?
Solved

DC down, DC up again.

Posted on 2010-08-14
6
Medium Priority
?
461 Views
Last Modified: 2012-06-27
2 DCs. Master fails. I seized the FSMO roles to the second DC. Worked great. Cleaned up Metadata. I rebuilt DNS from scratch on new Master and DHCP.

After tinkering with the failed DC I got it to boot. I turned off DNS and DHCP on the "bad" server. I want this sever up a few more days so I can pull other service configs and some file shares off before I format and reinstall as a DC again.

It is interfearing with the GC. when I try to add a computer to the domain, it shows up under the ADUC of the bad DC and not the Good one. i tryied to rebuild the connections to allow replication. When I force replication it says "replication completed" but the new WS does not show up in the "Good" dc, only the "bad" one.

I checked the Metadata and the PDC roles on both servers and they both point to the "Good" server.

When i ping the domain.local from the Workstations it returns the IP of the Bad DC. flushdns did not fix it.

I want to put the bad DC into a member server role so that it will stop interfearing with the GC long enough to xcopy some files off of it and then format the raid. Keep in mind DCPROMO does not work, and ntdsutil does not see the bad DC.
0
Comment
Question by:stephenwyles
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 2000 total points
ID: 33436985
If seizing FSMO-roles, the old DC holding FSMOs shall not be online as DC again until it has been demoted and cleaned up.
Use dcpromo/forceremoval on the bad DC and cleanup metadata before getting it back as DC again.
0
 

Author Comment

by:stephenwyles
ID: 33437043
This appears to be working, it got further than the normal "dcpromo" attempt. I will keep you posted.
0
 

Author Comment

by:stephenwyles
ID: 33437170
It appears to have worked... one problem. When it finished, it said it successfully removed AD from the computer... Restart Now or Restart Later?

That's a problem. I do not want to restart this server in the fear of it not coming back up. I feel as though it is on "life support" and if I shut it down it may never start back up. I need windows to restart so that I can continue to get the service config settings off of it.

Anyway to manually restart the individual services in order to clear the AD info from the server without actually restarting it?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 27

Expert Comment

by:Steve
ID: 33439837
in a situation where a bad DC is interfering you're best option is to disconnect it from the network.
In this way, you can have the bad DC running and copy files or access it as required without it affeecting the existing domain. BY design, while the server is connected and thinks it is a DC, it will try to perform DC tasks and cause problems.

0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33440401
After FSMO seizing old DC shouldn't be connected to the network. You have to reinstall OS first and then promote it to the domain controller again. If you do not proceed that way you can have problems with PDC.
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 33440621
The reboot is necessary to finish the removing of the DC role.
With the metadata cleanup on the good DC, it is not longer recognized as DC in the domain, but still beleaved it's a DC until used dcpromo/forceremoval to force it into member server role.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question