• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 478
  • Last Modified:

FSMO Roles Issue

Hi,

We recently moved all of the FSMO roles from our 2003 server over to our 2008 server. We had an image created of the 'C' drive that was created before moving the roles over. Last week our server crashed and we were forced to bring it back to life using the image that we had stored on an external drive.

Now that the server has come back to life it has caused serious problems, probably because the FSMO roles were part of that image.

What is the best way to resolve the current problems that we are seeing?

ElliTech
0
ellitech
Asked:
ellitech
  • 3
  • 2
3 Solutions
 
KenMcFCommented:
As you found out you should never image a DC.

On the DC that crashed take it off the network ASAP run "DCPromo /forceremoval"
Then on the 2008 DC run a metadatacleanup of the old server, link below.
Run "netdom /query fsmo" on the 2008 DC to verify that it holds all roles.
Run DCDiag to verify no errors.

http://support.microsoft.com/kb/216498
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I would say forcibly demote EVERY SERVER EXCEPT the current (desired) FSMO master (demote AFTER removing them from the LAN - they shouldn't be able to talk to any other DC or to the FSMO master), then do a metadata cleanup deleting existing DCs from the FSMO master.  You may also have to DELETE accounts - both computer and user - created from the point at which you created the backup that you eventually restored). Then re-promote the old DCs back to be DCs.

Mind you, I've never had to do this, but to me, logically, it should work.  The FSMO masters govern who gets what resources to work with... So by removing ALL DCs, there are no "outstanding" resources, only the ones on the remaining (FSMO Master) DC.  When you promote new DCs, they should get new blocks to work with and things should return to normal... by leew logic at least.  

And if that doesn't work, you'll probably have to rebuild from scratch (this is the reason Microsoft does not support or recommend using imaging as a backup solution, ESPECIALLY on DCs).
0
 
ellitechAuthor Commented:
Just a quick question, if we demote the 2003 server down to a member server would it be OK to leave it like that temporarily? We are looking to virtualize the 2003 server and that is why the FSMO roles were moved to the 2008 server.

ElliTech
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
KenMcFCommented:
I would remove from the network first and then do the metadatacleanup. Make sure the 2008 server is error free and everything is working. Then plug the 2003 server back into the network and add back into the domain.
0
 
KenMcFCommented:
Missed a part should have been

I would remove from the network first and then do the "DCPromo /forceremoval" and the metadatacleanup cleanup on the 2008 server
0
 
ellitechAuthor Commented:
Thanks for your help

ElliTech
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now