?
Solved

demote 2003 dc

Posted on 2011-09-08
5
Medium Priority
?
406 Views
Last Modified: 2012-05-12
i get this on the server 2003 that im trying to demote

Event Type:      Warning
Event Source:      NTDS Replication
Event Category:      DS RPC Client
Event ID:      2088
Date:            9/8/2011
Time:            6:01:59 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      CEFM-HMO
Description:
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.
 
Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.
 
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
 
Alternate server name:
 DBSERVER
Failing DNS host name:
 8b3c9615-02bb-4fd5-aef2-be94756dd686._msdcs.CEFM-DOM.local
0
Comment
Question by:ssiremote
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 

Author Comment

by:ssiremote
ID: 36507388
2008 server has been promoted to dc. all fsmo roles from 2003 server successfully moved to server 2008. now trying to demote the 2003 serve. please help
0
 
LVL 11

Accepted Solution

by:
jimbecher earned 750 total points
ID: 36507418
Did you make the 2008 server a DNS and use its IP address as the DNS for the 2003 box (in the Local Area Connections)? It sounds like both boxes are DNSs and they are both pointing to themselves...
0
 

Author Comment

by:ssiremote
ID: 36507443
@jimbecher:. i have . if interested in advising u could go to my other question to view my ongoing saga. any help is very appreciated.
0
 
LVL 26

Assisted Solution

by:Leon Fester
Leon Fester earned 750 total points
ID: 36508783
I've read you other post on http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_27298003.html

It actually does not sound like your DCpromo worked.
Basic DNS records where not successfully created.

Last few things to try:
On both 2K3 the 2K8 server run:
1. nltest /dclist:<<your domain name>>
It should return a list of all the domain controller in your domain.
Based on the errors you're getting I'm going to guess that you'll only find one DC in one of your results.

2. Is your 2K8 Server called DBSERVER?
because that is what your 2K3 server is trying find from that record.
Only DC's should have those kind of records. If it's not your DC name, or was a failed DCpromo attempt then:

Go into the _msdcs.CEFM-DOM.local zone on the DNS console of your 2K3 server.
Find the record 8b3c9615-02bb-4fd5-aef2-be94756dd686._msdcs.CEFM-DOM.local, make a note of the record details and then delete the record.

Go to the 2K8 server and run nltest /dsregdns and ipconfig /registerdns
Run DCdiag to see if your servers are happy.

If these instructions don't work, then best you rollback to having only a single 2K3 DC running and making sure that it is in a healthy state.

For all intents and purposes, lets treat the 2K8 server as if it has failed.
My first suggestion: Seize all the roles back on your 2K3 Server.
Run the neccessary netdiag and dcdiag tests.
If replication fails, then that is fine, but every else should be OK.
This is just a test to ensure that your 2K3 DC is in a healthy state.

Next, logon to the 2K8 Server and DCpromo that server.
If it complains that it is the last DC then it is definitely not seeing the other domain controller, as such you can safely remove the 2K8 Server.
I'd recommend checking the DNS Server and deleting all records referring to this DC.

After demoting the 2K8 server, run the health checks on your 2K3 Server.
You should now have ZERO errors, if errors persist then fix them first.

If dcdiag is clean, then add the 2K8 server to the domain, as a member server only.
Only after that should you again DCpromo the 2K8 server.
0
 

Author Closing Comment

by:ssiremote
ID: 37522006
Microsoft support fixed the issue
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question