Link to home
Start Free TrialLog in
Avatar of elaw

asked on

Windows 2003 Domain - Running a command netdom query /domain:domain name fsmo


I was going to run DCPromo to remove active directory on one of the old domain controller.  Moved all the roles from this DC to other DC's.  I have also exchange 2007

While checking few things, find out when I use NTDSUTIL to check the roels, it gives the error: "the security context is invalid".

Also i use the command netdom query /domain: domain name fsmo it gives the error:
The security context is invalid
the command failed to complete successfully.

Guys do you have any idea..
Avatar of Adonis Sardinas
Adonis Sardinas

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of elaw


Thanks Adonis.  the issue is fixed.  I have run the dcdiag and the verifiyentrerprisereferences test is failing.  Please let me know if it will cause any issue when demoting a DC
Avatar of elaw


AD is a beast of a platform. Anything can happen really. But you should be fine as long as your moved your FSMO roles to another server.

Run the verifiyentrerprisereferences on your new DC
What do you get when you run DCDIAG on your new DC?

If you had not done so already bring down your DC you are going to demote and see what errors are reported on your new DC.

Event log is your friend. MS does a good decent job at giving help with event log issues.

Ooo, an ddont forget Google and ExpertXchange both very helpful resources.