Solved

Failed 2008r2

Posted on 2016-10-10
6
94 Views
Last Modified: 2016-11-14
Hi

I have two windows 2008r2 servers.  

One, that just crashed with no chance of recovery but I can get into the System Drive .  "Dc01". It held all the FSMO roles.  

The second, Alive and well. It's a D.C. with no FSMO roles.   "DC02".

I'd like to ...

DC02 seize all FSMO roles
Keep all gpos in tack.  
Rename DC02 to DC01

Thank you
0
Comment
Question by:mizgroup
6 Comments
 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41837840
You can use ntdsutil to seize fsmo roles on DC02.  ntdsutil is a command line utility. Group policies wont be affected. After seizing fsmo roles you will have to remove all metadata for DC01 again using ntdsutil.  And finally you can use netdom to rename DC02 to DC01.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 41837842
DC02 seize all FSMO roles
Ok, Seize them using NTDSUtil

Keep all gpos in tack.  
Has nothing to do with anything.  GPOs are not affected unless you're going to rebuild the entire domain.

Rename DC02 to DC01
WHY?  Just rebuild the failed once you remove it from AD.
2
 

Author Comment

by:mizgroup
ID: 41838155
Sorry just to clarify.  If I seize the roles instead of transferring them, will I still have all the gpos of the domain.

What meta data would I need to sufffienctly remove before doing the netdom?

Thanks
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
ID: 41838254
I'll repeat:
GPOs are not affected unless you're going to rebuild the entire domain.
1
 
LVL 6

Expert Comment

by:sAMAccountName
ID: 41838563
Hi mizgroup

You can use powershell to sieze all the FSMO roles (Seize FSMO roles with Powershell)

Lee W is absolutely correct, this activity has no bearing on GPO.  They are replicated through a different mechanism and will remain intact.  I also agree, you do not need to rename the failed DC.

Here is an article which goes over what metadata is left behind and how to clean it up:
Clean up metadata (Technet)

Once the metadata is cleaned up, you can rebuild the failed DC, allowing it to retain the original name and IP address - this will allow anything that was pointing directly to it to resume normal operation.

(Edit)
Also, you mentioned you can still get to the system drive on the failed DC.  Do not try to recover the data on that drive or do a repair.  Just wipe it and rebuild it.
0
 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41839018
Since DC01 has failed you can't transfer roles so you only have the option to seize roles.  GPOs won't be affected when you seize roles.  How???  If you clients are getting the GPOs then they are getting it from the working DC.  And seizing roles only affects roles and does nothing to the GPO. It seems you are very unsure of what will happen.  Believe me I felt the same when i did this for the first time.

Watch the following video on YouTube and you will get a fair idea on what you have to do.  It is step by step clear explanation.

https://www.youtube.com/watch?v=DzJTCYtp7XI
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now