Can I add a rebuilt DC back into AD?

G

Gordon

Guys

I support an active directory environment with several
domain controllers at different sites. At the Disaster
Recovery site which has a single DC this server
experienced a hardware fault which was not recoverable.
The server has now been rebuilt as a member server with
the same name. However Active Directory still has the
old DC in sites and services and users and computers.

NOTE : DCs and AD is not part of the back up solution

My question is ... can I dcpromo the newly built server
to promote it to a DC. Will this cause issues with
duplication? Do I need to remove the old DC from sites
and services first? Do I need to run ntdsutil to remove
further data? Or can I just promote the newly built DC
and active directory is clever enough to reassign
references from the old DC to the newly promoted DC?

Many thanks!
 
E

Evan Erwee [MVP]

Gorden I will do a MetaDirectory cleanup first and ensure that all DC's
replicated the change.



Evan Erwee [Active Directory MVP]



Look at Q216498 for details.
 
G

Gordon

Evan

Many thanks for your prompt response. I had hoped it
wouldn't be necessary to use ntdsutil but I guess it's
better to be safe than sorry.

Question ... what would've been the consequence had I
just run dcpromo on the new server whilst the AD has
references to the old DC?

Gordon
 
U

Ulf B. Simon-Weidner

Gordon says...
Guys

I support an active directory environment with several
domain controllers at different sites. At the Disaster
Recovery site which has a single DC this server
experienced a hardware fault which was not recoverable.
The server has now been rebuilt as a member server with
the same name. However Active Directory still has the
old DC in sites and services and users and computers.

NOTE : DCs and AD is not part of the back up solution

My question is ... can I dcpromo the newly built server
to promote it to a DC. Will this cause issues with
duplication? Do I need to remove the old DC from sites
and services first? Do I need to run ntdsutil to remove
further data? Or can I just promote the newly built DC
and active directory is clever enough to reassign
references from the old DC to the newly promoted DC?

Many thanks!
Click to expand...
Hello Gordon,

check the following two Articles first that you AD is clean:

298450 Deletion of Critical Objects in Active Directory in Windows 2000 and
Windows Server 2003
http://support.microsoft.com/?id=298450

216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
Controller Demotion
http://support.microsoft.com/?id=216498


Gruesse - Sincerely,

Ulf B. Simon-Weidner
 
U

Ulf B. Simon-Weidner

Gordon says...
Many thanks for your prompt response. I had hoped it
wouldn't be necessary to use ntdsutil but I guess it's
better to be safe than sorry.

Question ... what would've been the consequence had I
just run dcpromo on the new server whilst the AD has
references to the old DC?
Click to expand...
Being sorry.

Performing the metadata-cleanup is part of demoting - get back to a clean
environment then promote again.

Gruesse - Sincerely,

Ulf B. Simon-Weidner
 
G

Gordon

Guys

Thanks for your help so far.

I've run ntdsutil successfully and followed the
instructions from 216498.

However I can still see the old DC under "sites and
services" although it no longer has any NTDS Settings
properties. Furthermore the NTDS Site Settings
Properties still has the old DC as the inter-site
topology generator server.

Is this normal? Can I just delete the old DC from "sites
and services"?

Thanks again for your invaluable assistance.
Gordon
 
U

Ulf B. Simon-Weidner

Gordon says...
Guys

Thanks for your help so far.

I've run ntdsutil successfully and followed the
instructions from 216498.

However I can still see the old DC under "sites and
services" although it no longer has any NTDS Settings
properties. Furthermore the NTDS Site Settings
Properties still has the old DC as the inter-site
topology generator server.

Is this normal? Can I just delete the old DC from "sites
and services"?

Thanks again for your invaluable assistance.
Gordon
Click to expand...
Hi Gordon,

if the NTDS Settings are gone you can delete the server account. That's just
fines and happens.

Gruesse - Sincerely,

Ulf B. Simon-Weidner
 
G

Guest

Guys

Don't know if you'll be reading this but thanks for your
help. I've followed your advise and successfully re-
promoted the newly built DC back into the domain without
any errors.

Many thanks all
Gordon
 
U

Ulf B. Simon-Weidner

says...
Guys

Don't know if you'll be reading this but thanks for your
help. I've followed your advise and successfully re-
promoted the newly built DC back into the domain without
any errors.

Many thanks all
Gordon
Click to expand...
Sure we read it - glad you are happy and everything worked, and thanks for the
feedback.

Gruesse - Sincerely,

Ulf B. Simon-Weidner
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Crashed DC not demoted; brought back online not as DC 2
Only DC crashed, best way to restore 8
Rebuilt forest root DC, now got repl errors, SIDs? 2
AD replication problem with removed DC 1
Problem after DC has been rebuilt from scratch 5
DC restored from backup having AD issues... 2
Trouble replacing old DC 2
Slow Logons and Can't open files 0

Top