• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 442
  • Last Modified:

W2K3 DC (DNS, WINS, GC, no FSMO) offline less than 30 days, plus its remote site is down.

I recently began working at an organization which had a W2K3 SP2 DC at a remote site which was running DNS, WINS, and is a global catalog server.   The site was taken completely offline - unbeknownst to me by another party - afterwards I found out about the configuration of this DC.   My question is this, I have two options, one,  I can try to decommission this DC by manually removing it from AD, or two, I can change its IP address and move it to a new remote site - both physically and within AD.   Since the DC has been disconnected for less than 30 days, I believe the second option is available even though it wasn't prepped for the move, however I'm not sure how what the ramifications would be to do this and whether its as simple as changing the IP and rebooting it - after I move it to the new site with "Active Directory Sites and Services".  

Any recommendations regarding which option would be the simplest to pursue - plus with the less amount of risk of problems - and the steps to accomplish would be appreciated.
  • 2
2 Solutions
It is as simple as changing the IP and moving it to the correct site. Worst case you have to recreate the NTDS connections (also in sites&services), but if it's setup to do those automatically (default) you don't even have to do that. If you are confident that there is nothing wrong with the DC then there is no real risk in doing this.

On the other hand you don't seem to know much about this server. Reinstalling a domain controller is really not that big of deal, especially if you have no special configuration in DNS and WINS. This way you could make sure you have a clean OS install and that the server is up to your quality and security standards etc. In this case you would remove the objects from AD (also run ntdsutil / cleanup metadata) and just reinstall the server.

60 days is the number to worry about with a DC, you may want to check it was not doing DHCP and mut rememebr to sort out the new DHCP scope for the new site.
bilman52Author Commented:
Thanks for the response, however, I have a few questions.   With your approach, would I need to do any clean up within DNS after changing the IP address?   Plus, with the first option, if I waited until day 31 - since the DC was taken offline (counting the day it was powered off & moved as day 1), if the computer account password has already expired, would that create any problems?   Or, would simply reseting the password on the computer account and rejoining the domain be okay?   Do I really need to worry about going past day 30?  

On the second option - where I manually remove the DC, what would all of the steps be?   I have read about doing a dcpromo /forcedremoval on the DC, but what would I need to do within AD itself to remove all of the references so the other DCs don't try to replicate to it?    You made reference to NTDSUTIL /cleanup metadata.    I expect there would be other steps given it was a DNS & WINS server.


bilman52Author Commented:
After checking other sources, the answer provided was correct, but lacking somewhat in defining all of the steps and details as such.  I decided to take a different course of action based on professional sources.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now