* take that DC off the network (while it is up, remove the
cable)
* SEIZE the FSMO roles held by that bad DC to another live
DC
* Cleanup the metadata of the bad DC (Make sure ALL the
metadata is cleaned/removed from AD and replicated to other DCs)
* Forcebly demote the bad DC: DCPROMO /FORCEREMOVAL (end
result is a stand alone server!!!)
* If needed REPROMOTE the stand alone server to an
additional DC of an existing domain, make it a GC, transfer the FSMO roles
back, reconfigure additional services like DNS/WINS accordingly if
needed
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
#
Jorge de Almeida Pinto #
BLOG -->
http://blogs.dirteam.com/blogs/jorge/default.aspx-----------------------------------------------------------------------------
*
This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before
implementing!
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
So far the resolution stated in KBQ885875 is to
demote the DC. As the DC host the major FSMO roles and it can't transfer the
role to other DC at this state. How to best demote it?
Yes, use a normal backup to restore a DC!!! NEVER EVER
USE AN IMAGE TO RESTORE A DC!!!
IMAGES/SNAPSHOTS are not AD aware when restoring. So I
guess you have been having troubles because of a USN rollback
you can find more info at:
MS-KBQ885875_How to detect and recover from a USN
rollback in Windows 2000 Server
MS-KBQ875495_How to detect and recover from a USN
rollback in Windows Server 2003
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS
YOU!)
# Jorge de Almeida Pinto #
BLOG -->
http://blogs.dirteam.com/blogs/jorge/default.aspx-----------------------------------------------------------------------------
*
This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before
implementing!
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
I restored a Windows 2000 DC from a most recent ghost image, but it
cannot replicate to and from other DCs. The DC within the same site
gives the "target principal name is incorrect" when trying to replicate
to this restore DC. The DC on the other site of the WAN link gives
"Access is denied" when trying to replicate this DC.
Just less than a week ago I did forestprep and domainprep to my
Windows 2000 domain so as to allow a Windows 2003 server to be promoted
to DC into this domain. Unluckily today the Windows 2000 DC that host
the PDC, RID, Infrastructure master could not completely startup
(directory service database corrupted). The ghost image does not
contains the changes to the AD of forestprep and domainprep.
Is there a way to resolve this replication
problem?
