Solved

No Logon servers available.

Posted on 2014-02-20
14
1,526 Views
Last Modified: 2016-03-14
Hello EE's

Just now i demote my secondary domain controller. I am sure my FSMO masters are primary domain controller and I checked with dsquery.

After demote of secondary server my domain joined other servers cannot login. came up with an error

" No logon server available ".

Please help me on this.

Thank you.

Shamil
0
Comment
Question by:Shamil Mohamed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +3
14 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39875895
Did you just move the FSMO roles before you demoted it? Or were the FSMO roles always on another server?

If you moved the FSMO roles before demoting, did you give it adequate time to replicate? Did you use the force removal switch?

When you demoted it, did you also remove DNS? Is DNS on servers/clients still pointing to the old DC?

Does the DC still show up in Active Directory Sites and Services?

What happens when you run DCDIAG from a command prompt on your working DCs? Any errors?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39875906
And one additional question to those above. Is your remaining DC also  global catalog server?
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39875908
ya gave around 1 week of time. I didnt use force removal switch. Ya DNS & Global catalog also removed. My primary DC still up in Active Directory sited and services.

Just now i check dcdiag saw some errors.. can u please go through the attachments..

Pleas help me..

Thank you
dsdiag01.jpg
dsdiag02.jpg
dsdiag03.jpg
dsdiag04.jpg
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 166 total points
ID: 39875919
If you browse the shares on the server, do you have a NETLOGON and SYSVOL share?

The Advertising errors concerns me the most. The system log errors can usually be ignored. You have a fair few replication errors, but unlikely causing this problem.

Run IPCONFIG /REGISTERDNS from a command prompt.

And restart the NETLOGON service.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39875923
Check and make sure the old server isn't listed anywhere in AD Sites and Services. Check under every section of it. That will likely clean up some of the replication errors.
0
 
LVL 14

Assisted Solution

by:Schnell Solutions
Schnell Solutions earned 250 total points
ID: 39875929
You could be facing a name resolution issue. How did you handle your DNS Service?

For example, the computers and servers from your network are configured to use a DNS server. Do you have Domain Controllers, Member servers or workstations pointing to the decommisioned DNS? If this is the case you need to Update the DNS client Configuration for your DCs, servers and workstations to point to the new DNS

If the DNS resolution is not working fine ... AD is not going to work

Additionally of verifying that all your servers and computers are using the new DNS, can you ensure that if you open your DNS zone the different ADDS records are present there?
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39875936
Ya its done.. that server name is not mentioned anywhere its removed automatically after the demote of the server.

above mentioned also done.. ( ipconfig/registerdns and net start & stop netlogon = also done ).
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39875942
I probably should have asked what DCs level these are.

Check out this article for 2003. This is regarding the Advertising Error.
http://support.microsoft.com/kb/958804
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39875945
according to DHCP server this secondary domain controller IP is still populated as Secondary DNS server.. is that would be a problem.. ??? Primary DNS server ip is there and still running up..
0
 
LVL 14

Assisted Solution

by:Schnell Solutions
Schnell Solutions earned 250 total points
ID: 39875950
Hello

I am not clear if you answered my previous question...

As far as you took out one DC/DNS and you staid with a new one. Do you have all your servers and clients pointing to the new DC ad the DNS server? Which one is the server that you are using as the DNS server for your DC/Member servers and worstations?

If you open the DNS zone for the new server, are you able to see the ADDS Service records inside the dns zone _msdcs.yourdomain?
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 166 total points
ID: 39875952
You definitely should remove the old decommissioned server from DHCP. That can cause problems should the IP stack determine to use that one. Make sure the servers don't have that statically set in their network properties either.
0
 
LVL 14

Accepted Solution

by:
Schnell Solutions earned 250 total points
ID: 39875954
Better switch the primary DNS that your DCs/Servers/Clients use to the new DC. Because as far as the old server is online without the DNS server role working/synchronized, your clients can try working with that one and not switching to the secondary one
0
 
LVL 17

Assisted Solution

by:Sikhumbuzo Ntsada
Sikhumbuzo Ntsada earned 84 total points
ID: 39876104
Hi There,

Take one server, disconnect the network cable, then login - it should go in from the last remembered domain.

Then check which domain controller it's log on to.

Open an elevated command prompt and type "echo %logonserver%, it should list the current domain controller used.

Put the cable back and add the machine to the domain again, do "ipconfig /flushdns" then "ipconfig /registerdns"
0
 

Expert Comment

by:MugoMudzi
ID: 41506053
spent a week struggling with this, the internet let me down until I figured it out by myself. Go to another server and open up power shell. After that, remote log in using power shell, apparently the admin password still works through this and then run power shell commands to reset all passwords or that particular local account. This problem is brought by the fact that your DNS server might have been sitting on that particular server it was not referenced properly after demotion. The script is down here for the reset although it will reset all local passwords
####
Get-WmiObject win32_useraccount | Foreach-Object {
([adsi](“WinNT://”+$_.caption).replace(“\”,”/”)).SetPassword(“FluxCapacitor!11-5-1955”)
}
###
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question