Got a bit of a crisis on my hands here.
I have a legacy Dell server running Server 2003 (Domain Controller) / Exchange 2003 - It used to be a branch office server and was integrated into our main office when it shut.
Came in this morning - Server dead. RAID 1 had dropped off line and server crashed. Via Dell Support, got it back up and running.
RAID 1 was disks 0 and 1 on the server.
We removed Disk 1, booted Disk 0 and the server came up - with windows warning us that the C:\Windows\Debug folder was corrupt. On the suspicion that other folders may be corrupt, we powered down, removed disk 0 and powered up disk 1. No errors. Great. So we'll base the rebuild on this one.
However - users calling me to say they cannot access file shares or exchange. On close investigation AD has basically told me it has blocked incoming and outgoing access due to the USN number being lower than previously had (error 2095:)
During an Active Directory replication request, the local domain controller (DC) identified a remote DC which has received replication data from the local DC using already-acknowledged USN tracking numbers.
Because the remote DC believes it is has a more up-to-date Active Directory database than the local DC, the remote DC will not apply future changes to its copy of the Active Directory database or replicate them to its direct and transitive replication partners that originate from this local DC.
If not resolved immediately, this scenario will result in inconsistencies in the Active Directory databases of this source DC and one or more direct and transitive replication partners. Specifically the consistency of users, computers and trust relationships, their passwords, security groups, security group memberships and other Active Directory configuration data may vary, affecting the ability to log on, find objects of interest and perform other critical operations.
To determine if this misconfiguration exists, query this event ID using http://support.microsoft.com or contact your Microsoft product support.
The most probable cause of this situation is the improper restore of Active Directory on the local domain controller.
If this situation occurred because of an improper or unintended restore, forcibly demote the DC.
USN reported by Remote DC:
USN reported by Local DC:
I can see what has happened. When we booted off Disk 0 it obviously sync'd with the rest of my AD controllers. When we rebooted off Disk 1, that was in the state Disk 0 was before we booted it tried to sync but it has already been sync'd - hence the error above.
Dell Tech never appreciated the implications of this when he was telling me to swap disks in and out, and to be honest neither did i until now.
Now my problem.
1. Microsoft say DCPromo it to demote it to a member server or
2. Or Restore System State.
1. I cannot dcpromo as i have Exchange 2003 on it.
2. System State not included in the nightly backups. DOH.
So i thought i could move the Exchange stuff off it, un-install exchange, dcpromo, re-install exchange, move Exchange mailboxes back.
Can't - Information Store won't start because of the above.
Catch 22. Help!
What i am thinking - If I un-install exchange 2003 as it is, will it leave my database and transacation logs alone? Then i can dcpromo, then reinstall exchange? Would the re-install hook straight back into my databases and logs if i point the store to them?
I'm nervous about doing this on a production server without doing it in a lab - so looking for some assistance.
Can i just dcpromo the server with exchange on it, and re-install exchange? I read somewhere dcpromoing and exchange 2003 server can cause problems to the exchange organisation - something i don't want to do as i have 6 sites.