Re: RENDOM /end fails

From: bytenik <bytenik@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 3 Nov 2008 09:45:01 -0800

I took care of the network card, and the 169.254 IP was not registered in
DNS. However, I cannot remove the failing domain controller, due to the
rename operation! The error is as follows:

DsRemoveDsServerW error 0x21a4(The Directory Service cannot perform the
requested operation because a domain rename operation is in progress.)

"Ace Fekay [Microsoft Certified Trainer]" wrote:

In news:4A1CCE55-5A5E-49BC-8339-819D5766331F@xxxxxxxxxxxxx,
bytenik <bytenik@xxxxxxxxxxxxxxxxxxxxxxxxx> requesting assistance, typed the
following:

I just noticed that desktop computers are getting errors as well in
the event log, referring to the old domain:

"Windows cannot connect to wtg.com domain. (Server Down). Group Policy
processing aborted. "

and also

"CN=David Pfeffer,OU=IT Department,DC=centralholidays,DC=com from a
different forest logged onto this machine. Cross Forest Group Policy
processing is disabled and loopback processing has been enforced in
this forest for this user account."
(This is from my desktop computer, and my name is David Pfeffer.)

Following is ipconfig /all from the domain controller. I only have one
actively running. The other one is gone and needs to be purged (which
I can't do until the domain rename is completed, because the forest
is currently frozen).
---
Windows IP Configuration

Host Name . . . . . . . . . . . . : WTGDC01
Primary Dns Suffix . . . . . . . : centralholidays.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : centralholidays.com
Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II
GigE (NDIS VBD Client)
Physical Address. . . . . . . . . : 00-19-B9-E5-F9-87
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.17.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.17.1.254
DNS Servers . . . . . . . . . . . : 10.17.1.7

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II
GigE (NDIS VBD Client) #2
Physical Address. . . . . . . . . : 00-19-B9-E5-F9-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.247.241
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :

Hi David,

I see two things amis. There are two NICs on a DC, which will cause issues,
and the other DC has to be removed from AD's NTDS database.

1. You will need to disable the second NIC. In DNS, delete any reference you
see to the 169.254.x.x addresses for the DC for host entries, the (same as
parent) entries, and under the _gc._msdcs.centralholidays.com zone.

2. Go into Sites and Services, make sure this DC is a GC. Click on the
current DC name, on the right you will see "NTDS" whcih you want to
right-click on it choosing properties, make sure the checkbox is checked
that it is a GC. If you see the old DC name in the list of servers, delete
it.

2. After completing step 1, to properly re-register the SRVs, in a CMD
prompt, run the following:
ipconfg /registerdns
net stop netlogon
net start netlogon

3. Follow the following article on how to check to see if the old DC is
gone, and if not, how to remove it.
How to remove data in Active Directory after an unsuccessful domain
controller demotion:
http://support.microsoft.com/kb/216498

Let me know how you make out. Also post any Event log errors (eventID # and
the source Name) that exist under any of the logs.

Thanks.

--
Ace

Follow-Ups:
- Re: RENDOM /end fails
  - From: Ace Fekay [Microsoft Certified Trainer]

References:
- Re: RENDOM /end fails
  - From: Ace Fekay [Microsoft Certified Trainer]

Prev by Date: WIN2K8 and WIN2K3 DCs
Next by Date: RE: RODC Using VPN
Previous by thread: Re: RENDOM /end fails
Next by thread: Re: RENDOM /end fails
Index(es):
- Date
- Thread

Relevant Pages

Re: DNS CORRUPT AND ALL SYSTEMS DOWN
... > This error can occur because of a common DNS misconfiguration. ... Ethernet adapter Local Area Connection: ... Source domain controller address: ... Starting test: CrossRefValidation ...
(microsoft.public.windows.server.dns)
Re: HELP! HELP!! HELP!!!
... How many DCs exist in this domain, how many domains in this forest? ... from this domain controller. ... Active Directory could not resolve the following DNS host name of the ... source domain controller to an IP address. ...
(microsoft.public.windows.server.security)
Re: win2003 external trust problem between domains in different forests
... I believe that the problem is that you're only resolving hostnames, not the FQDN of the Active Directory specific DNS entries. ... Look in your DNS under the _MSDCS folder and you'll see that there are DC specific entries that you're not likely to have in the HOSTS or LMHOSTS. ... names from forests to forest. ... When logged on to a domain controller in domain A, ...
(microsoft.public.win2000.active_directory)
Re: WINDOWS RAPLICATION ISSUE
... I am having single forest with Multiple domain in my each geogaphical ... You should have at least one DNS per site, ... 1)The local domain controller could not connect with the following domain ... Source domain controller address: ...
(microsoft.public.windows.server.active_directory)
Re: Migrate BDC cannot locate the Domain Controller
... Connection-specific DNS Suffix. ... Copyright 1985-2003 Microsoft Corp. ... Ethernet adapter Local Area Connection: ... - Host records that map the name of the domain controller to its IP ...
(microsoft.public.windows.server.sbs)