2003 domain controller issue.

I had a 2003 physical domain controller that blew up on me.  I cant even log into it, both drives went bad.  I am going to replace the drives and rebuild. Will I have a problem with this, since the original was never demoted?  This is one of three domain controllers and is actually our DR DC.  

Also would I have a problem naming it the same?

Thanks Guys!
bstrom24Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tsaicoCommented:
You will have problems naming it the same, and I would just recommend starting with a new name if possible.

As for the PDC, you should be able to seize them for one of the other two DCs, then you have to manually edit the AD for manual removal of the old now dead DC.  Why don't you just use a backup to restore to the new drives?  Even an older DC will update to the current information, then you can demote it and remove or just leave it be.
0
bstrom24Author Commented:
This DC is not backed up, it is at our disaster recovery site and was just setup with RAID 1.  Cant believe 2 drives went bad.  The primary is fine.

So you think the new one should be built with a new name?  I can do that.  I have never removed a DC from AD that no longer exists, I have only demoted.      
0
tigermattCommented:
You will need to do a metadata cleanup to remove the replication metadata pertaining to the failed DC. To do that, follow these steps: http://technet.microsoft.com/en-us/library/cc736378%28WS.10%29.aspx.

If you do not clean up the metadata, then the remaining boxes will continue trying to talk to a DC which no longer exists.

You should also seize any FSMO roles held by that DC, although it sounds as if this was a remote site which did not hold any operations roles. (Sidebar: "The primary is fine" - in modern AD, there is no "primary" and "backup" Domain Controller, a situation confused somewhat by the old days of NT4 and the continuing existence of the "PDC Emulator" role, which is for some single-master functions but mostly for backwards compatibility reasons).

Once those processes have been completed, you can tidy up references to the old DC's name in DNS and Active Directory Sites and Services, and then reinstall and re-promote a new box.

There are various recommendations and best practices that indicate you should use a new name, while other industry experts will say it does not matter. I have no preference myself, but at least using a different name will allow you to identify a reference to the old DC in a setting/event log message which will then ring alarm bells, rather than get confused as to whether something is referring to the old instance of the DC or the new, freshly promoted instance.

Depending on the connectivity and logistics of transporting the box between your DR and main sites, you might consider promoting the new instance of the DC on the LAN in your main site, getting everything stable, then transporting it back to the DR location.

-Matt
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

bstrom24Author Commented:
I found this step by step article.  Let me know if this will work.  I assume it will.  
I also plan on naming the server the same.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

0
tigermattCommented:

Yes, that is correct.
The steps in the article you linked to are essentially the same as those in the first link of my above comment, http:#a37347282.

-Matt
0
bstrom24Author Commented:
Thanks Matt for you help!  

Also, this is not a Global Catalog server, so should I still seize the roles?

I will let you know how it goes.  I am waiting for the new drives to come in, then i will have some traveling to do

Thanks again,
Ben.  
0
bstrom24Author Commented:
One more thing Matt.  I do plan on keeping the same name.  I discussed it with my Director and he would like it kept if possible.  After running the metadata cleanup, should I still remove it from sites and services/Users and computers or can I keep it there since I will build with same hostname?  

Thanks Matt

Ben
0
tigermattCommented:

Hi Ben,

I would clear out references from Sites & Services and Users & Computers, just to keep things clean. Strictly, it should not matter, but a clean slate is always a good idea.

>> this is not a Global Catalog server, so should I still seize the roles

Does the server actually hold any FSMO roles? If so, then yes, they will need seizing.

You can check this by jumping on to an existing DC and executing, from a command prompt:

netdom query fsmo

Open in new window


Note the name of the DC holding each of the 5 roles. If the failed DC is listed next to any of the roles, then you will need to seize the role(s) it held over to a functioning box: http://support.microsoft.com/kb/255504.

You can read more about FSMO roles in my article here: http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_2796-Demystifying-the-Active-Directory-FSMO-Roles.html

Let me know how you get on!

-Matt
0
bstrom24Author Commented:
Looks like just my primary is holding the roles.  
0
tigermattCommented:

Cool. I suspected that was the case given the circumstances.

You just need to run the metadata cleanup then. No seizing required.

-Matt
0
bstrom24Author Commented:
Thank you Matt!
0
bstrom24Author Commented:
Matt,

Would I have a problem adding a Server 2003 R2 DC?  The other two are 2003 Standard SP2.  I wouldn’t think there would be a problem, but I am just verifying before I promo this DR DC.  

Thanks again for your help!

Ben
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.