?
Solved

Transferring FSMO Role - DC 2003

Posted on 2011-04-22
9
Medium Priority
?
335 Views
Last Modified: 2012-05-11
Hello, quick question..before I tackle on this issue. I have a domain controller OS 2003 that is completely hosed that needs to be rebuilt. It currently holds a PDC Emulator role which means I have to transfer to a healthy DC first. Question should I have the right steps?

-> trasnfer PDC role to a healthy non FMSO role DC owner
-> demote broken DC
-> rebuild with the same name?
-> promote it back to the domain?

Is it correct?

Please let me know.
0
Comment
Question by:mmoya
  • 5
  • 4
9 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35447464
When you say it is completely hosed, what does that mean?  Is it right now dead and not functional at all?  That will determine the next steps.

Thanks

Mike
0
 

Author Comment

by:mmoya
ID: 35447475
It is still functioning as fas as replication goes but server needs to be rebuilt before it totally goes down.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35447512
ok then in that case yes your steps look fine, if it holds any other FSMO roles transfer those too.  Make sure you have other GCs (not sure if this bad box is a GC or not).

If you want to use the same name remove the old computer from AD also (can't have two boxes with the same name)

Now if things are really hosed and you can't gracefully demote then there are more steps (forcing removal, seizing roles, etc).   I won't get into those yet as you hopefully won't need it :)

Thanks

Mike

0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 

Author Comment

by:mmoya
ID: 35447521
Ok, perfect. Thank you. Yes, this is a global catalog.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35447559
One other thing lets say you have clients and apps pointing to this box for DNS (for example)  if you are going to rebuild it over a night or weekend then nothing needs to be done.

If the box will be down for a few days or more then point them (Static and DHCP clients) to the another box.

Thanks

Mike
0
 

Author Comment

by:mmoya
ID: 35447579
I'm thinking of doing it over the weekend, just to be on the safe side, but really appreciate your warning.
0
 

Author Comment

by:mmoya
ID: 35447594
Last question - when I rebuild it, while its off the network, would it better to do a fresh build or just choose the repair option?
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 35447906
I'd go with a fresh build, if there is some underlying hardware issue then obviously fix that too.

Thanks

Mike
0
 

Author Comment

by:mmoya
ID: 35447915
Is there an easier way to find out if there any apps authenticating directly to this faulty dc?
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question