We have Active Directory Domain Controller installed on Windows Server 2008R2 in our office with domain name jbboda.local, where hostname JBBDC-1 IP 172.16.0.2 is primary domain controller and hostname JBBDC-2 IP 172.16.0.27 is the backup domain controller. Few days ago our primary DC i.e. JBBDC-1 went down due to hardware failure. To restore the Domain Services we had Seizing FSMO Roles and tried to do Metadata cleanup through command prompt but we did not found broken JBBDC-1 in the list. To clear the metadata we had deleted JBBDC-1 from Active Directory Users and Computer > Domain Controllers list, Active Directory Sites and Services and DNS entry related to JBBDC-1 with the help of GUI.
To test the Seizing FSMO Roles is completed successfully we had used nltest /dclist:jbboda.local and netdom query fsmo
Output: nltest /dclist:jbboda.local
Get list of DCs in domain 'jbboda.local' from '\\JBBDC-2.jbboda.local'.
JBBDC-2.jbboda.local [PDC] [DS] Site: Site1
The command completed successfully
Output: netdom query fsmo
Schema master JBBDC-2.jbboda.local
Domain naming master JBBDC-2.jbboda.local
RID pool manager JBBDC-2.jbboda.local
Infrastructure master JBBDC-2.jbboda.local
The command completed successfully.
We had logged in with local administrator and changed the primary DNS IP 172.16.0.27 and used command ipconfig /flushDNS in all client system.
After completion of the above process we tried to login with the domain users, but still users are not able to login to domain as it is taking very long time in Applying Windows Settings, Applying Group Policy around 15 to 20min.
When we assign the DC1 IP 172.16.0.2 to the new PDC as alias IP, domain users are able to login properly but some time some policies are not getting applied, we need to run gpupdate /fore to apply the policy.
Can anyone help us how to resolve the above said issue.
Silcom Solutions Pvt. Ltd.