How to restore Active Directory from BDC to PDC???

[Tu A.Nguyen]

Hi network expert !
I'm using Windows 2000 Advanced Server on 2 servers. One is Primary Domain
Controller (PDC) and the other is Backup domain controller (BDC).
Now, my PDC is down but the BDC is still working. Please help me to restore
the Active Directory from BDC to PDC. I've reinstalled Win 2K Adv Server on
the PDC.
Thanks for reading.

Tu Nguyen.

 

[RedBox]

I am a little confused about your questions. I thought PDC and BDC concept
went out the door when you move from Windows NT 4.0 domain to a Windows 2000
Active Directory domain. Both of your Windows 2000 Server domain controllers
should be equal with all information replicated and constantly replicating
providing redundant DCs (assuming that you have set it up correctly in the
first place)

No sure what steps you had taken to reinstalled your Windows 2000 Advanced
Server but you should have demoted the domain controller that you were
planning to reinstall. After demoting it, you should be able to reinstall it
from scratch and then add it back to your Active Directory as an additional
domain controller.


RedBox

 

[Todd Maxey [MSFT]]

Tu,

Here is our assumptions:

1. You have 1 forest with one domain with two domain controllers.
2. The machine that you are referring to as the PDC is a Windows 2000 domain
controller hosting all five FSMO roles and the global catalog (GC).
3. DNS for your domain is running on the remaining domain controller you
refer to as the BDC.

Here is what you need to do

1. The re-installed machine you refer to as the PDC make it a member of a
workgroup. If you have already joined it to the domain join it back to a
workgroup. You can call the workgroup any name you want as long as it does
not conflict with any other NetBIOS name on your network.
2. Make sure that the name on the re-install machine you refer to as PDC has
the name you want it to have. If that name is the same as it was before the
re-build that is OK.
3. Make sure that the machine you call BDC is running DNS.
4. Make sure that the machine you call BDC is pointing to itself for DNS in
the TCP/IP properties
5. Make sure that the re-installed machine you refer to as the PDC is
pointing to the machine you call BDC for DNS in the TCP/IP properties
6. Performa a metadata cleanup to remove the machine you call PDC from the
active directory.
a. HOW TO: Remove Data in Active Directory After an Unsuccessful
Domain Controller Demotion - http://support.microsoft.com/?kbid=216498
7. If the computers machine account object is present in Active Directory
User and Computers under the Domain Controllers OU, try and delete it. If
the object cannot be deleted you will need to change the UserAccountControl
attribute on the object to a value of 4096 with ADSI Edit which is part of
the support tools. This should allow you to readily delete the object.
a. How to Use the UserAccountControl Flags to Manipulate User
Account Properties - http://support.microsoft.com/?kbid=305144
8. Use NTDSUTIL to seize the FSMO roles to the machine you call BDC
a. Windows 2000 Active Directory FSMO Roles -
http://support.microsoft.com/?kbid=197132
b. Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a
Domain Controller - http://support.microsoft.com/?kbid=255504
9. Make the machine you refer to as BDC a Global Catalog.
a. HOW TO: Create or Move a Global Catalog in Windows 2000 -
http://support.microsoft.com/?kbid=313994
b. When you make the machine you refer to as BDC a Global
Catalog you will receive an 1110 event in the Directory Service log. Do not
reboot the machine until you receive an 1119 event in the Directory Service
log.
10. You are now ready to join the re-installed machine you call PDC back to
the domain as a member server. Please make sure that the machine account
shows up in Active Directory Users and Computers.
11. Run DCPROMO to promote the machine back to a domain controller.

After the successful promotion you will be free to move DNS, the FSMO roles
and the GC back to their original positions.


hope this helps.


Todd Maxey