Server 2008 R2 Active Directory

we have main office and 6 sites We have a DC on each site
One site moved to a new building.During move,movers pulled power cable and DC never came back - blue screen
Our IT director said that in this case we should build a new DC with name reflecting new place location and new site
What steps should I take and what sequence of those steps should be
This is the first time I will do it from beginning to the end
Vadim MikhalNeywork EngineerAsked:
Who is Participating?
Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
You do not need a backup in the case because you have multiple DC's in your environment at other sites. Your new DC will get all of the changes via replication.

You do however need to find out was this DC that failed holding any of the FSMO roles. Run the below command to check.
netdom query fsmo
If this DC does not have any FSMO roles assigned to it then it should be less work.

In server 2008 and up if you have a DC that has failed and it does not hold and FSMO roles then all you should need to do is deleted the computer account in Active Directory Users and Computers / and Sites-and-Services. Typically I still like to go back and check all of the places especially the SRV records in DNS integrated AD Zone (old school).

So that being said the link below will illustrate how to completely cleanup your Active Directory failed domain controller.

In the meantime what i would do for your clients is have them point to another DC in a different site. Depending on the latency it might take a bit longer to authenticate but once they have got their token from a different DC other services should be faster. This will at least get them up and running so that they can continue to work while you build another DC.

Once all of the metadata has been successfully removed, you can start the process of introducing the domain controller. Just remember that depending on the FFL and DFL of your current Active Directory you need to promote the appropriate OS version of domain controller.

So if your AD FFL/DFL is 2008R2 you cannot promote any DC's that are a prior OS version of Windows Server 2008 R2. Keep that in mind.

Metadata Cleanup (technet)

Muhammad MullaCommented:
Make sure you have a full backup. Especially of AD.

A few things you probably need to keep in mind:

1. Create the site or make sure that the site has been created in AD Sites and Services
2. Check the replication health of your AD
3. Ensure that your FSMO roles are on your working DCs
4. Clear out any references to your failed DC from DNS, etc. Especially on  the DHCP server settings and on any statically configured domain members or DCs.
5. Clean up the metadata
Vadim MikhalNeywork EngineerAuthor Commented:
No Backup
Muhammad MullaCommented:
Always make a backup before making potentially dangerous changes, such as ADSI Edits.
Lee W, MVPTechnology and Business Process AdvisorCommented:
I'm likely agreeing with much of what has already been said, so at a minimum, consider this agreement with the others in those areas:

1. Perform a backup on your existing DCs.
2. Run DCDIAG /C /E /V on your DCs (especially if you haven't lately).  In theory, you only need to run it on one, I'll be extra cautious and run it on all and then examine the output for any unexplained (there are a few that, under some circumstances, can be expected and left alone).  Correct any errors.  This includes a metadata cleanup of the failed DC (although, in 2008 R2, that should be automated, you can just delete the DC from the Domain Controller's OU.  I would still carefully examine DNS and run DCDIAG again to make sure it's all clean and stable.
3. Install the new DC as a member server and join it to the domain.
4. Define/rename the site on another DC.
5. Promote it to a DC.
6. Run DCDIAG AGAIN and verify it's all working well with the new DC.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.