Failed Server on ADS Network

  • Thread starter msnews.microsoft.com
  • Start date
M

msnews.microsoft.com

Good morning:

I've got a network of four servers, one exchange, two global catalogs and
one that's just a member server. The machine that was the first server in
the site has failed and I need to replace it. The hardware died and I have
a brand new Dell server that's going in there.

What do I need to do. Is it as simple as putting in my 2000 CD and just
'rejoining' the domain or is there anything else I need to do?

At this point I'll take all the advice I can get, I'm a Unix junkie, not a
Windows admin and I'd relly really prefer not to take down our production
network (accidentally or intentionally) if I can at all avoid it!

Thanks,

-brian
brian at visionpro.com
 
G

Guest

Hi

As this was the first server on your network, it is likely that it holds (or
rather... it did hold) the Operations Master Roles/FSMO Roles (Schema Master,
Domain Naming master, PDC Emulator, RID Master, and Infrastructure Master),
unless you know that you've changed these to different servers in the past.
With the current server failed, and a new server due to be brought online,
you need to 'seize' the roles on another server.
Personally, I would avoid seizing the roles at the Exchange server. Others
might advise differently, but I would advise against it.

Are you familiar with NTDSUTIL (command line tool)?
NTDSUTIL is used to seize the roles (and perform other various AD related
tasks) and is usually fairly painless when used correctly.

When the roles are seized, the object representing the failed server will
need to be removed from Active Directory. At this stage, you might find that
the server doesn't completely remove, and a therefore 'metedata cleanup' is
required using NTDSUTIL.

When all of the above is done, the new server can be brought online, then
run dcpromo to make it a domain controller. After that point you need to
decide whether to transfer the roles over to the new server. 'Transfer' is
another option within NTDSUTIL.

A couple of useful links:
http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
http://support.microsoft.com/default.aspx?scid=kb;en-us;216498
http://support.microsoft.com/default.aspx?scid=kb;en-us;328775

I hope the above helps. Feel free to ask any further questions.

Cheers
Dan Sime
 
C

Cary Shultz

Brian,

I am assuming that the Exchange Server is also a Domain Controller? I might
change this. You would simply stop all of the Exchange related services and
run dcpromo. However, this can be done after you have straightened the
other stuff out.

As Dan stated, since it was the first DC that failed it likely holds all
five of the FSMO Roles. See Dan's post for what those five are. How do you
figure out what DC holds which of the five FSMO Roles? Well, there are a
lot of ways. One way is to install the Support Tools ( either from the
Service Pack CD-Media from the MS web site - avoid using the Support Tools
on the WIN2000 Server CD-Media as those are a bit outdated now and have a
few known issues ). Then, simply enter 'netdom query fsmo'. This will tell
you what DC holds which role.

Another way is to use the GUI. Yet another way is to use ntdsutil. Please
see the following two MSKB Articles:

http://support.microsoft.com/?id=255690

http://www.microsoft.com/resources/...server/reskit/en-us/distrib/dsfl_utl_prvc.asp
( watch for word-wrap on this.... )

However, I would suspect that the now-dead DC is the one that held the five
FSMO roles. If this is the case then you need to do a couple of things.

You need to seize the roles. When changing the holder of any FSMO role you
have two options: transfer and seize. You would normally use the transfer
method. However, in a case where a DC that was ungracefully removed from
the domain ( such as hardware failure... ) you need to seize any of the
roles that this DC held. In this case you would have to use ntdsutil.

Dan gave you three very useful links. Especially the third one. Most
people forget about that one. It can happen and you will scratch your head
trying to figure it out....

So, assuming that you figure all of this out ( if you can not then please
post.... ) let's talk about running the Exchange Server on a Domain
Controller.

While it works just swell ( I would suggest that if you are going to do this
then you make that DC also a Global Catalog Server as Exchange makes
extensive use of a Global Catalog Server....if the GC is on the local
machine then Exchange does not need to go over the wire, etc. ).

However, it ( running Exchange on a DC ) also adds a layer of complexity.
Troubleshooting that DC when you have Exchange running on it as well can be
tricky. Anyway, just a thought. Since you have two other Domain
Controllers ( always a really good idea..... ) there should be no problem
doing this. You call!

--
Cary W. Shultz
Roanoke, VA 24012

http://www.activedirectory-win2000.com
(soon to be updated!!!)
http://www.grouppolicy-win2000.com
(soon to be updated!!!)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ADS over different network 2
Recovering PDC from Hardware Failure 1
continous error on Active directory server event id 1126 0
active directory of users on win2k server 5
How many ADS server do I need? 4
scheduled shut down of PC's on network 5
Operation Failed removeing AD on a Win2k Server 3
Additional GLobal Catalog Server 2

Top