In big trouble - AD restore, Runned out of options.

Y

yikes!

My w2k PDC just died, totally crashed and burned which hosts my AD. Only
have a BDC NT4 box (needed for unix server to do NTLM with domain), got no
other BDC w2k boxes and my system state backup happens to be corrupted on
the media its on. (Murphy working its magic again).

So in theory Im dead! and probably will have to build another AD, using the
NT4 BDC which has the basic user account information to upgrade to a new w2k
domain

Then switch over all computers to new domain, and some how get access to the
mailboxes/PF's on the exchange server? I have all the mailboxes/folders on
backup (medias still good) so can probably redirect restore to another
exchange server, since I dont think I can easily reclaim the exchange server
due to different domain security ID's for all the objects.

Im on the right track, anyone got a miracle solution?
 
Y

yikes!

Mike said:
Do you have a backup of your W2K DC? If so how old is it?
Click to expand...

Nop, dont have a backup. Im currently creating a new AD.

Biggest problem yet to tackle is how to establish the old AD's exchange
server into the new AD.

Straight forward thing to do would be to setup new exchange server and
restore backups from 4 days ago (Friday), but prefer to find a different way
to salvage emails from over the weekend.
 
M

Mike

# of users in exhange? Public Folders?


yikes! said:
Nop, dont have a backup. Im currently creating a new AD.

Biggest problem yet to tackle is how to establish the old AD's exchange
server into the new AD.

Straight forward thing to do would be to setup new exchange server and
restore backups from 4 days ago (Friday), but prefer to find a different way
to salvage emails from over the weekend.
Click to expand...
 
J

Jorge_de_Almeida_Pinto

My w2k PDC just died, totally crashed and burned which hosts
my AD. Only
have a BDC NT4 box (needed for unix server to do NTLM with
domain), got no
other BDC w2k boxes and my system state backup happens to be
corrupted on
the media its on. (Murphy working its magic again).

So in theory Im dead! and probably will have to build another
AD, using the
NT4 BDC which has the basic user account information to
upgrade to a new w2k
domain

Then switch over all computers to new domain, and some how get
access to the
mailboxes/PF's on the exchange server? I have all the
mailboxes/folders on
backup (medias still good) so can probably redirect restore to
another
exchange server, since I dont think I can easily reclaim the
exchange server
due to different domain security ID's for all the objects.

Im on the right track, anyone got a miracle solution?
Click to expand...

Just to be sure... The W2K PDC belonged to the same domain as the NT4
BDC... Is this true? If yes.. the following might help you

As your AD is dead you also don’t have a configuration partition with
the Exchange configuration

try the following:
* Promote your last NT4 BDC to PDC (let’s call this box NT4DC01)
* Cleanup the NT4 domain by removing the account of the W2K PDC
* Install TWO!! W2K or W2k3 members in the NT4 domain and install and
configure DNS and WINS (and DHCP if needed) on them (W2KxDC01 and
W2KxDC02)
* Install additional NT4 BDC (let’s call this box NT4DC02) (use some
desktop) and point for DNS and WINS to W2KxDC01 and W2KxDC02
* if you have other w2k/wxp/w2k3 clients/servers see also:
http://support.microsoft.com/?kbid=298713 and
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q284937 and
http://www.petri.co.il/first_dc_in_domain_problem.htm. However your
clients might allready be using the old w2k pdc in the past so at this
moment they will not authenticate to the nt4 dc because the
w2k/wxp/w2k3 clients/servers already upgraded the secure chanel
* Upgrade NT4Dc02 to W2K or W2K3
* DCPROMO W2KxDC01 and W2KxDC02 to DCs
* Reconfigure AD OUs, sitees, subnets, etc
* Assign GC role to W2KxDC01 and W2KxDC02
* Transfer FSMO roles from NT4Dc02 to either W2KxDC01 or W2KxDC02
* Demote NT4Dc02 and remove from domain
* install exchange organisation, administrative groups, routing
groups, server with the same names
* restore exchange stores
* If needed connect mailboxes to user accounts

The SIDs used on resources will be no issue regarding translation
because you upgraded the domain and the domain SID does not change
because of that. Resources will still be available for users/groups
that existed on the NT4 BDC.
If you created a pristine w2k domain and migrated users from an NT4
domain to the AD domain then you would have a SID issue, but if I read
correctly it will be no issue

Cheers,
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD Trust to NT4 Domain 3
Migration Approach in NT4 to Win2K3 AD 1
NT4 to AD Question 5
To AD or not to AD, that is the question 2
NT4 to 2003 w/AD & new servers 5
dcpromo an creating a new domain in Windows 2000 AD (mixed-mode) 1
nt4 PDC upgrd to W2k AD - Password changing NG 5
NT 4 pdc and Win2000 AD 4

Top