Solved

demote 2003 dc

Posted on 2011-09-08
5
397 Views
Last Modified: 2012-05-12
i get this on the server 2003 that im trying to demote

Event Type:      Warning
Event Source:      NTDS Replication
Event Category:      DS RPC Client
Event ID:      2088
Date:            9/8/2011
Time:            6:01:59 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      CEFM-HMO
Description:
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.
 
Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.
 
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
 
Alternate server name:
 DBSERVER
Failing DNS host name:
 8b3c9615-02bb-4fd5-aef2-be94756dd686._msdcs.CEFM-DOM.local
0
Comment
Question by:ssiremote
  • 3
5 Comments
 

Author Comment

by:ssiremote
ID: 36507388
2008 server has been promoted to dc. all fsmo roles from 2003 server successfully moved to server 2008. now trying to demote the 2003 serve. please help
0
 
LVL 11

Accepted Solution

by:
jimbecher earned 250 total points
ID: 36507418
Did you make the 2008 server a DNS and use its IP address as the DNS for the 2003 box (in the Local Area Connections)? It sounds like both boxes are DNSs and they are both pointing to themselves...
0
 

Author Comment

by:ssiremote
ID: 36507443
@jimbecher:. i have . if interested in advising u could go to my other question to view my ongoing saga. any help is very appreciated.
0
 
LVL 26

Assisted Solution

by:Leon Fester
Leon Fester earned 250 total points
ID: 36508783
I've read you other post on http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_27298003.html

It actually does not sound like your DCpromo worked.
Basic DNS records where not successfully created.

Last few things to try:
On both 2K3 the 2K8 server run:
1. nltest /dclist:<<your domain name>>
It should return a list of all the domain controller in your domain.
Based on the errors you're getting I'm going to guess that you'll only find one DC in one of your results.

2. Is your 2K8 Server called DBSERVER?
because that is what your 2K3 server is trying find from that record.
Only DC's should have those kind of records. If it's not your DC name, or was a failed DCpromo attempt then:

Go into the _msdcs.CEFM-DOM.local zone on the DNS console of your 2K3 server.
Find the record 8b3c9615-02bb-4fd5-aef2-be94756dd686._msdcs.CEFM-DOM.local, make a note of the record details and then delete the record.

Go to the 2K8 server and run nltest /dsregdns and ipconfig /registerdns
Run DCdiag to see if your servers are happy.

If these instructions don't work, then best you rollback to having only a single 2K3 DC running and making sure that it is in a healthy state.

For all intents and purposes, lets treat the 2K8 server as if it has failed.
My first suggestion: Seize all the roles back on your 2K3 Server.
Run the neccessary netdiag and dcdiag tests.
If replication fails, then that is fine, but every else should be OK.
This is just a test to ensure that your 2K3 DC is in a healthy state.

Next, logon to the 2K8 Server and DCpromo that server.
If it complains that it is the last DC then it is definitely not seeing the other domain controller, as such you can safely remove the 2K8 Server.
I'd recommend checking the DNS Server and deleting all records referring to this DC.

After demoting the 2K8 server, run the health checks on your 2K3 Server.
You should now have ZERO errors, if errors persist then fix them first.

If dcdiag is clean, then add the 2K8 server to the domain, as a member server only.
Only after that should you again DCpromo the 2K8 server.
0
 

Author Closing Comment

by:ssiremote
ID: 37522006
Microsoft support fixed the issue
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now