Re: removing second DC from forest
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Sat, 16 Dec 2006 11:59:36 -0000
Glad to Help
Merry Christmas!!!
--
*************************************************
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA + Exchange + MSCE
*************************************************
"Ams" <Ams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:1BD67434-BAB4-48DF-910C-1C2CA0B12B0A@xxxxxxxxxxxxxxxx
Hello Jorge,
I have successfully removed DC2 using ADSS. My DC1 seems to be working fine.
Thank you much for helping me on this project. I really appreciate your help.
"Jorge Silva" wrote:
Check
http://support.microsoft.com/kb/216498
--
*************************************************
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA + Exchange + MSCE
*************************************************
"Ams" <Ams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1B84B737-30E9-4578-8336-75FA5DF88DDE@xxxxxxxxxxxxxxxx
>I am sorry to ask you again, but in ADSS, Site -- Default-first-site
> --servers, it shows DC1 and DC2. In DC1, NDTS setting it says replicate
> from
> DC2 and In DC2 it says replicate from DC1. Which one do I have to > remove,
> ndts setting of DC2 (which says replicate from DC1) and then DC2 or of > the
> DC1.
>
>
> "Ams" wrote:
>
>> I got the error while running dcpromo on dc2. I didn't checked the box
>> which
>> says "This is last domain controller ...". I am usning the password >> for
>> administrator which is same on both DC.
>>
>> The error comes up as:
>>
>> The operation failed because
>> Managing the network session with dc1.abcd.local failed.
>> "Logon failure: The target account name is incorrect"
>>
>> Please advise. Thanks.
>>
>> "Jorge Silva" wrote:
>>
>> > Ok
>> > When you run Dcpromo on DC2, that action will remove the Domain
>> > Controller
>> > Role from DC2 and DC2 will become a member server of your domain.
>> > However the server will remain in ADSS (this is by design), you just
>> > need to
>> > go to the ADSS (on DC1) and manually remove the server from ADSS, >> > this
>> > is
>> > done after you run dcpromo on DC2.
>> > *ADSS = Active Directory Sites and Services
>> > -- >> > *************************************************
>> > I hope that the information above helps you
>> > Good Luck
>> >
>> > Jorge Silva
>> >
>> > MCSA + Exchange + MSCE
>> > *************************************************
>> >
>> > "Ams" <Ams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > news:FB74A90D-68E4-41CC-BF8D-718E43A20AC1@xxxxxxxxxxxxxxxx
>> > > Hi Jorge,
>> > >
>> > > I am doing it in order you adviced:
>> > > *Correct order of operations:
>> > > - Transfer any services that you might have on the DC2 to DC1 >> > > (like;
>> > > DNS,
>> > > DHCP, Wins, DFS, etc).
>> > > Non of these services running on DC2.
>> > >
>> > > - Transfer any FSMO roles from the DC2 to the DC1 (If DC2 has any
>> > > FSMO
>> > > roles)
>> > > Checked with NTDSUtil on both DC. The result on DC2 as: DC2 knows
>> > > about 5
>> > > roles
>> > >
>> > > Schema -CN=NTDS Settings, CN=DC1, CN=servers, >> > > CN=default-first-site,
>> > > CN=sites, CN=Configuration, DC=ABCD, DC=Local
>> > > Same result is for Domain, PDC, RID and Infrastructure.
>> > >
>> > > - Make Sure that the DC1 is a GC
>> > > Yes, DC1 is GC
>> > > - Shutdown the DC2
>> > > Shutdown the machine for one week so far.
>> > >
>> > > - Wait a couple of days and make sure that everything is working >> > > good
>> > > without the DC2 online.
>> > > No complains so far.
>> > > - If everything OK with DC2 offline, take it online again and use
>> > > Dcpromo
>> > > to
>> > > remove the old DC from network, (Ps: don't forget to remove it
>> > > manually from Active Directory Sites and Services because Dcpromo
>> > > won't do
>> > > that for you)
>> > >
>> > > Now my next step is to run DCpromo on DC2. Do I have to remove it
>> > > from
>> > > Active directory sites and services on both DC1 and DC2? Can you
>> > > clarify
>> > > little bit on this, please.
>> > >
>> > > Thanks for your help.
>> > >
>> > > "Jorge Silva" wrote:
>> > >
>> > >> > 1. Take the DC to be demoted offline: by this you mean take the >> > >> > DC
>> > >> > out
>> > >> > of
>> > >> > network right.
>> > >> Understand that this is more like a protective measure, to ensure
>> > >> that
>> > >> when
>> > >> you take the DC off doesn't stop anything else in your network.
>> > >> Simply
>> > >> shutdown the Server for a couple of days, and make sure that >> > >> noone
>> > >> complains
>> > >> about anything.
>> > >>
>> > >> > 2. don't forget to manually remove it from Active Directory >> > >> > Sites
>> > >> > and
>> > >> > Services: by this you mean run active directory sites and >> > >> > services
>> > >> > on
>> > >> > DC
>> > >> > server01 which is GC, right. In my case, I have to remove DC >> > >> > named
>> > >> > server02.
>> > >> After you run Dcpromo on DC2 to remove it, the DC2 object remains >> > >> on
>> > >> the
>> > >> Active directory sites and services this is by design, you've to
>> > >> remove
>> > >> it
>> > >> manually, only after Dcpromo.
>> > >>
>> > >> > 3. Transfer any FSMO roles from the DC to be demoted to the DC
>> > >> > that
>> > >> > will
>> > >> > stay
>> > >> > in your network, also make sure that the DC is a GC: When do I >> > >> > do
>> > >> > it
>> > >> > before
>> > >> > making DC (which has to be demoted) offline or after.
>> > >> do you have any FSMO roles on the DC2? If yes transfer them >> > >> before
>> > >> Dcpromo
>> > >> and before taking the DC2 offline, if no you don't have anything >> > >> to
>> > >> worry
>> > >> about.
>> > >>
>> > >> > 4. If everything OK with that DC offline, take it online again >> > >> > and
>> > >> > use
>> > >> > Dcpromo to remove the old DC from network: You mean take the DC
>> > >> > out of
>> > >> > network and do dcpromo and reconnect it to the network and run
>> > >> > dcpromo
>> > >> > again
>> > >> > to remove DC from network, right.
>> > >> When I said take it off line is just shutdown the server. Then >> > >> after
>> > >> a
>> > >> couple of days if noone complains, you take it online again, and >> > >> run
>> > >> dcpromo.
>> > >> *Correct order of operations:
>> > >> - Transfer any services that you might have on the DC2 to DC1 >> > >> (like;
>> > >> DNS,
>> > >> DHCP, Wins, DFS, etc).
>> > >> - Transfer any FSMO roles from the DC2 to the DC1 (If DC2 has any
>> > >> FSMO
>> > >> roles)
>> > >> - Make Sure that the DC1 is a GC
>> > >> - Shutdown the DC2
>> > >> - Wait a couple of days and make sure that everything is working
>> > >> good
>> > >> without the DC2 online.
>> > >> - If everything OK with DC2 offline, take it online again and use
>> > >> Dcpromo
>> > >> to
>> > >> remove the old DC from network, (Ps: don't forget to remove it
>> > >> manually from Active Directory Sites and Services because Dcpromo
>> > >> won't
>> > >> do
>> > >> that for you)
>> > >>
>> > >> -- >> > >> *************************************************
>> > >> I hope that the information above helps you
>> > >> Good Luck
>> > >>
>> > >> Jorge Silva
>> > >>
>> > >> MCSA + Exchange + MSCE
>> > >> *************************************************
>> > >>
>> > >> "Ams" <Ams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > >> news:11833C01-232E-494C-9FDC-85DA116FF79F@xxxxxxxxxxxxxxxx
>> > >> >I am just trying to make sure:
>> > >> >
>> > >> > 1. Take the DC to be demoted offline: by this you mean take the >> > >> > DC
>> > >> > out
>> > >> > of
>> > >> > network right.
>> > >> >
>> > >> > 2. don't forget to manually remove it from Active Directory >> > >> > Sites
>> > >> > and
>> > >> > Services: by this you mean run active directory sites and >> > >> > services
>> > >> > on
>> > >> > DC
>> > >> > server01 which is GC, right. In my case, I have to remove DC >> > >> > named
>> > >> > server02.
>> > >> >
>> > >> > 3. Transfer any FSMO roles from the DC to be demoted to the DC
>> > >> > that
>> > >> > will
>> > >> > stay
>> > >> > in your network, also make sure that the DC is a GC: When do I >> > >> > do
>> > >> > it
>> > >> > before
>> > >> > making DC (which has to be demoted) offline or after.
>> > >> >
>> > >> > 4. If everything OK with that DC offline, take it online again >> > >> > and
>> > >> > use
>> > >> > Dcpromo to remove the old DC from network: You mean take the DC
>> > >> > out of
>> > >> > network and do dcpromo and reconnect it to the network and run
>> > >> > dcpromo
>> > >> > again
>> > >> > to remove DC from network, right.
>> > >> >
>> > >> > Hope you won't mind answering these queries. Thanks.
>> > >> >
>> > >> > "Jorge Silva" wrote:
>> > >> >
>> > >> >> Ok
>> > >> >> So you already uninstalled Exchange from that DC, next thing >> > >> >> to
>> > >> >> do is
>> > >> >> to
>> > >> >> use
>> > >> >> dcpromo to remove that server, just run dcpromo on the server
>> > >> >> (that
>> > >> >> you
>> > >> >> want
>> > >> >> to demote), and don't forget to manually remove it from Active
>> > >> >> Directory
>> > >> >> Sites and Services.
>> > >> >> - Transfer any other services that you might have on the DC to >> > >> >> be
>> > >> >> demoted
>> > >> >> (like; DNS, DHCP, Wins, DFS, etc).
>> > >> >> - Transfer any FSMO roles from the DC to be demoted to the DC
>> > >> >> that
>> > >> >> will
>> > >> >> stay
>> > >> >> in your network, also make sure that the DC is a GC.
>> > >> >> How to view and transfer FSMO roles in Windows Server 2003
>> > >> >> http://support.microsoft.com/kb/324801/en-us
>> > >> >> - Take the DC to be demoted offline; confirm that everything
>> > >> >> works
>> > >> >> with
>> > >> >> that
>> > >> >> DC offline (you can test this by having that DC offline >> > >> >> several
>> > >> >> days).
>> > >> >> - If everything OK with that DC offline, take it online again >> > >> >> and
>> > >> >> use
>> > >> >> Dcpromo to remove the old DC from network, (Ps: don't forget >> > >> >> to
>> > >> >> remove
>> > >> >> it
>> > >> >> manually from Active Directory Sites and Services)
>> > >> >> -- >> > >> >> *************************************************
>> > >> >> I hope that the information above helps you
>> > >> >> Good Luck
>> > >> >>
>> > >> >> Jorge Silva
>> > >> >>
>> > >> >> MCSA + Exchange + MSCE
>> > >> >> *************************************************
>> > >> >>
>> > >> >> "Ams" <Ams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > >> >> news:187BF5B3-5244-4580-AC60-AFAA37016614@xxxxxxxxxxxxxxxx
>> > >> >> > Thanks for reply. When I do dcpromo on server02, can I do it >> > >> >> > by
>> > >> >> > disconnecting
>> > >> >> > from network or not. If I do dcpromo on server02, am I going >> > >> >> > to
>> > >> >> > have
>> > >> >> > any
>> > >> >> > impact on server01 or on forest. The exchange server is
>> > >> >> > installed
>> > >> >> > but
>> > >> >> > not
>> > >> >> > enabled, so hopefully I could uninstalled it without problem
>> > >> >> > (hopefully!).
>> > >> >> > What are the things I have to do from server01, do i have to
>> > >> >> > run
>> > >> >> > ntdsutil.exe
>> > >> >> > on it and remove server02, do I have to run Active >> > >> >> > directory
>> > >> >> > sites
>> > >> >> > and
>> > >> >> > services on server01 and remove server02 from it? >> > >> >> > Appreciate
>> > >> >> > your
>> > >> >> > help.
>> > >> >> >
>> > >> >> > "Jorge Silva" wrote:
>> > >> >> >
.
- References:
- Re: removing second DC from forest
- From: Jorge Silva
- Re: removing second DC from forest
- From: Jorge Silva
- Re: removing second DC from forest
- From: Ams
- Re: removing second DC from forest
- From: Jorge Silva
- Re: removing second DC from forest
- From: Ams
- Re: removing second DC from forest
- From: Jorge Silva
- Re: removing second DC from forest
- From: Ams
- Re: removing second DC from forest
- From: Ams
- Re: removing second DC from forest
- From: Jorge Silva
- Re: removing second DC from forest
- From: Ams
- Re: removing second DC from forest
- Prev by Date: Re: how to restrict users to search in their own Organizational Unit
- Next by Date: Re: Creating Own MSI Packages
- Previous by thread: Re: removing second DC from forest
- Next by thread: Existing User profiles and settings
- Index(es):
Relevant Pages
|
