rdefino
asked on
Demoting a Domain controller
We have a 2003 AD infrastructure. We have multiple dc's in the domain. I demoted one about 2hrs ago. I going to promote a new 2008 DC in it's place using the same name and ip.
But when I look under sites and services it's still there.
But when I look at the server under there that I demoted the "NTDS settings" are gone.
Should the site and dc be removed from sites and service when demoting a DC?
But when I look under sites and services it's still there.
But when I look at the server under there that I demoted the "NTDS settings" are gone.
Should the site and dc be removed from sites and service when demoting a DC?
it's normal, you need to manually delete them out of the Sites Services.
Americom gets the points here.....just chiming in to say hi...I know he is busy and not around as much. Hope all is well :)
Thanks
Mike
Thanks
Mike
ASKER
If I'm promoting a new one in it's place using the same ip and same name, can I just leave it there?
First delete that server object from sites and services ...check if any NS records still present in DNS name server tab for demoted DC ...remove the host A record if not already
run netdom query dc ...demoted DC should not be listed in this
run repadmin /syncall /adep to replicate changes to other DC's if any
Now run dcpromo on 2008 to promote it
run netdom query dc ...demoted DC should not be listed in this
run repadmin /syncall /adep to replicate changes to other DC's if any
Now run dcpromo on 2008 to promote it
ASKER
Am I deleting the site or the just the server from sites and services?
Hi Mike, you are always right, yep, too busy for the past couple years and getting worst lately...but all so far so good :)
just the server from sites and services
Delete the object under the Server folder but not the blue site above the server folder. Assuming your new server will be going to the same site as before.
ASKER
so once I delete the old dc server from sites and service. The new dc that will use the ip and name of the old one will automatically show up in that site once it's promoted?
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
I'm getting this error when running dcpromo on the new 2008 dc. I left the dc in a workgroup prior to this.
There is no account in AD for this system name. Probably got deleted when I deleted it from sites and services.
What do I do now?
Capture.PNG
There is no account in AD for this system name. Probably got deleted when I deleted it from sites and services.
What do I do now?
Capture.PNG
Make sure your DNS settings are correct on new server and pointing to Your DC in Primary DNS server field
ASKER
when you say "Your DC in Primary DNS ". Do you mean the ip of the new dc?
Yes...IP of your DC should be used in Primary DNS field of TCP/IP properties in New Server
ASKER
fails if I use that. this server is not a dns server yet.
can you post the ipconfig /all of both the servers and dcdiag /q from existing DC
ASKER
looks to be replicating now. WHEWWWWW
once you have promoted as DC and restarted just check if the netlogon and sysvol has been shared on new server ...run repadmin /replsum to check the health of replication and dcdiag /q to check the health of DC
ASKER
so the replication completed and now I cannot login in with my domain account. This is a domain admin account too.
Whats the error?
ASKER
I cannot login with domain account. Just says bad password or account.
It's not talking to the domain to check the account.
I logged in doing f8 and directory restore mode, but not sure what to do here.
It's not talking to the domain to check the account.
I logged in doing f8 and directory restore mode, but not sure what to do here.
ASKER
so I need to demote this new server and promote the original server. Any thoughts on this?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.