No announcement yet.

Unable to DCPromo Demote AD 2003 Server

  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to DCPromo Demote AD 2003 Server

    I have a Windows 2003 Domain Controller that has been shut down for a few months now. I had to move it physically to a new location (new subnet).
    When I turned it on, i made sure that the Network settings were correct, reregistered in DNS and when i do a DCPromo (down) it says:

    The operation failed because:
    Managing the network session with failed
    "Logon Failure: The target account name is incorrect".

    It seems that when i open AD Users/Computers it has stale info.

    I moved it to the correct site, etc -- but no luck.

    Here's some things i tried for troubleshooting:
    ipconfig/registerdns (flushdns)
    change dns servers (different servers)

    My last resort is a dcpromo/forceremoval -- but i really do not want to do this.

    I've been looking at the internet for help, but so far nothing has hit me.

    I realize it's either a issue with Stale AD info (possibly DNS), but what could it be.

    DNS seems to work fine when i point to the correct server,etc.

    Sorry about the rambling -- any assistance would be greatly appreciated!!!


  • #2
    Re: Unable to DCPromo Demote AD 2003 Server

    Here is something interesting that i found which may help...

    Let me know what you think --

    NETDOM RESETPWD /Server:ProblemServer /UserDomain\AdministrativeID


    • #3
      Re: Unable to DCPromo Demote AD 2003 Server

      Originally posted by LauraEHunterMVP

      - - - - - -

      From a DC in your domain that is still online (there is no need to, nor would I recommend, powering the DC back on at this point), perform a metadata cleanup of the old DC as follows:

      If you wish to re-introduce this DC into your environment, power it up while NOT CONNECTED TO YOUR PRODUCTION NETWORK, and run dcpromo with the /forceremoval switch, after which you can reconnect it to your network and re-run dcpromo as though it is a normal member server that you are promoting for the first time.

      - - - - - -

      Default tombstone lifetime is 60 days; this can be lengthened or shortened, but 60 is the default.
      As the DC has been offline for more than 60 days, the point here is that the OP -cannot- safely turn on that DC again without incurring a USN rollback state within his domain.
      The appropriate steps here are:
      • Metadata cleanup/seize any necessary FSMO roles from an existing DC.
      • dcpromo /forceremoval on the tombstoned DC -while physically disconnected from the network-.
      • Do with the no-longer-tombstoned-DC as you will

      - - - - - -

      This posting is provided "AS IS" with no warranties, and confers no rights.


      ** Remember to give credit where credit's due **
      and leave Reputation Points for meaningful posts


      • #4
        Re: Unable to DCPromo Demote AD 2003 Server


        If a DC does not participate in replication within tomstone life time then it will not participate in replication.

        Now as want to make it up in a new site so it's better to demote it and then repromote it after a meta cleanup otherwise you will endup in a mess.

        Kapil Sharma
        Life is too short, Enjoy It.