No announcement yet.

Failure to rejoin domain after dcpromo

  • Filter
  • Time
  • Show
Clear All
new posts

  • Failure to rejoin domain after dcpromo

    Issue began when rejoining a W2K3 server to the network. This server had been out of the loop for a few months and missed out on a password reset (and a DNS server change). An Event ID 1058 on Source userenv began which I identified as a logon failure to the SYSVOL on the main DC (which is W2K incidentally). Permissions on the SYSVOL are correct. Reset of password did not work (try both servers).

    Checked out a few forums which suggested running dcpromo on the W2K3 server, but this failed with "Target account name incorrect". A few more googles and I tried another suggestion, namely "dcpromo /forceremoval". This worked, to a degree. I was able to demote the W2K3 server, but unable to run dcpromo again, this time getting "The Specified User Already Exists".

    I then tried MS article 216498 to attempt to remove the data from AD on the W2K server, but at step 5 of procedure 1 (connect to server servername), I get error "DsBindW error 0x6d9 (There are no more endpoints available from the endpoint mapper.)". In troubleshooting this via MS article 839880, I can now see that ports 1024 (FRS) and 6004 (AD replication) are not listening on W2K3 server.

    The W2K3 server is now outside the domain (in WORKGROUP) and I cannot rejoin as I get message "The Specified User Already Exists" referring I believe to it's computername.

    Essentially I would like to keep the computername (if possible), rejoin it to the domain and also make it a DC. It's got some hefty development software on there that would take an age to reinstall.

    Am I screwed? Did anyone actually read this far without commiting Hara-kiri? Any guidance greatfully received.


  • #2
    Re: Failure to rejoin domain after dcpromo

    Was it a DC before it went offline for a while?

    If so, you may well have totally screwed the pooch by putting it back on the network. Either way, you have no choice; you must reformat and start again. This box can NEVER go back on the network (and DEFINITELY not back in the domain) as it is. When you reformat, don't use the same computer name, just for safety's sake; the AD is probably very confused as it is.

    As to your application, is the data on the same box? If so make sure you get good backups.

    Make sure you clean up your AD (delete the computer account for the 2k3 box and do a metadata cleanup) before getting the 2k3 server back online. Have you done a DomainPrep/ForestPrep to make your 2000 DC ready for the 2k3 box to be promoted?

    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you


    • #3
      Re: Failure to rejoin domain after dcpromo

      If you do decide to rebuild the server make sure you check your existing domain for any traces of the DC and clear up the metadata:

      Michael Armstrong
      MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **