Disjoin DC and rejoin

Posted on 2014-01-21
Medium Priority
Last Modified: 2014-02-05
I have a VM host that crashed, one of the guests ran AD/DS. I have a standalone AD/DS box also. I did the failover of the guest with AD/DS on another host VM server and the replica boots fine but permissions don't allow users to access network printers or WSUS (also on that VM). Can I disjoin the replica and rejoin to see if that fixes permissions or should I try something else first. If I disjoin do I need to do dcpromo and demote the AD server?
Question by:LarryDAH
LVL 70

Accepted Solution

KCTS earned 2000 total points
ID: 39798664
You can't remove a DC from the domain  and add it back again without removing AD.
LVL 126
ID: 39798875
Do you have a single Domain Controller or two Domain Controller?

and if you have two, is it just this once that has gone wrong?
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39800195
You cannot Dis-join a DC from the domain. You may want to start with checking AD health between your 2 DC's... Use the below commands to check AD health/replication...

- repadmin /replsum
- repadmin /showrepl
- dcdiag /v

You may also want to check the event viewer on the DC that failed and this will point out errors which might lead you to solving your issue.


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Want to create a VM?  Here's how you do it.
If you need to implement application level security in an Access database application or other VBA code, I strongly encourage you to take advantage of Active Directory groups.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question