asked on
Tombstoned Domain Controller
Hi Experts,
We have two domain controllers in two different states.
Sydney has the Primary Domain Controller which is running all the DC roles (2003)
Melbourne has the secondary Domain Controller (2008) which has been disconnected from the VPN for over a year (due to another IT firm)
We wish to demote the Melbourne DC the best way possible.
During this Tombstone period - the IP configuration has changed from 192.168.0.x/192.168.1.x to 172.20.x.x/172.30.x.x in both states.
We now have the VPN back up and running (and have a PPTP VPN connection worst case)
What would be the best way to demote the secondary DC in Melbourne?
I was hoping not to use the force command if possible... but open to suggestions.
Thanks!
We have two domain controllers in two different states.
Sydney has the Primary Domain Controller which is running all the DC roles (2003)
Melbourne has the secondary Domain Controller (2008) which has been disconnected from the VPN for over a year (due to another IT firm)
We wish to demote the Melbourne DC the best way possible.
During this Tombstone period - the IP configuration has changed from 192.168.0.x/192.168.1.x to 172.20.x.x/172.30.x.x in both states.
We now have the VPN back up and running (and have a PPTP VPN connection worst case)
What would be the best way to demote the secondary DC in Melbourne?
I was hoping not to use the force command if possible... but open to suggestions.
Thanks!
Active DirectoryWindows Server 2003Windows Server 2008
Last Comment
Darius Ghassem
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Yeah I know - it wasn't our choice - client wanted to try a different service that we didn't provide and it failed - so now we are left with a Tombstoned DC
VPN is currently offline - but configured - Melbourne has its own file server - we planned to keep the VPN offline until we decommission the DC in Melbourne in case of any other problems. Yes - the users in Melbourne were still using this Tombstoned DC... as you could imagne it's been causing all types of headaches for the client. Unfortunately the other mob made a real mess of things..
So not sure if they are communicating yet - Looks like the forceremoval is the way to go..
VPN is currently offline - but configured - Melbourne has its own file server - we planned to keep the VPN offline until we decommission the DC in Melbourne in case of any other problems. Yes - the users in Melbourne were still using this Tombstoned DC... as you could imagne it's been causing all types of headaches for the client. Unfortunately the other mob made a real mess of things..
So not sure if they are communicating yet - Looks like the forceremoval is the way to go..
How did you make out?
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
Are there users / workstations in Melbourne?
Were users / workstations in Melbourne using the Melbourne DC while the VPN was down?
You're saying that the VPN is back up, does that also mean that the Melbourne DC and the Sydney DC are able to talk to each other again? If so, how did that go? If not, is it simply because of the IP changes?
If there are users / workstations in Melbourne and the VPN is back up, how is thier access working since the reintegration?
Bottom line... if you already have the two DC's connected you can try dcpromo, it will either work or it will fail and tell you why. If you can fix the why, you can try dcpromo again. If you can't fix they why and all of your clients are working ok, bring out the ax and start chopping.
If you do have to chop, I would recommend shutting down Melbourne DC for at least a week or month after you've made that call just to make sure something important isn't still living there that will be missed.