Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Continue to get Event ID 1055 after forceful removal of old domain controller, and running metadata cleanup.

Posted on 2016-09-14
6
Medium Priority
?
87 Views
Last Modified: 2016-09-15
I came into an environment where after some digging appeared to have physically removed an old domain controller from the environment, without first  releasing the FSMO roles.  After finding this, I seized all FSMO roles sucessfully on the server, then completed a metadata cleanup.  However, even after a reboot of the current now (and only) domain controller, I still have clients showing Event ID 1055 errors in the event viewer, indicating that they are not able to authenticate with the domain controller?

I am struggling with finding a solution...
0
Comment
Question by:ITGUY-17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 2000 total points
ID: 41798576
Check DNS for lingering records to the domain  - from a client machine, ping the domain name.

HOSTS or LMHOSTS file has bad static records?  I have seen this in the past where a novice admin "fixed" issues by pushing changes out to all workstation HOSTS file (located in C:\Windows\System32\Devices\ETC\).

Legacy domain replication connections not deleted as part of metadata cleanup - open ADSS and check replication connectors.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41798577
Did you makes sure that the OLD DC was not longer listed as a global catalog?  What about DNS - are all workstations pointing to the current server? Is time synch working on the domain?

Have you checked and either reset the computer accounts or removed and rejoined the domain to see if that fixes the issue?
1
 
LVL 16

Expert Comment

by:FOX
ID: 41798612
Is the current DC set up with DHCP?  If so make sure all the workstations are pointing the the domain controllers online.
Open DHCP>expand your Domain Controller>expand IPv4>right-click Server Options>select options...scroll down to DNS servers, put a check inside DNS servers....at the bottom add the ip(s) of your DNS server(s).

YOur workstations will now automatically point the the dns of your Domain controllers
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:ITGUY-17
ID: 41798772
"WalkaboutTigger"- I checked the DNS records, and do show that there is still a Name Server (NS) record for the decommissioned server, and also an Alias listed.  Also there is still a "Host (A)" record still listed.  I should remove all three of these records, correct?

"Hypercat (Deb)"- Yes, I removed the old DC from ADSS, and also from ADUC.  I had not yet unjoined and re-joined the pcs from the network.  It's a network of about 11 workstaitons, so not to big of a time grabber if I have to do this.

"Fox"- Yes, the current (and only) DC is also the netowkrs DHCP.  The only DNS servers confiugered for the scope are the current server, and the netwoork firewall.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41798829
Yes, DNS MUST be scrubbed of records pointing to the decommissioned server.  This is the most likely cause of these errors.
0
 

Author Closing Comment

by:ITGUY-17
ID: 41799726
After the removal of these records, I rebooted client machines, and did not receive these event errors upon reboot.  Communication to the DC seems to be working as expected.

Thanks for all the help!
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question