Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Domain controller recoginition problems.  Cannot demote.

Posted on 2011-10-06
8
Medium Priority
?
350 Views
Last Modified: 2012-05-12
Background:  I had two hard drives in a 3-disk array go bad.  Importing the foreign configuration didn't help so I replaced the two drives, blew away the virtual disk, recreated the disk and attempted restore.  I was having issues with getting the OS to restore from backup and decided I would have to reinstall the OS (windows server 2003 standard) and then restore the data.  In active directory users and computers, domain controllers, on another DC, I deleted the domain controller in question since I was unable to demote.  After doing that, I decided to give the OS restore one more try and it completed successfully.  I will call this DC1, and I have multiple other DC's on my domain.

NOW:  My problem is that DC1 is no longer recognized in my domain as a DC because I deleted it.  I can't demote it because it says no DC can be contacted to perform the demotion.  It appears that DC1 is not communicating with the other DC's.  I am unable to remove it from the domain to a workgroup because it is a DC, and I can't demote the DC.  I did try changing the name and restarting, thinking that my force info into the domain and then I could demote.  No good.  Still can't demote.  No connection between sites in sites and services due to a possible DNS lookup error.  The IP address of DC1 has changed because I brought it from another subnet.

This has now stumped me and I need some help.  Thanks.
0
Comment
Question by:12vltmn
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Expert Comment

by:dave_it
ID: 36926805
If I were in your shoes, I would just wipe that server and rebuild with a new name.  You're also going to need to perform a metadata cleanup on the old DC name on one of your remaining DCs.  The lingering DC object could, and probably will, cause problems down the road if not cleaned up.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 2000 total points
ID: 36926844
If you wish go to my blog at http://kpytko.wordpress.com and look for article "Decommissionong broken Domain Controller" after that do metadata cleanup (it's also on my blog) and then you can repromote that server once again as DC. For that check article "Adding additional Domain Controller"

Regards,
Krzysztof
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36926863
Since you have other DCs, you should do like Dave says rebuild the broken DC. Run a "dcpromo /forceremoval" on it and clean the metadata.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:12vltmn
ID: 36926908
Bummer.  Not what I hoped for.  How do I do a metadata cleanup on the old DC name?  Once that is done, can I then rebuild with the same name?  I have enough people accessing this that it would be helpful if I could still name it DC1.

I should have just reinstalled the OS, but once I realized my OS restore worked I was happy that I would not have to go to all the extra work.  HA!  Silly me.  It rarely works that way.
0
 

Author Comment

by:12vltmn
ID: 36926942
@iSiek:  I just read your post and I am on your blog.  This looks promising!
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36926977
You can reuse the old name, but you should check that there are no traces of it in DNS before promoting.
0
 

Author Closing Comment

by:12vltmn
ID: 36927624
Thank you so much!  DC1 is now demoted and re-joined to the domain as a member server using the original name.  I'll be keeping an eye on your blog for more valuable information.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36929115
You're welcome :) and thanks for visiting my blog

Krzysztof
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question