Solved

Demotion of Windows 2003 Server

Posted on 2014-10-25
8
77 Views
Last Modified: 2015-01-06
Hi,

One of the guys in the office switched off one of our DCs which we will be decommissioning soon but he left it off for too long and now we are getting this error when doing a dcpromo:

The operation failed because:

Managing the network session with server.domain.local failed

"Logon Failure: The target account name is incorrect."

What should we do to demote this domain controller, I have turned it off as I'm worried it will cause problems to the working DCs
0
Comment
Question by:minniejp
8 Comments
 
LVL 8

Expert Comment

by:tshearon
ID: 40404018
This is probably because the DC that was shut down held one of your FSMO roles. You can use the following to identify which servers hold your FSMO roles. Just change the role to an acceptable server then try again.

http://support2.microsoft.com/kb/234790/en-us

You are still going to want to try and decommission the old ad server gracefully. After I have the roles transferred I would probably wait until after hours and turn the old ad server back on and demote it then shut it down.
0
 

Author Comment

by:minniejp
ID: 40404103
it doesn't hold any roles, I had already transferred the roles to another server.
0
 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404152
It might be due the replication issue, Domain controller failed to replicate with other domain controllers since it was powered off for some time. make sure you will bring replication steady before proceeding with demoting to member server. Please "nltest" to verify the this DCs secure channel with PDC and reset it if that broke that might be one issue.

Mostly importantly if this server was powered off for more than 60 day (or configured ), please don't try to bring the replication back in normal, that will create lingering objects in your AD database . shutdown (for ever) this server and remove the metadata of this server from AD (Metadata cleanup using NTDSutil - http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx)
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404153
nltest /SC_Verify:Doamin.com
nltest /SC_Reset:Domain.com
0
 

Accepted Solution

by:
minniejp earned 0 total points
ID: 40404168
Yes, I do believe it was off for more than 60 days, I have shut it down.  So I should follow:  http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx) to remove it from AD...
0
 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404416
Yes please.. Thanks
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 40404686
as it was off for more than 60 days, you are getting that error because computer account password of that DC is expired which gets auto-reset  after 30 days.
try resetting computer account of that DC through ADUC if that does not work, you have the last oftion to forcefully demote it or clean metadata.

http://support.microsoft.com/kb/216393
0
 

Author Closing Comment

by:minniejp
ID: 40533167
Thanks
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now