?
Solved

Domain Naming Master Offline after DCPRO Windows 2008 Server

Posted on 2011-03-20
6
Medium Priority
?
1,685 Views
Last Modified: 2012-05-11
Hello

I just upgrade my domain to a Windows 2008 DC.  Right after that I noticed that the Domain Naming Master went offline before  I could move it from the Window 2003 DC to the Windows 2008 DC.

when I run netdom query fsmo this is what I get.

Domain naming master        *** Warning: role owner is a deleted DC: CN=NTDS Set
tings\0ADEL:948d2692-3640-4118-8ed6-98036aa067db,CN=SERVER1\0ADEL:f5713379-6794-
46a8-bbe6-2ef678110ba2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configu
ration,DC=ccichicago,DC=cci-exchange,DC=com
0
Comment
Question by:jacobb_2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 35177983
If that DC is no longer accessible then use another DC to seize that FSMO role.

http://support.microsoft.com/kb/255504

Skip down to the Seize FSMO roles section and do that for the domain naming master role.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35178924
Before you do that, it's important to check why this is happening, if you seize the role from another server that already has it then the one you seize it from will need to be completely rebuilt.

From both domain controllers run the following command:

NETDOM QUERY FSMO

Post the results, also post the results of DCDIAG and IPCONFIG /ALL from both DC's please.
0
 
LVL 24

Expert Comment

by:Awinish
ID: 35178997
There is two way to move FSMO role to another server first is transfer the FSMO role to another server, transfer normally happens when server is going for maintenance like disk crash, driver update, patches updates etc, so you don't want your FSMO role donw you temporary transfer the FSMO roles.

Another way is to seize the FSMO role on another server, its same like king is dead & assigning his heir to hold the throne further by making him the King, seizing works in same way, if the server holding FSMO role is dead & it can't be revert back, you have to seize the FSMO role on another DC, once you seize the dc you can't bring the crash server back to network even it can be as you have seize the role, the new dc will be treated as authoritative server, so never put back the DC from which you seize the FSMO role.  If you want to reuse the server & DC name or server, perform the metadata cleanup for AD, removed all the left out records from AD DNS manually, allow time for replication to another DC's & once you verify changes are replicated & there is no more traces using repadmin tool, you can format the new server, install the fresh OS & configure as DC & transfer the roles if you wish.

So Seizing happens in disaster recover scenario where you can't transfer the FSMO role , in your case it looks same to me you can seize the FSMO role on healthy dc but make sure w/o performing metadata steps don't connect the dc even if it can be connected.

So, if you think you don't wanna bring old dc back seize the FSMO role & also check there is no replication error in your current domain.

http://www.petri.co.il/seizing_fsmo_roles.htm
http://technet.microsoft.com/en-us/library/cc816907%28WS.10%29.aspx

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 74

Expert Comment

by:Glen Knight
ID: 35179022
Why is everyone insisting on seizing the roles?? We don't even know what the problem is yet!!!
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35183149
So you weren't interested in actually finding out what the problem was? What about the server that currently has that role on it? You will now have to rebuild that server if it's live.
0
 

Author Comment

by:jacobb_2000
ID: 35183343
I talked with Microsoft and we were unable to get the old DC working.
we will be demoting the old Server.

thx

Jake
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month12 days, 22 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question