Re: Cannot Create Users (and many other issues)...

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hello Steven,

You talk about PDC/BDC and then about ADUC, so i assume you have at least windows 2000 domain? Since 2000 there is no longer PDC/BDC concept, that ended with NT4. All DC's are the same, different are only the 5 FSMO roles which can be hold by any DC in the domain, according to some rules. You have a PDCEmulator role that you can see as the old PDC, but it is only for backwards compatibility.
Is the old "PDC" still running or shutdown, you only said offline? And how long is this? Make sure that the running DC is Global catalog server.
If the old PDC NEVER comes back and you have no other option you have to seize the FSMO roles to the existing DC according to this document: http://support.microsoft.com/kb/255504

Check in a command line with "netdom query /domain:yourdomain fsmo" without the quotes which roles are on which server.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Good morning, all.

We've recently run into a situation where an individual (who is no
longer with the company) decided to take our PDC offline and only left
our BDC up and running, but did not transfer control of the domain to
the BDC, nor did he promote the BDC.

Now, we're unable to create new users (even though there are no users
listed in ADUC...we simply get an error, "An error occurred. Contact
your system administrator." However, nothing ever shows up in the
event viewer. Within ADUC, even the "Raise Domain Function Level"
command states the domain is operating at the highest possible
functional level and the "Operations Masters" only lists the remaining
server as the Operations master and the PDC.

Any ideas on how we can get this remaining controller to "control" the
domain?

Thanx.



.

Relevant Pages

  • Re: DNS not syncing between PDC and BDC
    ... all DCs should be of the same SP level due to variances. ... But first, just an FYI, there is no such thing as a PDC or BDC in Active ... The FSMO roles can be transferred dynamically between DCs. ... you may have a possible DNS misconfiguration. ...
    (microsoft.public.win2000.dns)
  • Re: Adprep
    ... If you loose the DC with the FSMO role, your network will survive until that ... If you have run dcpromo it is now a DC you could just transfer the PDC ... does that mean the FSMO roles do also? ... In terms of running adprep during production hours, ...
    (microsoft.public.windows.server.migration)
  • Re: Failure of a PDC
    ... then the "pdc role" could be seized by another dc ... Perform Complete Backups of the Windows 2000 Server Operating ... 223346 FSMO Placement and Optimization on Windows 2000 Domain Controllers ... 197132 Windows 2000 Active Directory FSMO Roles ...
    (microsoft.public.win2000.active_directory)
  • Re: Restore AD Domain Controller
    ... are some exceptions which necessitate the FSMO roles. ... any kind of removal necessitates seizing the FSMO roles. ... PDC and RID are probably what's causing your problems, ... >> currently-functioning DC) to remove references to the failed DC: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Cant Find PDC, not located
    ... has the seizure of the FSMO roles already replicated to that DC? ... Deleted the original PDC from the network successfully. ... Now running dcdiag on the new PDC runs with no errors. ... /showreps shows successful replication. ...
    (microsoft.public.windows.server.active_directory)