Adding DC to AD domain

A

ASH

Here is what I have done:

I had 2 DC's for domain ZZZ (SVR1 & SVR2) that were
installed and working fine. I had to install RAID1 on
both which forced me to blow them away and start fresh
(using same net names). I took down SVR2 first, built the
RAID, installed 2000 server, and added it in to the domain
as a DC for domain ZZZ. Everything appeared to be working
fine.

Well, as soon as I blew away SVR1 and rebuilt, I am
running into some strange errors in the domain. I had
installed AD for the domain ZZZ and it joined with no
errors. But, when I try to do any form of administrative
duties, it spits back errors. Specifically the DNS
console says that the server cannot be contacted.

The event viewer logs point to several SAM errors (Event
16550) and NetLogon (Event 3096).

Where did I go wrong on SVR1 but did correctly on SVR2?

Please HELP!! Thanks in advance.
 
S

Simon Geary

Did you dcpromo the DC down to a member server before you rebuilt it? If
not, that is the cause of your problems.
 
G

Guest

No, I did not...but, I did not do that on the first one
either. I wanted to replicate the first method since it
appeared to work so well.

Is there any other way for me to fix this?

Thanks for the reply!!
--Ash
 
S

Simon Geary

Even if the first server appeared to work well with this process it would
certainly have been causing problems under the hood of AD. I would suggest
using dcpromo to bring srv1 back down to a member server and then using
dcpromo again to repromote it. Back up everything first, of course!

If dcpromo down to a member server fails for srv1 (as I suspect it might)
you can remove all trace of it from AD by following the metadata cleanup
procedure here http://support.microsoft.com/?id=216498

Basically, you have left AD in an unhealthy state by removing DC's without
'telling' AD what you have done. Readding a new DC with the same name
complicates things but if you can use the above procedures to remove all
reference of srv1 from AD it should be less problematic readding it again
later.

Do multiple backups at every step though, in case it all goes horrible
wrong.
 
A

ASH

Thanks Simon...I already tried your suggested method, but
AD will not let me run DCPROMO on SVR1. Is there any
other way?
 
S

Simon Geary

There is a free hotfix you can get from PSS that will allow you to use the
/forceremoval switch with dcpromo which is a last resort means to rip AD off
a domain controller. http://support.microsoft.com/?id=332199

Once you have done this, run the metadata cleanup from the other kb I
mentioned and then you will hopefully be able to re-add srv1 as a DC.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Restoring Ghost Image to W2K AD = Lost Synchronisation of accounts 12
AD mixup with PDC and BDC 1
Additional DC in AD domain 2
isolated DC fails to work 5
AD Trust to NT4 Domain 3
Remove orphaned Win2K DC from AD 2
AD Errors 5
DC doesn't register domain A record 3

Top