nlhess2003
asked on
Unable to re-add a domain contorller after running dcpromo /forceremoval
I ma sitting at a client location that has two domain controlers. 1 Windows 2000 and 1 Windows 2003. The Windows 2003 controller had been unable to communicate long enough that it had past the tombstone period so I went ahead and removed the active directory however it was unsuccessful without using DCPromo /forceremoval. I forcably removed it and and went through on the Windows 2000 mahcine and cleaned up the metabase, dns, and ad.
Now I am trying to re-add the domain and it is continually failing giving me this error "The service did not respond to the start or control request in a timely matter" I get this error if I try to create the machine as a domain controller or as a computer on the domain. Any ideas?
Now I am trying to re-add the domain and it is continually failing giving me this error "The service did not respond to the start or control request in a timely matter" I get this error if I try to create the machine as a domain controller or as a computer on the domain. Any ideas?
ASKER
metadata looks clean as does AD and DNS.
No errors are reported in the logs on either machine.
No errors are reported in the logs on either machine.
try this:
http://support.microsoft.com/kb/886695
Make sure that FSMO roles are on the DC. There may be issues because the the AD was upgraded to 2003 and you're now working from a 2000 DC. You may want to run adrep again
http://support.microsoft.com/kb/886695
Make sure that FSMO roles are on the DC. There may be issues because the the AD was upgraded to 2003 and you're now working from a 2000 DC. You may want to run adrep again
ASKER
All of the roles are on the Windows 2000 server. The Win 2000 server has been the primary domain controller all along. The Win 2003 server was just a backup DC that happened to not to synchromized for over a year locking it out. That is why I demoted it forcably. I will try the microsoft support article tomorrow.
Check the DNS settings on the joining computer and ensure that it's only pointing on a working DNS server authorative/aware of the AD DNS domain. As it has been a DC, it's propably pointing on itself for DNS resolution, but doesn't have the DNS service running/working correctly since the demote.
When promote is complete, configure both DCs to use the other DC/DNS as secondary DNS server to avoid problems.
Stop talking about primary/backup DC in AD environment. That is old NT4-stuff and doesn't exist in AD.
When promote is complete, configure both DCs to use the other DC/DNS as secondary DNS server to avoid problems.
Stop talking about primary/backup DC in AD environment. That is old NT4-stuff and doesn't exist in AD.
ASKER
The DNS Is configured correctly it is pointing to the DNS on the existing domain controller.
Have you rebooted the win2k server after the cleanup ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
2) Double check AD and DNS
3) what shows up in the event logs of both servers ?
I hope this helps !