Failure of 2003 dc and 2008 sbs

Deleted my original question yesterday cuz i thought i had this figured out.  Seems AD found it's way back onto the sbs 2008 server after a reboot, 4th or so since running a non-authoritative system state restore due to the deletion of some OU's inadvertently.  Original setup was 2k3 dc w/exchange (not sbs), we moved to sbs 2008 around the beginning of the year.  a 6-8 weeks ago our 2k3 dc died and we intended to fix it and put it back into commission but never had the time.  after doing the sys state restore yesterday I'm getting a whole lot of weirdness including what appeared to be a working server to a couple hours later when AD could no longer be opened again and no domain is being found, etc.  Here's what i get when i open AD U&C The following domain controller could not be contacted dcname,  The specified domain either does not exist or could not be contacted., Sites and services gives an error saying either DNS or replication is configured incorrectly.   This is going on right now while I tried to open users and computers the first time it actually opened, tried a second time got the error above, side by side, one window showing all the OU's under users and computer and the other saying it can't find a thing???????
The sbs server has all three roles, both were gc's although it now says none are...

Since yesterday I was able to find a server with matching hardware to the dead 2k3 dc.  Here's my three ideas, which one of these should i do or if none, great too but please gimme a fourth idea...
First, thinking about manually removing the old DC using metadata cleanup and seeing if that clears this up.  Doing this will negate the next one but this would most likely be my preferred method for obvious reasons.
Second is to swap drives on the server i borrowed to bring up the old 2k3 box and start replication then demote it.  This is a production server for another company so i need to be very careful about the raid 5 VD(s) because once the original drives are put back into that box they need to boot right up for the company that needs this server back on Monday.  By the way these are HP Proliant ML350 in case anyone cares.  I also have both RAID cards so if this method get;s the nod I think I'll swap those before continuing.
Last is to do another restore of the sys state, this time authoritative or to even do this first then do my first choice as well afterwards.
I've not been able to locate anything online where anyone else has witnessed this exact behavior where it seems fine then deteriorates back to dead.  I've done all these things in the past several times and over the last few months have done more than ever with server recovery due to a higher than normal volume of failures so I'm comfortable with all the procedures UNLESS there are caveats to SBS 2008 or little known/published extra procedures to ensure success.  Willing to suck up any info anyone is willing to dish out.
Thanks much for the help.  This place is a saw mill in a small town rural area and this issue has over 100 people out of work at the moment.  They get back on Tuesday and I'm going onsite tonight to try some stuff out. If i don't get any response before tonight please still answer because there's a good chance I'll chicken out tonight without solid advice from someone that's been in a similar pickle.
Thanks much...
Who is Participating?
SandeshdubeySenior Server EngineerCommented:
As you have mentioned that you have move from win2k3 to sbs2008.I would recommed not to do restore  old wink3 as it may lead to replication issue between the DC as well as it can lead linkgering object issue.You don't need to get any more complex than necessary.

Instead you can ran medatacleanup to remove the old instances of win2k3 DC and do forceful remove if the DC role is present on old server or you can format the old server and then add this server as ADC.

Metadata cleanup:

Note:All the fsmo role should be presnt on win2k8 sbs,you should not transfer the role to win2k3 DC as if sbs DC is in the environment you need to keep FSMO roles on sbs server only.
Also if your win2k3 is sbs then don't promote the server as DC as only one sbs is server is supported in the AD environment.
seannhcsAuthor Commented:
Too funny...  You are 100000% correct because that's exactly what i did and that's exactly what it's doing... More little issues than I can ever follow, troubleshoot or keep track of but mostly replication related, some pointing to DNS, FRS, etc.  I can replicate from dc2 (sbs) to itself but not from dc1 (old server) to dc2.
So, should i just demote the old guy now that it's already in the loop or just shut it down and do the metadata removal?  I was planning on demoting but didnt realize someone had offered up advice, i didnt get an email about it so i was about to update the ? and ask what I did wrong to get no response...

One thing to note here is that the sbs server AD is now stable and operating well.  However the sysvol is not shared anymore and I'm getting a few troublesome errors that once again have me gunshy about what to do and now to do it next...

The File Replication Service is having trouble enabling replication from DC-SRV1 to DC-SRV2 for c:\windows\sysvol\domain using the DNS name dc-srv1.DurginCrowell.local. FRS will keep retrying.
The User accounts cannot be added into GroupPolicy 'AllSBSUsers'. Please Verify the GroupPolicy 'AllSBSUsers' exists.
File Replication Service is scanning the data in the system volume. Computer DC-SRV2 cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL.
 This sbs server can't possibly think it's not a DC right?  Will removing the old dc by either method then in turn allow the SBS to forget its rep issues and open up the sysvol and become happy again?
seannhcsAuthor Commented:
On a whim and out of desperation I decided to see what would happen if i shut down the old 2k3 standard DC.  Just did that and I'm right back to where i was yesterday, unable to open and AD stuff, group policy errors, Exchange errors, like i never plugged the old one in.  This sbs 08 box doesnt think it's a DC...
seannhcsAuthor Commented:
If I'm doing something wrong with the questions and it's upsetting people, please let me know...
This is closed, an second non-auth restore along with the sysbol auth swicth did the trick.  Thank you two for trying...
It just sounds like you have already made such a mess with AD that there just isn't anything anyone can do about it any longer.  That is probably why there haven't been any  more responses because there is just nothing left to say, is just trashed.

Personally I think you only hope at this point is to call in a consultant who specializes in AD to see if they can straighten it out,...but it is very likely you will have to just dump the whole thing and start from scratch,...start from nothing.

If you have an original Full System State backup (before 2008 was involved) of the original 2003 and have the identical hardware to restore it on,...maybe you can rebuilt that one and get a new starting point,...then start completely from scratch with the 2008,...have the 2008 wiped out when doing that,..don't have 2008 alive and running at the same time.  The point is to get back where you were before 2008 was involved.

But that is as far as I can go with it.  I cannot suggest anything else.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.