If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.
Transferring FSMO role
I have production server running in eval mode. To upgrade license I installed another server on hyper-V of same physical host and transfer all FSMO roles. After transfer repadmin was generating error on main server but it worked fine on secondary server (all these worked fine in lab test).
I tried moving FSMO back but it did not help, therefore, I put FSMO on guest again some worked from pshell, some transfer worked form ntdsutil and some worked from console.
Eventually, I tried removing ADDS form host machine and instead of completely removing it suggested me to make it workgroup and stayed with an alert action as promote to DC.
I removed DC from users and computer container, removed NTDS from AD sites and services but it does not allow me to remove DC name from AD sites services. Tried ntdsutil metadata cleanup and it still does not remove.
Option to make it a workgroup is grayed out and DCpromo /force does work either.
Is there any ways to cleanup from adsiedit or more granular level of cleanup. If hyper-v is the only service running I should be able to able to join it back to domain, as DC on hyperV stars automatically with physical host????
I tried moving FSMO back but it did not help, therefore, I put FSMO on guest again some worked from pshell, some transfer worked form ntdsutil and some worked from console.
Eventually, I tried removing ADDS form host machine and instead of completely removing it suggested me to make it workgroup and stayed with an alert action as promote to DC.
I removed DC from users and computer container, removed NTDS from AD sites and services but it does not allow me to remove DC name from AD sites services. Tried ntdsutil metadata cleanup and it still does not remove.
Option to make it a workgroup is grayed out and DCpromo /force does work either.
Is there any ways to cleanup from adsiedit or more granular level of cleanup. If hyper-v is the only service running I should be able to able to join it back to domain, as DC on hyperV stars automatically with physical host????
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
If, at any time, you used a snapshot and then reverted to it for the DC VM, then you've caused some serious probblems with AD.
If not, I would pull the DC VM off (if it's seemingly working) the host server and run on something else temporarily, delete the "failed" DC from the list of domain controllers in the VM DC. Then wipe and reload the host server as a Hyper-V server ONLY.
Make sure run DCDIAG /C /E /V on each DC and research and resolve any unexplained errors.
If not, I would pull the DC VM off (if it's seemingly working) the host server and run on something else temporarily, delete the "failed" DC from the list of domain controllers in the VM DC. Then wipe and reload the host server as a Hyper-V server ONLY.
Make sure run DCDIAG /C /E /V on each DC and research and resolve any unexplained errors.
I am unable to get demote the host to domain and it is in workgroup but it fails to add to domain controller now. Dcdiag shows could not find server but nslookup shows new DNS
there is no snapshot. I created hyper V guest only to transfer to FSMO role, so I could upgrade license on host
I'll repeat:
I would pull the DC VM off (if it's seemingly working) the host server and run on something else temporarily, delete the "failed" DC from the list of domain controllers in the VM DC. Then wipe and reload the host server as a Hyper-V server ONLY.
(I'm referring to deleting the DC from AD Domain Controllers OU). Metadata cleanup is automated in 2012 when you delete a DC).
MAKE A BACKUP FIRST!
I would pull the DC VM off (if it's seemingly working) the host server and run on something else temporarily, delete the "failed" DC from the list of domain controllers in the VM DC. Then wipe and reload the host server as a Hyper-V server ONLY.
(I'm referring to deleting the DC from AD Domain Controllers OU). Metadata cleanup is automated in 2012 when you delete a DC).
MAKE A BACKUP FIRST!
but it does not allow me to remove DC name from AD sites services
Based on the above comment, when every you cannot remove an object if you are using a 2008 or higher domain you need to check the Properties>Object Tab> Protect from accidential deletion.
If that is checked it does not matter what level of access you have in the domain you need to remove this before you can do anything with it. You will not be able to delete/cleanup using ntdsutil etc.
Check that first then do the demotion. If you already have the Guest VM as the FSMO role holder (verifying using netdom query fsmo) you can simply demote the Host with ADDS installed.
If any roles are still on the host and you cannot transfer them do the Guest VM you will need to seize the roles to the guest VM.
Once you have done that remove the machines from the domain and also rename it if possible. Then bring up a second guest vm and prmote it to a DC for redundancy.
Will.
Hi Will. thanks for your comment... I found the root cause of the problem was second NIC I used for hypervisor. I posted my question solution on second link -
Please look go through it and advise.I would definitely like second opinion on that. As I would be adding ADDS role and transferring roles to main host once apply license
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Hyper-V/Q_28626986.html
Please look go through it and advise.I would definitely like second opinion on that. As I would be adding ADDS role and transferring roles to main host once apply license
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Hyper-V/Q_28626986.html
I brought my home lab server to production and created a VM on hyper V transfer all fsmo roles. Decommissioned production server, reinstalled OS and transfer role back. All file server where on secondary partitioned and I was able to restore permission.
Note - For moderator the issue has been resolved and I don't see any closed button.
Note - For moderator the issue has been resolved and I don't see any closed button.
I've requested that this question be closed as follows:
Accepted answer: 0 points for pchettri's comment #a40901420
for the following reason:
RESOLVED
Accepted answer: 0 points for pchettri's comment #a40901420
for the following reason:
RESOLVED
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
did try few suggestion from first comment to get closer to resolution. I guess that would be the closes for closure. If this question is still not resolved and if I am still not able to post question. I would call tomorrow to discontinue paying for this account, as discussed in the previous call. It should have been working by now as promised
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012
From novice to tech pro — start learning today.
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 303 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 435 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 388 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 450 lessons
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.