?
Solved

Amateur Mistake

Posted on 2009-07-11
12
Medium Priority
?
208 Views
Last Modified: 2012-05-07
So I promoted a windows 2003 server to a DC after demoting another in the same site, the old server contained DNS, DHCP, etc.  I forgot to point the new server's DNS to the primary controller, and then promoted it.  Now when I try to log in I get the following error:

The system could not log you on due to the following error:
The specified domain either does not exist or could not be contacted.


On the primary server, the DNS records still point to the old server.  Is there a way to demote the new server via the command line?  I can access the system using PSExec and running cmd.exe on it.

Thans in advance for you help!

Steve
0
Comment
Question by:jwwilliamsinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 15

Expert Comment

by:tntmax
ID: 24831891
The only way to demote is dcpromo. Were you able to join it to the same domain, or did you end up creating a new domain? Is it safe to assume that your DNS was AD integrated? Do you have any other DCs in this domain? What is holding the FSMO roles? What DNS records are still pointing to the other server? Are both servers named differently?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24831905
You should also be able to access the system via DSRM mode
http://technet.microsoft.com/en-us/library/cc776568(WS.10).aspx
You specified that password during promotion.  You can change the DNS settings that way.
Thanks
Mike
0
 

Author Comment

by:jwwilliamsinc
ID: 24831917
Tntmax: There is 1 other DC in another site, and it is contactable.  DNS is AD integrated. The other DC is holding all FSMO roles.  After looking a little deeper in DNS, it is not actually pointing to either the demoted server or the newly promoted server in anything.  and the demoted and newly promoted servers are named differently.

mkline71:  I'll check that out, and report back.


Thanks for the quick response.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:jwwilliamsinc
ID: 24831945
I guess I should mention that I do not have physical access to this server, it's in another state.
0
 
LVL 15

Assisted Solution

by:tntmax
tntmax earned 600 total points
ID: 24831985
What if you change DNS to point to the other DC? Did you enable zone tranfsers in DNS? What errors are you getting in the event logs?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24832401
So at another state I'm guessing you can't dispatch a tech at that location.
With psexec and netsh you should be able to add a DNS address
http://www.petri.co.il/configure_tcp_ip_from_cmd.htm
That shows you how to configure a static IP for DNS using netsh use that in combination with psexec.
Thanks
Mike
0
 
LVL 4

Assisted Solution

by:GMorineau
GMorineau earned 400 total points
ID: 24832878
I think the most simple way is just "kill" this server and after that cleanup your AD.

Sorry, but you can take a lot of work hours to try to fix this error or past just 3 hours rebuliding this server.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 1000 total points
ID: 24832925
I'm  guessing you don't have DRAC or iLO on the box
0
 

Author Comment

by:jwwilliamsinc
ID: 24835922
sorry for the delay getting back to you, I was having internet issues at the house.  I do have a drac on the server, so I could theoretically use that to get into ds restore mode.  
0
 

Author Comment

by:jwwilliamsinc
ID: 24835934
mkline71 I have already used psexec and netsh to assign the proper dns server, however it still won't let me log in.  When I promoted the server it was pointed at the old server so the primary DC didn't get the DNS updates that come with a dcpromo and therefore does not recognize the new dc as a real dc?
0
 

Author Comment

by:jwwilliamsinc
ID: 24835946
I was having difficulties with the drac card, but now for some reason it's working.  I was able to log in using that console.  Strange how mstsc /admin doesn't really connect to the console...I'll keep everyone updated.
0
 

Author Comment

by:jwwilliamsinc
ID: 24835966
after finally getting into the server, I had to do a dcpromo /forceremoval because the primary DC was not aware that the server is a DC...I'll do a re-promote later.

Thanks everyone for the input, I'll split the points among all of you.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question