Solved

2008 R2 Domain controller - demote fail

Posted on 2010-09-22
9
5,000 Views
Last Modified: 2012-08-14
Hello,

I have a 2008 R2 DC that has many problems. There is already a second DC in the same forest/domain. I want to reinstall the one with the many problems but I can't demote him.
When I run dcpromo or the dcpromo unattented command line I get the following error:
- Failed to detect if Active Directory Domain Service binaries were installed. The error was: The remote procedure call failed.

I can't also open the server manager, the same problem.

Can I just format and reinstall this server or will I have problems in my domain when I do this?

PS: there is already an active second DC including DNS.
PS2: this was a Exchange 2010 + DC config. Not the best config I realize now, there for I want to reinstall the first DC and only make him Exchange 2010 server and keep the second DC as the active DC.
PS3: none of the DC's are in read only
0
Comment
Question by:NR_EIS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 33733677

The ideal idea is that we try to repair the damaged DC and depromote it in a soft way. But some times it is not possible so in such cases we just remove the data manually, the only drawback of this is that we will need to make some additional steps, but it is not a problem for AD. One thing that we can check before formatting, demotting or removing the damaged DC is confirming how long does it have without replicate. If it has more than the thombstom life it is not worth enough to try to repair it and it should be eliminated

You can check it like this...

Go to the working DC, open a command prompt and write:

repadmin /replsummary




0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 33733740


In case that we decide to remove that server from AD we shall be aware of the actual roles that it has, example: If it is a DNS server and there are clients pointing to this server (do the clients include the second DNS as DNS Server?), if it is a Certificate Authority (Server with ADCS installed), if there are applications pointing to that DC/GC/LDAP (hardware appliances, internal applications in servers), if there are FSMO running on it (RID, PDC, Schema, Infra, DNM).

How is it with the Exchange 2010 that it has installed, isn't it actually working?

0
 
LVL 4

Expert Comment

by:ChandarS
ID: 33733748
On the DC where you are running DCPROMO

Check the DCPROMO log what they are saying  and check also eventvwr

DCPromos.log
DCPromo.log

Location : %SystemRoot%\Debug

So If you decide to format the system

Then you need to manually do the metadata cleanup

http://support.microsoft.com/kb/216498

PS : Check FSMO role holder before doing anything
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33734204
First run dcpromo /forceremoval to remove AD from this server you can just format if you want but you need to run metadata cleanup to remove any lingering objects from AD.

Good graphical view of metadata cleanup steps http://www.petri.co.il/delete_failed_dcs_from_ad.htm.

Go into DNS delete all records for this DC.
0
 

Author Comment

by:NR_EIS
ID: 33737809
@ schnellsolutions: the replication has no problem, and the Exchange 2010 still does it core services but the ecp panel doesn't work anymore along with some other problems
@ ChandarS: I've transferred all the master configurations the my other DC (RID, PDC, Inf)
@ dariusg: the force removal doesn't work also, same problem as opening dcpromo standard. I'm going with the reinstall and the metadata cleanup, thanks for the post from Petri

I'm going to leave this open until everything is done. Thanks for the posts already...
More information is still welcome.
0
 
LVL 4

Expert Comment

by:ChandarS
ID: 33742825
Hvae you checked the DCPromos.log and DCPromo.log
Location : %SystemRoot%\Debug

Or event viwever what is saying.

If you are getting any thing odd then post here...
0
 

Author Comment

by:NR_EIS
ID: 33750151
@ ChandarS: Yes I have checked my logs and after the METADATA clean up there is no error anymore. Also all the records to my previous DC in AD & DNS are gone.

But I still have a big problem. After installing Exchange 2010 again on a different server I got my previous sever also in my databases. With a mention of his database store, the store can't be deleted because there is no connection anymore to the previous one.

I've tried to delete everything (accepted domains, send connectors) and re adding them, but still my incoming doesn't come in. In is received by the exchange but the connector have the following problem: "451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain; nonexistent domain"

I've searched a bit and all the posts I came along mention an availability group with one server down, what in this case isn't the problem.

Any advice?
0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 33785263
Hello NR

You are telling that you installed Exchange 2010 again on a different server. What happened with the Exchange server on the original server? is it online? If that server is permanently offline the best option is to recover it using setup /recoverserver option. But if it is not possible the data in the Configuration partition of AD shall be removed and just in that way you are going to eliminate the apperance of that old server. What is the actual status?

Send us the following information after running these commands in Exchange Management Shell:

Get-ExchangeServers | fl
Get-ReceiveConnectors | fl
Get-SendConnectors | fl

0
 
LVL 4

Accepted Solution

by:
Vishal Patel earned 500 total points
ID: 33980368
You can try following links:

(1) http://www.petri.co.il/fix_unsuccessful_demotion.htm
(2) http://www.petri.co.il/fix_unsuccessful_demotion.htm

Let me see if problem persists.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question