Re: root domain lost
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Sat, 7 Oct 2006 20:36:28 -0500
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:uvHErOl6GHA.4568@xxxxxxxxxxxxxxxxxxxxxxx
Hi
- I hope you learned the lesson (have at least 2 DC per domain)
- You lost the Root you LOST EVERYTHING.
- Correct most of the scenarios multiple domains aren't needed.
- What do you mean with "freestanding domain"? New Forest?
- Yeah you lost the root where you should have Enterprise admins that's
one of the reasons why the Root is soo important.
- What do you mean with "upgrading the two remaining domains"? If you lost
the forest, you need to migrate all objects to the new forest.
- No you don't want to add more domains... You lost the Root you loose
everythimg, say bye bye to the forest.
*Create a a New forest, export the objects from the old domain(s) to the
new forest, make sure that you have at least 2 DCs in each Domain make
them GCs (or have at least 1 GC persite), be carefull with backups in the
future.
Mostly we said the same thing (he multiply posted this in
both AD groups).
I did wonder whether he can create an external trust to
a new domain (in new forest) and do a ADMT migration.
I can think of no reason off hand why he cannot do this has
a migration rather than export and import, can you?
Otherwise I told him to do the LDIFDE (or equivalent)
export.....
Actually, if the migration works they are getting off easier
than they deserve.
I can sort of understand one DC per domain, OR lousy backups
of the DCs, but not both -- if the domain has any value whatsoever.
Live and learn....
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
"hcb" <hcb@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C6EE6942-3EED-4785-97AC-061E8BFC0BB9@xxxxxxxxxxxxxxxx
We had a forest of three domains each with a single server. We lost the
root
forest domain controller. It was then decided to reduce the complexity
and
run the domains as individual domains. The original root domain was
replaced
with a freestanding domain. We now have problems changing and upgrading
the
two remaining domains as it requires the user to be a member of the
enterprise admins and this group no longer exists as the root domain is
missing. I have tried using ADSI edit to take ownership o some of the
containers without any luck.
we actually want to add a windows 2003 server to one of the domains with
2 x
ws2000 servers in it but adprep /forestprep requires user as a member of
enterprise admin and more. using ntdsutil to sieze domain naming master I
get
"insufficient access rights to perform the operation" what Now HOW can I
seize the role and or how can I give the domain admiistrator the required
rights
How can I give the local administrator all the rights or
.
- Follow-Ups:
- Re: root domain lost
- From: Jorge Silva
- Re: root domain lost
- References:
- Re: root domain lost
- From: Jorge Silva
- Re: root domain lost
- Prev by Date: Re: Replication
- Next by Date: Re: Memory leaks while using Microsoft LDAP C API with the LDAP_OPT_CLIENT_CERTIFICATE
- Previous by thread: Re: root domain lost
- Next by thread: Re: root domain lost
- Index(es):
Relevant Pages
|
