Solved

Demotion of Windows 2003 Server

Posted on 2014-10-25
8
78 Views
Last Modified: 2015-01-06
Hi,

One of the guys in the office switched off one of our DCs which we will be decommissioning soon but he left it off for too long and now we are getting this error when doing a dcpromo:

The operation failed because:

Managing the network session with server.domain.local failed

"Logon Failure: The target account name is incorrect."

What should we do to demote this domain controller, I have turned it off as I'm worried it will cause problems to the working DCs
0
Comment
Question by:minniejp
8 Comments
 
LVL 8

Expert Comment

by:tshearon
ID: 40404018
This is probably because the DC that was shut down held one of your FSMO roles. You can use the following to identify which servers hold your FSMO roles. Just change the role to an acceptable server then try again.

http://support2.microsoft.com/kb/234790/en-us

You are still going to want to try and decommission the old ad server gracefully. After I have the roles transferred I would probably wait until after hours and turn the old ad server back on and demote it then shut it down.
0
 

Author Comment

by:minniejp
ID: 40404103
it doesn't hold any roles, I had already transferred the roles to another server.
0
 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404152
It might be due the replication issue, Domain controller failed to replicate with other domain controllers since it was powered off for some time. make sure you will bring replication steady before proceeding with demoting to member server. Please "nltest" to verify the this DCs secure channel with PDC and reset it if that broke that might be one issue.

Mostly importantly if this server was powered off for more than 60 day (or configured ), please don't try to bring the replication back in normal, that will create lingering objects in your AD database . shutdown (for ever) this server and remove the metadata of this server from AD (Metadata cleanup using NTDSutil - http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx)
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404153
nltest /SC_Verify:Doamin.com
nltest /SC_Reset:Domain.com
0
 

Accepted Solution

by:
minniejp earned 0 total points
ID: 40404168
Yes, I do believe it was off for more than 60 days, I have shut it down.  So I should follow:  http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx) to remove it from AD...
0
 
LVL 6

Expert Comment

by:Vipin Vasudevan
ID: 40404416
Yes please.. Thanks
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 40404686
as it was off for more than 60 days, you are getting that error because computer account password of that DC is expired which gets auto-reset  after 30 days.
try resetting computer account of that DC through ADUC if that does not work, you have the last oftion to forcefully demote it or clean metadata.

http://support.microsoft.com/kb/216393
0
 

Author Closing Comment

by:minniejp
ID: 40533167
Thanks
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question