I cannot DCPROMO (degrade as member server)

M

myBasic

Hi all,

I promoted a server to be a 2nd DC yesterday, I change my mind and attempt
to degrade that server as a member server today, but failed. The error
message shown:

The operation failure because:
The Directory Service failed to replicate off changes mode locally.
"The DSA operation is unable to proceed because of a DNS lookup failure."

The questioned server name: a-server.domain.local <--
but the FSMO, or GC DC name: dc-server.domain.com <-- diff suffix

How do I fix it in DNS record?

Many thanks.
 
P

Paul Bergson [MVP-DS]

Something is definitely wrong.

You could do a dcpromo /forceremove followed by a metadata cleanup
http://support.microsoft.com/Default.aspx?id=216498

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
 
M

myBasic

Hi Paul,

Thanks for reply.

Now I just want to spend an hour to reinstall that member server, but I
cannot delete that server name in
dsa.msc, Domain Controller list
why?

Does it mean that I have to remove the AD metadata by Ntdsutil.exe. I fear I
would make severe mistake to affect the domain data.

Thanks
 
H

Herb Martin

myBasic said:
Hi Paul,

Thanks for reply.

Now I just want to spend an hour to reinstall that member server, but I
cannot delete that server name in

That is silly.

The likely reason you are had this trouble -- and probably the reason you
(didn't say) you decided to remove the new DC) is that you never configured
the DNS correctly.

95% of AD problems are actually DNS issues. Most likely is you didn't
set the NEW DC as a "DNS client" of the DNS server which
would register (or at least find) your Dynamic DNS Zone that supports
your domain. It is also possible you don't have the DNS set as dynamic
but odds of that are lower.
dsa.msc, Domain Controller list
why?

Does it mean that I have to remove the AD metadata by Ntdsutil.exe. I fear
I
would make severe mistake to affect the domain data.

Well don't make those mistakes. CONNECT to the WORKING server,
and SELECT the "dead" server for deletion -- if you do that (and it is the
only way it will do anything with only two servers involved) then you
cannot make a mistake and harm anything.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top