Solved

DHCP not working after demoting old DC

Posted on 2014-07-23
3
697 Views
Last Modified: 2014-07-24
Hi,

Today we demoted a legacy windows 2008 domain controller. It had previously been the PDC but we have since mad another 2008R2 server the PDC and have a 2012 server as a secondary DC. So I will call the servers as this -

Demoted server: Leg (2008 - DC/DHCP/DNS)
PDC (2008R2 - DC/DHCP/DNS)
SDC (2012 - DC/DNS)

After demoting the Leg server and removing the roles everything seemed fine. Until a user notified us later in the day that they could not log in. Tested and no machine can get DHCP. The Leg server had been powered down for a couple of weeks and all clients had been getting DHCP from the PDC. Why once we power it back on and demote it would all clients be unable to contact the PDC to obtain an IP address?

I have logged into the PDC and checked DNS. All the clients are registered there with the leases. But no machine can log on to the domain. They all get the message that no DC could be contacted.

I have logged in to the local machine and set a static IP address to see if they can connect this way but they are still unable to connect. But I am on a machine now that is still connected using a DHCP IP address.

Can anyone please give me some assistance in troubleshooting this issue? Please let me know what other info you need and I can supply it.

Thanks in advance.

Cheers,

Rory.
0
Comment
Question by:rorymurphy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:rorymurphy
ID: 40213922
Hi,

Some further info. This is a virtual server environment running on VMware ESX v5.1.

The Leg server is backed up using Veeam however I am reluctant to restore the server given that it was a DC an has since been demoted. If I restore it back into the forest I would imagine that would cause further issues.

I am currently restoring it to a sandbox location so I can get any required files/settings from it if required.

Cheers,

Rory
0
 
LVL 9

Accepted Solution

by:
sda100 earned 500 total points
ID: 40213974
You can restore the old server, just not as a domain controller, DHCP will still work.  However, you can test dhcp by using this little program, here: http://blog.thecybershadow.net/2013/01/10/dhcp-test-client/

I had to wait 20 seconds or so (after pressing "d") before I got a response from the DHCP server, but the response was correct.

Have you checked the firewall on both server and client (and anything in between)?

And now the red-herring, you said you changed a particular computer to static IP information, but it still didn't work?  That's where you should really start - lack of DHCP might be a result of this.
0
 

Author Closing Comment

by:rorymurphy
ID: 40216411
I'm an idiot! A long day lead to my judgement being more than a little bit off. Was in fact a network issue in the end which we resolved and did not need to resurrect the old DC. But thank you for your post sda100. As you said a red herring indeed. Cheers!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question