntdsutil to sieze the FSMO role
see http://support.microsoft.com/kb/255504
0
 

Author Comment

by:Heath Calhoun
ID: 22624967
All other servers are showing ms-dc as the 5 FSMO's.  Just ms-dc1 is still showing ms-vicksburg as the holder of the FSMO's.  I used the GUI's to transfer from vicksburg to dc.
0
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22625067
Possiblt because ms-dc1 was the original role holder, it has not registered the change from ms-vicksburg to the new role master; try setting the roles back to dc1 and then transferring them to the new primary
0
 

Accepted Solution

by:
Heath Calhoun earned 0 total points
ID: 23265362
Wound up having to do a forceremoval of dc1 server.  Then did a meta cleanup.  Had one issue moved user shares to new server, gave everyone read of the root shares, but no one could modify their files.  Found I had to give  domain users instead read rights.  That fixed that problem.  I did not have domain users on dc1.  Wonder if it was because it was a dc.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now