Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

FSMO roles didn't stick to renamed domain controller

Posted on 2009-04-20
8
Medium Priority
?
772 Views
Last Modified: 2012-05-06
I recently installed a new domain controller with server 2008 on it and made it the primary DC in my domain.  I now have two domain controllers (PDXDC01, and PDXDC02).  My domain is a child in a forest with two enterprise DC's. (entdc01, and entdc02)  Both of my DC's were running server 2003, and I replaced PDXDC01 with a server running server 2008 x64.  When I did this, I had named the new server "DC01".  At this point I had a total of 3 "domain controllers" online (DC01, PDXDC01, and PDXDC02)  I transfered the FSMO roles from PDXDC01 to DC01 (the new server).  I used this guide for most of the process of this.

http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/03/02/transitioning-your-active-directory-to-windows-server-2008.aspx

After demoting PDXDC01, I just had DC01 and PDXDC02 online as domain controllers.  I then renamed DC01 to PDXDC01.  This is where I started having problems.  Since the PDC, Infrastructure master, and RID Master roles were tied to "DC01".  This is still the same physical server, it's just renamed to PDXDC01.  I tried transfering the roles to the "new" server and that didn't work.  I tried seizing the roles and then transfering, and that didn't work either.  Not sure what else I can try.  When I look at the role status, it says the 3 main FSMO roles are tied to DC01, and they need to be tied to PDXDC01.  Any help is appreciated.
0
Comment
Question by:jimlahey
  • 2
  • 2
  • 2
  • +1
8 Comments
 
LVL 28

Accepted Solution

by:
asavener earned 900 total points
ID: 24189654
Didn't you get a warning when you renamed the domain controller?  I would assume you're having all kinds of replication problems, too.

Grab the FSMO roles onto PDXDC02.  Demote PDXDC01 if you can, and then promote it again.

If you can't, then turn off the machine, delete the machine account from Active Directory, reinstall a fresh OS, name the machine PDXDC01, then promote it to a domain controller.
0
 
LVL 1

Expert Comment

by:maxarg
ID: 24193806
As asavener said, the solution will be seize the roles to PDXCD02 and then demote/promote PDXDC01. Once the domain controller is OK, you can transfer the FSMO roles.

To seize the roles: http://support.microsoft.com/kb/255504

Regards.
0
 
LVL 20

Assisted Solution

by:mkbean
mkbean earned 300 total points
ID: 24195635
How did you remove the DC from your environment?  You may have not removed everything and now you have traces of the old name mixed with the new server that has that name now.
How to remove a failed or offline DC.
http://msmvps.com/blogs/ad/archive/2008/12/17/how-to-remove-a-failed-or-offline-dc.aspx

Brian
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:jimlahey
ID: 24199616
The weird thing is, if I do a netdom query fsmo, it still shows DC01 in there, but if I try to seize or transfer the roles using ntdsutil, it says they're already assigned to PDXDC01....
0
 
LVL 1

Assisted Solution

by:maxarg
maxarg earned 300 total points
ID: 24200042
Hi jimlahey,

Your AD was populated with useless information. Seize the roles to DC02, demote DC01, clean the database with the McBean link and the promote DC01 again.
0
 

Author Comment

by:jimlahey
ID: 24200327
Ok, I got the roles to transfer over to PDXDC02 finally, but now I can't demote PDXDC01 because it says error,  the interface is unknown.  I read something about people getting this error because the netlogon service is not running, but when I try to start that service, I get another error that the service can't start.  Any more ideas?
0
 
LVL 20

Expert Comment

by:mkbean
ID: 24200500
Yes, just shut the server down and remove per my instructions.  Then reinstall from scracth.  DO NOT bring the DC back online without reinstalling after you removed the metadata info.

Brian
0
 
LVL 28

Expert Comment

by:asavener
ID: 24201097
Make sure you wipe the partition when you reinstall; don't reinstall over the top of the existing OS, or you'll be in the same boat.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question