• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 88
  • Last Modified:

Demotion of Windows 2003 Server

Hi,

One of the guys in the office switched off one of our DCs which we will be decommissioning soon but he left it off for too long and now we are getting this error when doing a dcpromo:

The operation failed because:

Managing the network session with server.domain.local failed

"Logon Failure: The target account name is incorrect."

What should we do to demote this domain controller, I have turned it off as I'm worried it will cause problems to the working DCs
0
minniejp
Asked:
minniejp
1 Solution
 
tshearonCommented:
This is probably because the DC that was shut down held one of your FSMO roles. You can use the following to identify which servers hold your FSMO roles. Just change the role to an acceptable server then try again.

http://support2.microsoft.com/kb/234790/en-us

You are still going to want to try and decommission the old ad server gracefully. After I have the roles transferred I would probably wait until after hours and turn the old ad server back on and demote it then shut it down.
0
 
minniejpAuthor Commented:
it doesn't hold any roles, I had already transferred the roles to another server.
0
 
Vipin VasudevanAssociate Infrastructure SpecialistCommented:
It might be due the replication issue, Domain controller failed to replicate with other domain controllers since it was powered off for some time. make sure you will bring replication steady before proceeding with demoting to member server. Please "nltest" to verify the this DCs secure channel with PDC and reset it if that broke that might be one issue.

Mostly importantly if this server was powered off for more than 60 day (or configured ), please don't try to bring the replication back in normal, that will create lingering objects in your AD database . shutdown (for ever) this server and remove the metadata of this server from AD (Metadata cleanup using NTDSutil - http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx)
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
Vipin VasudevanAssociate Infrastructure SpecialistCommented:
nltest /SC_Verify:Doamin.com
nltest /SC_Reset:Domain.com
0
 
minniejpAuthor Commented:
Yes, I do believe it was off for more than 60 days, I have shut it down.  So I should follow:  http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx) to remove it from AD...
0
 
Vipin VasudevanAssociate Infrastructure SpecialistCommented:
Yes please.. Thanks
0
 
Pramod UbheCommented:
as it was off for more than 60 days, you are getting that error because computer account password of that DC is expired which gets auto-reset  after 30 days.
try resetting computer account of that DC through ADUC if that does not work, you have the last oftion to forcefully demote it or clean metadata.

http://support.microsoft.com/kb/216393
0
 
minniejpAuthor Commented:
Thanks
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now