Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

is it safe to re-promote a failed dc

Posted on 2011-03-03
10
Medium Priority
?
573 Views
Last Modified: 2012-05-11
Had a failed DC that has been forcedremoved...

Is it safe to dcpromo it back into the domain?

It was the FSMO role holder and all those roles have been seized by another dc, now the failed dc is back working and I would like to just re-promote it without installing the OS.

It has been offline for 3 days, and all the metadata has been cleaned up on the new dc.

Thanks in advance
0
Comment
Question by:durango099
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 35031004
It's safe (like it will not kill you ;). Do you plan to reuse the name and IP?
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 800 total points
ID: 35031013
It is always recommended that if you had to seize the FSMO roles that the server should be flattened and rebuilt.

However, from my experience I can say that I have not known this to be a problem, if it doesn't currently have Active Directory on it then you should be able to re-promote it to a DC.

As I said though it is recommended that it be flattened and rebuilt.
0
 
LVL 11

Expert Comment

by:RickSheikh
ID: 35031028
Sure, If you must avoid the reimage.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 74

Expert Comment

by:Glen Knight
ID: 35031033
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 600 total points
ID: 35031087
Like demazter said you won't go wrong with flatten/rebuild but if you have done the metadata cleanup and made sure the cleanup has replicated and there are no remnants left you should be fine to to join it back up and repromote.

You can also see this link about halfway down for steps

http://blogs.technet.com/b/askds/archive/2009/06/05/dc-s-and-vm-s-avoiding-the-do-over.aspx

Thanks

Mike
0
 
LVL 1

Author Comment

by:durango099
ID: 35047298
Thanks for the input-

I am going to backup system state on the current DC, and then attempt to dcpromo the old DC back into the domain using the same name and IP.

Next step would be to transfer the roles back to the failed DC after replaction of AD.

Will run the first attempt tomorrow night (Monday) and report the results.

0
 
LVL 1

Author Comment

by:durango099
ID: 35071331
The DCPROMO seems to have gone well...so far anyway

Is there a good way to tell if the DC's have replicated?

I have added the GC flag to the failed DC, and once I know the replication is working what roles would be good to share/transfer back?

All roles are currently being held by the backup DC now.

Thanks

Mark
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 600 total points
ID: 35072624
"repadmin /replsum" will give you a quick forest wide replication overview. Also look in the event logs and dcdiag for errors.

I'm not sure what you define as a backup DC, but you place the FSMOs where you want them to be. I'll recomend you not to split the up on different DCs.
0
 
LVL 1

Author Comment

by:durango099
ID: 35072782
Thanks snusgubben

The backup DC is defined as the secondary DC before the PDC failed. Now that the PDC is back online and the DC roles added back, I would like to transfer all FSMO roles back to it.

Mark
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35072839
You can transfer them, that is ok, http://www.petri.co.il/transferring_fsmo_roles.htm
0

Featured Post

10 Questions to Ask when Buying Backup Software

Choosing the right backup solution for your organization can be a daunting task. To make the selection process easier, ask solution providers these 10 key questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question