Solved

is it safe to re-promote a failed dc

Posted on 2011-03-03
10
564 Views
Last Modified: 2012-05-11
Had a failed DC that has been forcedremoved...

Is it safe to dcpromo it back into the domain?

It was the FSMO role holder and all those roles have been seized by another dc, now the failed dc is back working and I would like to just re-promote it without installing the OS.

It has been offline for 3 days, and all the metadata has been cleaned up on the new dc.

Thanks in advance
0
Comment
Question by:durango099
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 35031004
It's safe (like it will not kill you ;). Do you plan to reuse the name and IP?
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 200 total points
ID: 35031013
It is always recommended that if you had to seize the FSMO roles that the server should be flattened and rebuilt.

However, from my experience I can say that I have not known this to be a problem, if it doesn't currently have Active Directory on it then you should be able to re-promote it to a DC.

As I said though it is recommended that it be flattened and rebuilt.
0
 
LVL 11

Expert Comment

by:RickSheikh
ID: 35031028
Sure, If you must avoid the reimage.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 74

Expert Comment

by:Glen Knight
ID: 35031033
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 35031087
Like demazter said you won't go wrong with flatten/rebuild but if you have done the metadata cleanup and made sure the cleanup has replicated and there are no remnants left you should be fine to to join it back up and repromote.

You can also see this link about halfway down for steps

http://blogs.technet.com/b/askds/archive/2009/06/05/dc-s-and-vm-s-avoiding-the-do-over.aspx

Thanks

Mike
0
 
LVL 1

Author Comment

by:durango099
ID: 35047298
Thanks for the input-

I am going to backup system state on the current DC, and then attempt to dcpromo the old DC back into the domain using the same name and IP.

Next step would be to transfer the roles back to the failed DC after replaction of AD.

Will run the first attempt tomorrow night (Monday) and report the results.

0
 
LVL 1

Author Comment

by:durango099
ID: 35071331
The DCPROMO seems to have gone well...so far anyway

Is there a good way to tell if the DC's have replicated?

I have added the GC flag to the failed DC, and once I know the replication is working what roles would be good to share/transfer back?

All roles are currently being held by the backup DC now.

Thanks

Mark
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 150 total points
ID: 35072624
"repadmin /replsum" will give you a quick forest wide replication overview. Also look in the event logs and dcdiag for errors.

I'm not sure what you define as a backup DC, but you place the FSMOs where you want them to be. I'll recomend you not to split the up on different DCs.
0
 
LVL 1

Author Comment

by:durango099
ID: 35072782
Thanks snusgubben

The backup DC is defined as the secondary DC before the PDC failed. Now that the PDC is back online and the DC roles added back, I would like to transfer all FSMO roles back to it.

Mark
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35072839
You can transfer them, that is ok, http://www.petri.co.il/transferring_fsmo_roles.htm
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question