Manually Demoting a W2K DC
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Manually Demoting a W2K DC

  1. #1

    Question Manually Demoting a W2K DC

    Gotta question for you guys...

    W2k Server acting as a DC (not the only DC)...

    I need to demote it, but cannot due to replication problems it seems, as it cannot contact the other DC thus rendering dcpromo unusable...

    I've been told there's a way to demote manually in such a case by altering various entries through Active Directory...

    Can anyone point me in a direction regarding how to do this?

  2. #2
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Demoting manually show be your last idea, it's not that easy and can cause you a lot of problem. In Win2003, their a utilities. I read it somewhere but I cannot find it now. Give me some time and I'll find it.

    What stop your server to contact your other DC? Firewall? Did this DC replicate with the AD in the last 60 days? Could you move the server physically in the same LAN that another DC?
    -Simon \"SDK\"

  3. #3
    What stop your server to contact your other DC?
    I don't know...If you look at some of my past threads, this has been a problem for a while. It's because of problems like this that it's getting demoted...It seems to be spreading the problem across the network...

    Did this DC replicate with the AD in the last 60 days?
    Nope, I don't believe so.

    Could you move the server physically in the same LAN that another DC?
    Not sure I know what you mean...Could you rephrase?

    Yeah, anything you can find will be MUCH appreciated. Thanks!

  4. #4
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    If your DC didn't replicate within 60 days, it's doom. Don't try to reconnect it to your AD. Was your DC as Operation Master for Schema, RID, PDC or Infrastructure?

    I'm not sure but the DC might be already gone from your AD since it didn't replicate for the last 60 days. You might have problem because your DC was Operation Master for Schema, RID, PDC or Infrastructure. Try looking for a utilities call NTDSUTIL from Microsoft to move those operation master job from a death DC to a new DC. It exists for Windows 2003 Domain so I may exist for W2K Domain.
    -Simon \"SDK\"

  5. #5
    No can do.

    I get this error:

    DsBindW error 0x80090322(The target principal name is incorrect.)

  6. #6
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Was your DC as Operation Master for Schema, RID, PDC or Infrastructure?
    -Simon \"SDK\"

  7. #7
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Not sure I know what you mean...Could you rephrase?
    SDK has a good point about moving it to a LAN where another DC resides. Hear me out this sounds goofy but... it works (sometimes). IN a nutshell... MS usess all kinds of funky crap to communicate with it's services, not just your basic TCP/IP. Things could get in the way if you don't have a clear path, bad hubs, switches, bridges, firewalls and bottle necks etc. So you take a DC one night and plug it right into the exact same hub that the good DC is on. And troubleshoot from there. Sounds goofy but at this point with all the stuff you have done it could be a problem with the LAN or TCP/IP stack. NEVER rule out layer 2 problems.

    SDK - if all the roles are on the other DCs can't he just pull the plug and RIP the box and start over with a fresh install?
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  8. #8
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    AD is configured to flush any entry that are older that 60 days. Is DC entry are probably flush already. In my view, he could just shutdown the box and wait to see the result. But we need to be sure that is DC is not an Operation Master for Schema, RID, PDC or Infrastructure.
    -Simon \"SDK\"

  9. #9
    Darn it. This DC was set up before I took over the network, so I wasn't there when the ops master roles were handed out. Asked the guy who did it, and he doesn't recall...

    So how can I find out? I think I recall a DOS tool that I can use to scan for where roles reside throughout the network, right?

  10. #10
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Open Active Directory Users and Computer, right click on your domain name and click on Operations Masters. You'll see. Usually, the first DC of a domain take those job and are rarely change on in small business AD.
    -Simon \"SDK\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •