Re: How to recover from DC without GC?
- From: "Per Hagstrom" <per.hagstrom@xxxxxxxxxxxxxx>
- Date: Fri, 19 Jan 2007 00:53:57 -0600
Update:
Already seized all the FSMO roles. Made it GC. Tried to run the metadata
cleanup, but can't find the crashed server, it seems like it's already gone.
I think when I took ownership of the FSMO roles before, I somehow followed
some instructions on how to completely get rid of the old DC. So guess the
cleanup is already taken care of.
However, running DCdiag gives me one problem. Here is the capture of the
problem:
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... Domain.com failed test FsmoCheck
Everything else passed fine. Seems like it's having trouble becoming a GC?
Also if I open A.D. Users and Computers, and try to open a Group Policy, it
also gives me an error about not being able to find the DC for GP
operations. Also saw an error in the event log about SYSVOL having trouble
getting created/shared...
Any ideas what to try next?
Many thanks for all your help!! :)
/ Per
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:Occ4YefOHHA.3900@xxxxxxxxxxxxxxxxxxxxxxx
"Per Hagstrom" <per.hagstrom@xxxxxxxxxxxxxx> wrote in message
news:eBQmxYfOHHA.4172@xxxxxxxxxxxxxxxxxxxxxxx
OK, the reason I asked was when I first tried to promote it and make it
GC, it complained it couldn't find the "domain", the DNS didn't work, A.D
didn't work and so on... but now after waiting a while, it had actually
recreated itself somehow... !
Only problem now is when I tried to join a new server to become another
DC, it complained again about domain not found... strange.. maybe that's
part of the metadata cleanup?
You've got DNS problems. DNS is the MAIN cause of both authentication
and replication issues in Windows AD domains, and authentication PLUS
replication is required for DCPromo (authenticate you the admin, and
replicate
the new DC etc.)
The new server must use STRICTLY the DNS server that knows (how to find)
the DNS zone which supports AD.
So must the existing DC and all other domain machines on the NIC->IP
properties.
You zone must be dynamic. The DC must be registered and it should be able
to pass a full DCDiag (support tools from server CDRom). Save text to a
file
and search for FAIL and WARN.
Fix those or post the unedited text from both DC and "new server" output
of: "IPconfig /all >file.txt" as well as DCDiag you did above:
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
.
- Follow-Ups:
- Re: How to recover from DC without GC?
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: How to recover from DC without GC?
- From: Paul Bergson [MVP-DS]
- Re: How to recover from DC without GC?
- References:
- How to recover from DC without GC?
- From: Per Hagstrom
- Re: How to recover from DC without GC?
- From: Jorge Silva
- Re: How to recover from DC without GC?
- From: Per Hagstrom
- Re: How to recover from DC without GC?
- From: Herb Martin
- How to recover from DC without GC?
- Prev by Date: Re: Active Directory Only Displays Local Objects: Problem Solved
- Next by Date: Re: ADFS & MOSS 2007 troubles
- Previous by thread: Re: How to recover from DC without GC?
- Next by thread: Re: How to recover from DC without GC?
- Index(es):
Relevant Pages
|
