Solved

Continue to get Event ID 1055 after forceful removal of old domain controller, and running metadata cleanup.

Posted on 2016-09-14
6
37 Views
Last Modified: 2016-09-15
I came into an environment where after some digging appeared to have physically removed an old domain controller from the environment, without first  releasing the FSMO roles.  After finding this, I seized all FSMO roles sucessfully on the server, then completed a metadata cleanup.  However, even after a reboot of the current now (and only) domain controller, I still have clients showing Event ID 1055 errors in the event viewer, indicating that they are not able to authenticate with the domain controller?

I am struggling with finding a solution...
0
Comment
Question by:Chad Barbre
6 Comments
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 500 total points
Comment Utility
Check DNS for lingering records to the domain  - from a client machine, ping the domain name.

HOSTS or LMHOSTS file has bad static records?  I have seen this in the past where a novice admin "fixed" issues by pushing changes out to all workstation HOSTS file (located in C:\Windows\System32\Devices\ETC\).

Legacy domain replication connections not deleted as part of metadata cleanup - open ADSS and check replication connectors.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
Did you makes sure that the OLD DC was not longer listed as a global catalog?  What about DNS - are all workstations pointing to the current server? Is time synch working on the domain?

Have you checked and either reset the computer accounts or removed and rejoined the domain to see if that fixes the issue?
1
 
LVL 16

Expert Comment

by:FOX
Comment Utility
Is the current DC set up with DHCP?  If so make sure all the workstations are pointing the the domain controllers online.
Open DHCP>expand your Domain Controller>expand IPv4>right-click Server Options>select options...scroll down to DNS servers, put a check inside DNS servers....at the bottom add the ip(s) of your DNS server(s).

YOur workstations will now automatically point the the dns of your Domain controllers
0
Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 

Author Comment

by:Chad Barbre
Comment Utility
"WalkaboutTigger"- I checked the DNS records, and do show that there is still a Name Server (NS) record for the decommissioned server, and also an Alias listed.  Also there is still a "Host (A)" record still listed.  I should remove all three of these records, correct?

"Hypercat (Deb)"- Yes, I removed the old DC from ADSS, and also from ADUC.  I had not yet unjoined and re-joined the pcs from the network.  It's a network of about 11 workstaitons, so not to big of a time grabber if I have to do this.

"Fox"- Yes, the current (and only) DC is also the netowkrs DHCP.  The only DNS servers confiugered for the scope are the current server, and the netwoork firewall.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
Comment Utility
Yes, DNS MUST be scrubbed of records pointing to the decommissioned server.  This is the most likely cause of these errors.
0
 

Author Closing Comment

by:Chad Barbre
Comment Utility
After the removal of these records, I rebooted client machines, and did not receive these event errors upon reboot.  Communication to the DC seems to be working as expected.

Thanks for all the help!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now