Re: FSMO role issues after demoting and re-promoting server
- From: "Paul Bergson" <pbergson@xxxxxxxxxx>
- Date: Mon, 9 Jan 2006 07:08:35 -0600
I thought you needed a new sid (Hence the rebuild on the o/s)?
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:%23HTbL5OFGHA.3120@xxxxxxxxxxxxxxxxxxxxxxx
> "Paul Bergson" <pbergson@xxxxxxxxxx> wrote in message
> news:uB0OB8LFGHA.1396@xxxxxxxxxxxxxxxxxxxxxxx
>> Don't seize anything!!! When you demote a dc, it will gracefully
>> transfer any fsmo roles it holds to another available dc. Once you seize
>> a role the dc should NEVER be put back on line without first cleaning any
>> metadata problems and rebuilding the o/s.
>>
>
> You don't need to rebuild the OS but you DO NEED to
> do a DCPromo 'cycle' (non-DC and optionally back) if
> you wish to return the original DC to the network.
>
> Technically it is a new DC then and doesn't cause problems.
>
> The OS itself does not need to be re-installed.
>
> Listen to Paul about seizing -- don't do this IF you plan to
> return the former role holder to the net OR if your roles
> have been transferred to some other DC without you
> realizing it.
>
> First find out WHERE your roles are currently located...
> then transfer any that are still active IF necessary.
>
> Technically a seizure SHOULD turn into a transfer if
> the role holder is online and DNS is correct but that is
> NEVER guaranteed so move carefully.
>
> --
> Herb Martin, MCSE, MVP
> Accelerated MCSE
> http://www.LearnQuick.Com
> [phone number on web site]
>
>>
>> To make sure there aren't any problems
>>
>> Run diagnostics against your Active Directory domain.
>>
>> If you don't have the tools installed, install them from your server
>> install disk.
>> d:\support\tools\setup.exe
>>
>> Run dcdiag and netdiag in verbose mode.
>>
>> If you download a gui script I wrote it should be simple to set and run.
>> It also has the option to run individual tests without having to learn
>> all the switch options.
>>
>> The script is at http://pbbergs.dynu.com/windows/windows.htm, download it
>> and save it to c:\program files\support tools\
>>
>> Just select both dcdiag and netdiag make sure verbose is set. (Leave the
>> default settings for dcdiag as set when selected)
>>
>> When complete search for fail, error and warning messages.
>>
>>
>> --
>>
>>
>> Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> "Kremlar" <kremlar@xxxxxxxxxxx> wrote in message
>> news:OHaZJRKFGHA.1100@xxxxxxxxxxxxxxxxxxxxxxx
>>> Was in the middle of a migration from a Windows 2000/Exchange 2000
>>> Server to a Windows 2003/Exchange 2003 server. The plan was to keep the
>>> old Windows 2000 Server online afterwards as a backup Domain Controller,
>>> print server, etc.
>>>
>>> I joined the new server to the domain, made it a DC, migrated Exchange,
>>> etc. I also made it a Global Catalog Server and transferred all the FSMO
>>> roles to it.
>>>
>>> I had a problem with it fully replicating the domain, basically not
>>> replicating the SYSVOL/etc shares. Without thinking, I ran DCPROMO on
>>> the new server to demote it, then about 30 mins later ran DCPROMO on it
>>> again to make it a domain controller again to see if the problem would
>>> be corrected.
>>>
>>> The replication problem has now been solved, but I think I made a
>>> mistake by not transferring the FSMO roles off the server before
>>> demoting it.
>>>
>>> Once I solved all the issues and everything was running well, I went
>>> ahead and made it a Global Catalog Server again. I figured I'd also
>>> check the FSMO roles. I checked the Schema Master role and it was set
>>> back to OLDSERVER. I changed the Domain Controller to NEWSERVER, that
>>> took fine. I then went to change the Operations Master, and it told me
>>> it could not locate the source server and I would have to seize the role
>>> (which it advised against).
>>>
>>> I then changed the Domain Controller back to OLDSERVER and it looks like
>>> the Schema Master is set to OLDSERVER and is working, but I have my
>>> doubts.
>>>
>>> I really don't care which server the FSMO roles are on, but now I'm
>>> concerned they are not functioning correctly and it will come back to
>>> haunt me.
>>>
>>> I'm afraid to 'seize' the roles because both servers are still online
>>> and I'm not sure of the ramifications in this situation.
>>>
>>> In summary, OLDSERVER was the original FSMO roles owner. I set
>>> NEWSERVER as the owner for all FSMO roles, then demoted it and
>>> re-promoted it without moving the FSMO roles first. Now AD thinks
>>> OLDSERVER is the owner, but it won't allow me to change it to NEWSERVER.
>>>
>>> Any advice would be greatly appreciated.
>>>
>>> Thanks!
>>>
>>>
>>
>>
>
>
.
- Follow-Ups:
- Re: FSMO role issues after demoting and re-promoting server
- From: Kremlar
- Re: FSMO role issues after demoting and re-promoting server
- From: Herb Martin
- Re: FSMO role issues after demoting and re-promoting server
- References:
- FSMO role issues after demoting and re-promoting server
- From: Kremlar
- Re: FSMO role issues after demoting and re-promoting server
- From: Paul Bergson
- Re: FSMO role issues after demoting and re-promoting server
- From: Herb Martin
- FSMO role issues after demoting and re-promoting server
- Prev by Date: Re: Reinstall AD
- Next by Date: Re: Additional Domain Controller
- Previous by thread: Re: FSMO role issues after demoting and re-promoting server
- Next by thread: Re: FSMO role issues after demoting and re-promoting server
- Index(es):
Relevant Pages
|
Loading
