Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Issue with AD on Windows 2003

Posted on 2011-09-16
5
Medium Priority
?
167 Views
Last Modified: 2012-12-16
I had moved the all fsmo roles from my original domain controller to new domain controller and had shutdown the original domain controller instead of demoting it. This was done some 2 years back. My new Domain controller is working just fine. Entries of the old domain controller are still in the metadata. Now we are installing a new application which tries to prepare forest and tries to locate the old domain controller to prepare it. Since it cannot find the old DC, the process fails.

My question is:

1. I can delete the Old DC from metadata using NTDSUTIL. However, when our exchange server and sharepoint servers were installed, Old DC was the primary DC at that time. Though after moving the roles to new DC exchange and sharepoint application are running fine. However, if i delete Old DC from metadata using NTDSUTIL, will it affect them in any way?

2. What if i bring up the old DC, which is down for last 2 years, and try to demote it. Is this a good idea?

If there are any other way, please let me know.

thanks
Pramod Barthwal
0
Comment
Question by:REISys
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 36549483
Don't bring the old DC back up because you are past the tombstone lifetime period so it won't be able to replicate and will cause issues there.

The ntdsutil metadata cleanup procedure that you talked about is what you should do in this case.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm


Thanks

Mike
0
 
LVL 17

Expert Comment

by:Premkumar Yogeswaran
ID: 36549764
1. Deleting the meta data wont affect the exiting exchange or sharepoint services...!
Refer the link above posted by mike to remove the meta data..

2. Dont bring the old DC online, since it is passed tomb stone life time period the objects will be considered as lingering objects and it wont replicate among the Domain.

Regards,
Prem
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36555662
As the exchange and sharpoint is working fine running metadata cleanup will not cause any issue to these service.

You can format the old DC and load the OS and repromote the DC but before you promote the old DC remove the instances of old dc from AD database and DNS.
Refer below link for the same:http://support.microsoft.com/kb/216498.

Note:Before you format the old DC make the server online do not connect the server to network.You can uplug the NIC cable and do full backup of the server and then proceed.
0
 
LVL 26

Expert Comment

by:Pber
ID: 38695542
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question