PC Review


Reply
Thread Tools Rate Thread

RE: error found after dc demote

 
 
Meinolf Weber
Guest
Posts: n/a
 
      4th Oct 2007
Hello patrick,

You can. Do you use DHCP, it's easier to change the DHCP scope settings for
the clients to use only the new ones. And the servers i would change to the
staying DNS servers, so that AD01 is not longer used for resolving. I would
configure like this:

AD05 preferred itself, second AD06
AD06 preferred itself, second AD05
AD01 preferred itself, second AD05



Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

> Hello Meinolf,
>
> May I have one more question about DNS?
>
> Right now, all machine's DNS setting are pointing to AD01. Any problem
> that if I change AD05's IP to AD01's IP after I demote AD01?
>
> Because I don't want to change any user pc and member server dns
> setting, do you think it is possible?
>
> Thanks a lot.
>
> Patrick
>
> "Meinolf Weber" wrote:
>
>> Hello patrick,
>>
>> Good luck and keep in mind to backup the machines and data BEFORE.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>>> Hello Meinolf,
>>>
>>> Thanks for your fast response and details explaination. I think the
>>> problem can be solved according to your info. You are very helpful
>>> really.
>>>
>>> I'll try the whole migrate process again and update the result soon.
>>>
>>> Thanks & best regards,
>>>
>>> Patrick
>>>
>>> "Meinolf Weber" wrote:
>>>
>>>> Hello patrick,
>>>>
>>>> see inline.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>>> Hi Meinolf,
>>>>>
>>>>> After demote AD01, I just delte the AD01 container IN "AD Sites
>>>>> and
>>>>> services"-> "Default-First-Sites-Name"->"Servers"--AD01"
>>>>> Then no more group policy errors found on any machine that i
>>>>> logon.
>>>> Fine.
>>>>
>>>>> AD01 is a first install DC, it is something bound to first
>>>>> insatall DC?
>>>>>
>>>> The only thing you have to look, is moving NOT seizing the 5 FSMO
>>>> roles to another DC. If you have an Exchange server youb have to
>>>> look that the Recipients update services are pointing to one of the
>>>> other DC's.
>>>>
>>>>> I'll try to remove DC completely according to your doc?
>>>>>
>>>> If you mean this one
>>>> (http://support.microsoft.com/?kbid=555846&SD=tech),
>>>> that's only for orphaned DC's. After the demotion the machine
>>>> should automatically
>>>>
>>>> move from DC OU to the computers container. If this is the case,
>>>> then the
>>>>
>>>> machine is only a member server, which can just be deleted like a
>>>> normal
>>>>
>>>> computer account. Before deleting this object give time for
>>>> replication between
>>>>
>>>> all DC's that they also update theire databases about the removed
>>>> DC. And
>>>>
>>>> you should also check with dcdiag and netdiag for errors.
>>>>
>>>> Also replmon to check replication between the DC's can be useful
>>>> now:
>>>>
>>>> http://technet2.microsoft.com/window...y/691910f2-a6a
>>>> 7- 4ced-984e-972aec2cbdd21033.mspx?mfr=true
>>>>
>>>> If all looks good, delete it.
>>>>
>>>>> Thanks again
>>>>>
>>>>> Patrick
>>>>>
>>>>> "Meinolf Weber" wrote:
>>>>>
>>>>>> Hello patrick,
>>>>>>
>>>>>> Seems that your removal with ntdsutil was not complete. Also
>>>>>> possible that they come back after rolling back AD01. Check with
>>>>>> that article again, if they will NEVER come back.
>>>>>> http://support.microsoft.com/?kbid=555846&SD=tech
>>>>>>
>>>>>> Also check again that the FSMO roles are on AD05 or AD06 and that
>>>>>> both machines are GC's. Just to be sure that AD01 is completely
>>>>>> ready for the removal.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers
>>>>>> no rights.
>>>>>>> yes, that 2 DC object are in DC OU.
>>>>>>>
>>>>>>> Thanks
>>>>>>>
>>>>>>> Patrick
>>>>>>>
>>>>>>> "Meinolf Weber" wrote:
>>>>>>>
>>>>>>>> Hello patrick,
>>>>>>>>
>>>>>>>> Are the objects in computers container or DC OU?
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>>
>>>>>>>> Meinolf Weber
>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>> warranties,
>>>>>>>> and
>>>>>>>> confers
>>>>>>>> no rights.
>>>>>>>>> Hi Meinolf,
>>>>>>>>>
>>>>>>>>> Because that 2 DC were out of order, I just use ntdsutil to
>>>>>>>>> remove it. DNS records are removed. Computer object still
>>>>>>>>> there.
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>> Patrick
>>>>>>>>>
>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>
>>>>>>>>>> Hello patrick,
>>>>>>>>>>
>>>>>>>>>> And they are not longer visible in DNS and AD? So now you are
>>>>>>>>>> more or less at the point before removing AD01?
>>>>>>>>>>
>>>>>>>>>> Best regards
>>>>>>>>>>
>>>>>>>>>> Meinolf Weber
>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>> warranties,
>>>>>>>>>> and
>>>>>>>>>> confers
>>>>>>>>>> no rights.
>>>>>>>>>>> ad02 and adtest had been removed by ntdsutil (not by
>>>>>>>>>>> dcpromo)
>>>>>>>>>>>
>>>>>>>>>>> Thanks
>>>>>>>>>>>
>>>>>>>>>>> Patrick
>>>>>>>>>>>
>>>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello patrick,
>>>>>>>>>>>>
>>>>>>>>>>>> You have to machines ad02 and adtest. Are they still active
>>>>>>>>>>>> or removed?
>>>>>>>>>>>>
>>>>>>>>>>>> Best regards
>>>>>>>>>>>>
>>>>>>>>>>>> Meinolf Weber
>>>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>>>> warranties,
>>>>>>>>>>>> and
>>>>>>>>>>>> confers
>>>>>>>>>>>> no rights.
>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Below are the reuslt again that I ran netdiag and dcdiag
>>>>>>>>>>>>> on AD05
>>>>>>>>>>>>>
>>>>>>>>>>>>> --------------------
>>>>>>>>>>>>>
>>>>>>>>>>>>> DCDIAG RESULT
>>>>>>>>>>>>>
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad01
>>>>>>>>>>>>>
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>>
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD01 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD01 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD01 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD01 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD01 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD01 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD01 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD01 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD01 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD01 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD01 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad05
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD05 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD05 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD05 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD05 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD05 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD05 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD05 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD05 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD05 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD05 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD05 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad06
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD06
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD06 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD06
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD06 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD06 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD06 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD06 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD06 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD06 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD06 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD06 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD06 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD06 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD06 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD06 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> Netdiag result
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>netdiag
>>>>>>>>>>>>> /d:hkcec.nws



 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
error found after dc demote =?Utf-8?B?UGF0cmljaw==?= Microsoft Windows 2000 Active Directory 25 2nd Nov 2007 03:06 AM
RE: error found after dc demote Meinolf Weber Microsoft Windows 2000 Active Directory 0 9th Oct 2007 12:27 PM
RE: error found after dc demote Meinolf Weber Microsoft Windows 2000 Active Directory 0 7th Oct 2007 04:23 PM
RE: error found after dc demote Meinolf Weber Microsoft Windows 2000 Active Directory 0 3rd Oct 2007 11:23 AM
RE: error found after dc demote Meinolf Weber Microsoft Windows 2000 Active Directory 0 27th Sep 2007 08:19 AM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 04:42 PM.