operations master roles and AD removal

C

Craig

Hello...I'm planning on demoting a server that is having multiple issues.
Unfortunately, this server is the oldest of our domain and is providing
multiple services...it holds all of the operations master roles, is our main
file and print server, and acts as our sole DHCP, DNS and WINS server. As
you can guess, I do not wish to reimage this server if it can be avoided.
At present, we now have 3 domain controllers. The other two controllers are
operating fine. My plan is to take the troublesome server offline, have the
other two healthy domain controllers seize the operations master roles,
remove AD from the bad server using dcpromo /forceremove and then bring the
server back online as a member server. Does this sound like a workable plan
or are there issues that I need to be aware of that could cause problems?
Craig
System Administrator, Clermont County Public Library
 
C

Chriss3 [MVP]

Always try transfer the fsmo roles before you going for a seizure, ensure
there is another global catalog within the same site and a working dns zone
for your active directory domain.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
P

ptwilliams

Yes. But as it is up and running, can't you try a normal demotion?

Setup AD integrated DNS and allow for replication. Migrate WINS and DHCP,
move the FSMOs (not seize) and try a normal demotion.

If it works it's always better than the hard way...

--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


Always try transfer the fsmo roles before you going for a seizure, ensure
there is another global catalog within the same site and a working dns zone
for your active directory domain.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
C

Chriss3 [MVP]

Exactly :)

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
J

Jimmy Andersson [MVP]

FYI:

If you use the seize command in ntdsutil, it will first try to transfer the
role before it seizes it. So, in other words if it can transfer the role it
will before trying to seize it.

Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
 
C

Craig

My thanks to the group for the advice. I would prefer gracefully
transferring the roles, but one of the problems this server is having is
that it has stopped replicating, and any attempt to transfer the roles via
the AD applet results in the message that the server is offline. I've tried
just about everything to get it started again...stopping and starting the
service, rebooting, resetting the machine accountpassword, etc. Nothing
seemed to work. I've decided that this server has enough going on without
also acquiring the domain controller role, so I want to demote it.
Yesterday I did set the other domain controllers to act as secondary DNS
servers and set up a secondary WINS. User data is backed up nightly onto
tape, so I think I'm all set.
Craig
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Downgrade from Windows 2000 Advanced Server to Windows 2000 Server 1
Forced transfer of the infrastructure operations master 3
seizing master roles and GC 6
Taking over Operations Master / DC roles 6
Moving Operations Master Roles 1
Error on Operations Master server 1
Seizing Operations Master Roles 2
FSMO Roles 4

Top