Announcement

Collapse
No announcement yet.

Windows 2003 DC Demotion issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows 2003 DC Demotion issue

    Kindly go though the scenario and need inputs on queries.

    SCENARIO
    •14 sites consisting of 28 DCs
    •Each site contains 1 Windows 2003 DC & 1 Windows 2008 R2 DC
    •All the FSMO roles are transferred to Windows 2008 R2 DC
    •All DCs are AD Integrated DNS & DHCP role holders for the respective sites
    •All Windows 2003 DCs to be demoted from AD
    •Windows 2003 Demotion is not getting successful as DNS record Deregistration is getting timed out. Below mentioned error received,
    Event Type: Error
    Event Source: NETLOGON
    Event Category: None
    Event ID: 5808
    Date: 2/24/2011
    Time: 12:04:31 PM
    User: N/A
    Computer: MYP-ADC
    Description:
    The deregistration of some DNS domain controller locator records was aborted at the time of this domain controller demotion because the DNS deregistration took too long.


    To overcome this, the DNS role are separated from AD.
    After DNS from AD separation, all the DCs will be holding Primary Standalone DNS role

    QUERIES
    •Will the user face the impact to find the GC & LDAP while logging in
    •Will there be any impact on _msdcs.domainname.com, ForestDNSZones & DomainDNSZones
    •Suggestions required for DNS zone refresh interval & Zone transfers.
    From,
    Amit
    [/EMAIL]

  • #2
    Re: Windows 2003 DC Demotion issue

    To get around your dcpromo issue try to manually stop the netlogon service and then remove the stale records after from the DNS.
    As for the other queries, make sure the DC is not configured as a roleholder or GC and the clients don't point to it for DNS resolution.
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Windows 2003 DC Demotion issue

      Hi,

      Please find the suggestions inline

      •Will the user face the impact to find the GC & LDAP while logging in
      Make sure the TCP/IP scope for the clients are updated to point to new DNS servers

      •Will there be any impact on _msdcs.domainname.com, ForestDNSZones & DomainDNSZones
      Since the DNS is no longer AD intergrated, check the replication scope and what was your previous replication scope.

      How many domains do you have and how have you setup the name resolutins.
      conditional forwarding, root hints ?

      •Suggestions required for DNS zone refresh interval & Zone transfers.
      Why would you like to setup DNS in this way?

      #By default, the refresh interval for each zone is set to 15 minutes. The refresh interval is used to determine how often other DNS servers that load and host the zone must attempt to renew the zone.
      Thanks & Regards
      v-2nas

      MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
      Sr. Wintel Eng. (Investment Bank)
      Independent IT Consultant and Architect
      Blog: http://www.exchadtech.blogspot.com

      Show your appreciation for my help by giving reputation points

      Comment

      Working...
      X