Announcement

Collapse
No announcement yet.

Unable to DCPromo Demote AD 2003 Server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to DCPromo Demote AD 2003 Server

    I have a Windows 2003 Domain Controller that has been shut down for a few months now. I had to move it physically to a new location (new subnet).
    When I turned it on, i made sure that the Network settings were correct, reregistered in DNS and when i do a DCPromo (down) it says:

    The operation failed because:
    Managing the network session with myotherdc.mydomain.com failed
    "Logon Failure: The target account name is incorrect".

    It seems that when i open AD Users/Computers it has stale info.

    I moved it to the correct site, etc -- but no luck.

    Here's some things i tried for troubleshooting:
    ipconfig/registerdns (flushdns)
    change dns servers (different servers)

    My last resort is a dcpromo/forceremoval -- but i really do not want to do this.

    I've been looking at the internet for help, but so far nothing has hit me.

    I realize it's either a issue with Stale AD info (possibly DNS), but what could it be.

    DNS seems to work fine when i point to the correct server,etc.


    Sorry about the rambling -- any assistance would be greatly appreciated!!!

    Thanks!

  • #2
    Re: Unable to DCPromo Demote AD 2003 Server

    Here is something interesting that i found which may help...

    Let me know what you think --

    NETDOM RESETPWD /Server:ProblemServer /UserDomain\AdministrativeID
    /PasswordD:*

    Comment


    • #3
      Re: Unable to DCPromo Demote AD 2003 Server

      source: http://www.experts-exchange.com/OS/M..._23018570.html
      Originally posted by LauraEHunterMVP

      - - - - - -

      From a DC in your domain that is still online (there is no need to, nor would I recommend, powering the DC back on at this point), perform a metadata cleanup of the old DC as follows: http://www.petri.com/delete_failed_dcs_from_ad.htm

      If you wish to re-introduce this DC into your environment, power it up while NOT CONNECTED TO YOUR PRODUCTION NETWORK, and run dcpromo with the /forceremoval switch, after which you can reconnect it to your network and re-run dcpromo as though it is a normal member server that you are promoting for the first time.

      - - - - - -

      Default tombstone lifetime is 60 days; this can be lengthened or shortened, but 60 is the default.
      As the DC has been offline for more than 60 days, the point here is that the OP -cannot- safely turn on that DC again without incurring a USN rollback state within his domain.
      The appropriate steps here are:
      • Metadata cleanup/seize any necessary FSMO roles from an existing DC.
      • dcpromo /forceremoval on the tombstoned DC -while physically disconnected from the network-.
      • Do with the no-longer-tombstoned-DC as you will


      - - - - - -
      \Rems

      This posting is provided "AS IS" with no warranties, and confers no rights.

      __________________

      ** Remember to give credit where credit's due **
      and leave Reputation Points for meaningful posts

      Comment


      • #4
        Re: Unable to DCPromo Demote AD 2003 Server

        Hi,

        If a DC does not participate in replication within tomstone life time then it will not participate in replication.

        http://technet2.microsoft.com/window....mspx?mfr=true

        Now as want to make it up in a new site so it's better to demote it and then repromote it after a meta cleanup otherwise you will endup in a mess.

        Regards,
        Kapil Sharma
        ~~~~~~~~~~~~~
        Life is too short, Enjoy It.

        Comment

        Working...
        X