I don't know the exact problem but a couple things. Make sure that the
remaining domain controller is pointing to itself as it's preferred dns
server in tcp/ip properties. Other computers in the domain will need to
also. If you need to change the domain computers you may need to change the
dhcp scope and at least add your remaining domain controller to the dhcp
scope as a dns server. After you check that dns is confugred correctly, run
netdiag and dcdiag [on install cd in support/tools folder - run setup] on
the domain controller looking for any failed tests. If you did have to
change the dns server IP address for your domain controller run netdiag /fix
on it and then restart the netlogon service [I believe that is the right
order] before running netdiag and dcdiag . Also keep in mind that the
original domain controller may have held all five of the fsmo roles [rid,
pdc, etc] and was the global catalog. Eventually they are going to need to
be restored or seized but be very careful on how you do such as you should
not seize those roles if you plan to rebuild and restore the original dc.
anyhow I would check dns and run dcdiag first and proceed from there. ---
Steve
http://support.microsoft.com/default...b;en-us;197132 -- description
of fsmo roles
"JC" <(E-Mail Removed)> wrote in message
news:8A393C0A-5483-419B-8107-(E-Mail Removed)...
> Due to hardware failure on my root domain controller, my secondary domain
controller now authenticate for the entire domain. However, when I try to
edit Domain Security Policy, I receive the following error.
> "Failed to open the Group Policy Object. You may not have appropriate
rights. The specifited domain either does not exist or could not be
contacted."
> I took to hard drive from the root domain controller and try to boot it
with another machine, but it refuse to boot. Does anyone have any
suggestions?
Similar Threads
