Solved

SRV records cleanup after 2008 R2 Active directory upgrade

Posted on 2010-11-11
7
1,267 Views
Last Modified: 2012-05-10
We had a 2003 AD domain (1 domain controller)
We have run adprep-->dcpromo the 2008 R2 DC-->dcpromo the 2003 DC to remove it from the domain.

While running the dcpromo on the 2003 DC to remove it from the domain, the process timed out because netlogon services could not be stopped. Running dcpromo again worked successfully and the 2003 DC is now a member server. The domain is in 2003 Mode and we plan to change it to 2008 R2.

The domain controller was automatically removed from the Domain Controllers OU but we found that there are still remnants behind in DNS (eg ldap & kerberos SRV records)
In addition to that, the 2003 DC sill appears in site & services.
We haven't looked at other locations ...

Any suggestions/links on cleaning it up ?  Is it a matter of removing the DNS entries manually and deleting the entry under sites and services ? anywhere else we should look ?

Thanks
0
Comment
Question by:rov17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 9

Accepted Solution

by:
Trackhappy earned 125 total points
ID: 34117750
Clean up dns entries manually, then run ntdsutil, metada cleanup to remove the rest of the AD information. Most likely the Sites and Services won't be able to be removed until you do the metadata cleanup.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 125 total points
ID: 34118207
You will have to delete it from sites and services, won't happen automatically during metadata cleanup using ntdsutil.   Just go through Daniel's steps to make sure it is gone  http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Thanks

Mike
0
 
LVL 4

Assisted Solution

by:added_flavour
added_flavour earned 250 total points
ID: 34119751
hi,

Make sure you follow following steps and check if anything is left in Active Directory:

http://technet.microsoft.com/en-us/library/cc736378(WS.10).aspx

Remove all the _ldap and _Srv Records and other records if present like host A ,GUID (under _MSDCS folder) from the DNS .

Deleted the Server from Dssite.msc .

Make sure you force repadmin /Kcc * on the new domain controller after that and check Dcdiag and Netdiag to make sure there are no other potential issues .

Please let me know in case you have any concerns or Questions .

Thanks !!!
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 5

Author Comment

by:rov17
ID: 34127283
Hi  Mike and added flavour,

Thanks for the articles!!  Just a question the Domain and Forest function level still 2003, would it be better to raise it to 2008 then do the clean up or leave it as 2003 then raise it after the Meta data clean up?

Cheers
0
 
LVL 4

Assisted Solution

by:added_flavour
added_flavour earned 250 total points
ID: 34130861
Well i would suggest to do the metadata cleanup first if there are any instances of the earlier domain controller still there in Active Directory .. if there are no instances you can raise the Domain and Forest functional level it would not be an issue .

I would suggest you to run Dcdiag before raising the functional level ( just to make sure everything is in place )

Thanks !!

0
 
LVL 4

Expert Comment

by:added_flavour
ID: 34168038
hey rov17,

do let us know if any help is required !!

Cheers !!
0
 
LVL 5

Author Comment

by:rov17
ID: 34169626
When I Depromo the 2003 DC, it has actually removed it self from User and Computer Domain Controller OU, and also from Site and servers it still there but has no NTDS setting under it.
So I was only left with the NTDSUTIL command line which failed to connect to the 2003 old Dc (it is a member server now).

The thing is SRV records in DNS for that old 2003 Dc still there, Do you guys know of any utility that will clean it ?

Thanks
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question