Urgent! Domain controller lost
in [Windows Servers]
|
From: Meinolf Weber [MVP-DS] on 17 Jun 2010 11:27 Hello Gaspar, run also the support tools on regular base: dcdiag /v /c /d /e /s:dcname >c:\dcdiag.txt netdiag /v >c:\netdiag.txt [from each DC, netdiag may work but isn't supported with Windows server 2008 and higher] repadmin /showrepl dc* /verbose /all /intersite >c:\repl.txt (if more then one DC exists) dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045) You're welcome. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > Everythink seems to be OK. > > Thanks a lot for your time! > > "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message > news:6cb2911d119ce8ccdc3a141fae47(a)msnews.microsoft.com... > >> Hello Gaspar, >> >> The included error just say, DC1(failed) is not to contact, just to >> make sure it is really not operational and then it does the seize >> operation for each FSMO that should be seized. >> >> Or which error do you mean? If you run in a command prompt "netdom >> query fsmo" does it show the correct server for the FSMO roles? >> >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm >>> I read the post and the microsoft articles. I run ntdsutil but I got >>> some >>> errors regarding FSMO role transfers. Is this normal? If not, what >>> should I >>> do? >>> Below is the ntdsutil output. SERVER1 is the failed DC, SERVER2 is >>> now >>> the >>> only live DC. >>> Thanks! >>> ***************************** >>> ntdsutil >>> ntdsutil: roles >>> fsmo maintenance: ^C >>> ntdsutil >>> ntdsutil: list domains >>> Error 80070057 parsing input - illegal syntax? >>> ntdsutil: metadata cleanup >>> metadata cleanup: connections >>> server connections: connect to server server2 >>> Binding to server2 ... >>> Connected to server2 using credentials of locally logged on user. >>> server connections: q >>> metadata cleanup: select operation target >>> select operation target: list domains >>> Found 1 domain(s) >>> 0 - DC=testdomain,DC=org,DC=ar >>> select operation target: select domain 0 >>> No current site >>> Domain - DC=testdomain,DC=org,DC=ar >>> No current server >>> No current Naming Context >>> select operation target: list sites >>> Found 1 site(s) >>> 0 - >>> CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,D >>> C= >>> o >>> rg,DC=ar >>> select operation target: select site 0 >>> Site - >>> CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,D >>> C=org,DC=ar >>> Domain - DC=testdomain,DC=org,DC=ar >>> No current server >>> No current Naming Context >>> select operation target: list servers in site >>> Found 2 server(s) >>> 0 - >>> CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configu >>> ra >>> tion,D >>> C=testdomain,DC=org,DC=ar >>> 1 - >>> CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configu >>> ra >>> tion,D >>> C=testdomain,DC=org,DC=ar >>> select operation target: select server 0 >>> Site - >>> CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,D >>> C=org,DC=ar >>> Domain - DC=testdomain,DC=org,DC=ar >>> Server - >>> CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configu >>> ra >>> t >>> ion,DC=testdomain,DC=org,DC=ar >>> DSA object - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Sit >>> e-Name,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> DNS host name - server1.testdomain.org.ar >>> Computer object - CN=SERVER1,OU=Domain >>> Controllers,DC=testdomain,DC >>> =org,DC=ar >>> No current Naming Context >>> select operation target: q >>> metadata cleanup: remove selected server >>> Transferring / Seizing FSMO roles off the selected server. >>> Binding to server2.testdomain.org.ar ... >>> Moving Domain Naming Master FSMO onto "CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN >>> =Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,DC= >>> or >>> g,DC= >>> ar". >>> Attempting safe transfer of domain naming FSMO before seizure. >>> ldap_modify_sW error 0x34(52 (Unavailable). >>> Ldap extended error message is 000020AF: SvcErr: DSID-03210333, >>> problem 5002 >>> (UN >>> AVAILABLE), data 1722 >>> Win32 error returned is 0x20af(The requested FSMO operation failed. >>> The >>> current >>> FSMO holder could not be contacted.) >>> ) >>> Depending on the error code this may indicate a connection, >>> ldap, or role transfer error. >>> Transfer of domain naming FSMO failed, proceeding with seizure ... >>> Server "server2" knows about 5 roles >>> Schema - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Domain - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> PDC - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> RID - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Infrastructure - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Na >>> me,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Moving Schema Master FSMO onto "CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Defaul >>> t-First-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC= >>> ar >>> ". >>> Attempting safe transfer of schema FSMO before seizure. >>> ldap_modify_sW error 0x34(52 (Unavailable). >>> Ldap extended error message is 000020AF: SvcErr: DSID-03210333, >>> problem 5002 >>> (UN >>> AVAILABLE), data 1722 >>> Win32 error returned is 0x20af(The requested FSMO operation failed. >>> The >>> current >>> FSMO holder could not be contacted.) >>> ) >>> Depending on the error code this may indicate a connection, >>> ldap, or role transfer error. >>> Transfer of schema FSMO failed, proceeding with seizure ... >>> Server "server2" knows about 5 roles >>> Schema - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Domain - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> PDC - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> RID - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Infrastructure - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Na >>> me,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Moving PDC FSMO onto "CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Si >>> te-Name,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar". >>> Attempting safe transfer of PDC FSMO before seizure. >>> ldap_modify_sW error 0x34(52 (Unavailable). >>> Ldap extended error message is 000020AF: SvcErr: DSID-0321051A, >>> problem 5002 >>> (UN >>> AVAILABLE), data 1722 >>> Win32 error returned is 0x20af(The requested FSMO operation failed. >>> The >>> current >>> FSMO holder could not be contacted.) >>> ) >>> Depending on the error code this may indicate a connection, >>> ldap, or role transfer error. >>> Transfer of PDC FSMO failed, proceeding with seizure ... >>> Server "server2" knows about 5 roles >>> Schema - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Domain - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> PDC - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> RID - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Infrastructure - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Na >>> me,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Moving Rid Master FSMO onto "CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-F >>> irst-Site-Name,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar" >>> . >>> Attempting safe transfer of RID FSMO before seizure. >>> ldap_modify_sW error 0x34(52 (Unavailable). >>> Ldap extended error message is 000020AF: SvcErr: DSID-0321092B, >>> problem 5002 >>> (UN >>> AVAILABLE), data 1722 >>> Win32 error returned is 0x20af(The requested FSMO operation failed. >>> The >>> current >>> FSMO holder could not be contacted.) >>> ) >>> Depending on the error code this may indicate a connection, >>> ldap, or role transfer error. >>> Transfer of RID FSMO failed, proceeding with seizure ... >>> Searching for highest rid pool in domain >>> Server "server2" knows about 5 roles >>> Schema - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Domain - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Si >>> tes,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> PDC - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> RID - CN=NTDS >>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites >>> ,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Infrastructure - CN=NTDS >>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Na >>> me,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> Removing FRS metadata for the selected server. >>> Searching for FRS members under "CN=SERVER1,OU=Domain >>> Controllers,DC=testdomain >>> ,DC=org,DC=ar". >>> Removing FRS member "CN=SERVER1,CN=Domain System Volume (SYSVOL >>> share),CN=File R >>> eplication Service,CN=System,DC=testdomain,DC=org,DC=ar". >>> Deleting subtree under "CN=SERVER1,CN=Domain System Volume (SYSVOL >>> share),CN=Fil >>> e Replication Service,CN=System,DC=testdomain,DC=org,DC=ar". >>> Deleting subtree under "CN=SERVER1,OU=Domain >>> Controllers,DC=testdomain,DC=o >>> rg,DC=ar". >>> The attempt to remove the FRS settings on >>> CN=SERVER1,CN=Servers,CN=Default-First >>> -Site-Name,CN=Sites,CN=Configuration,DC=testdomain,DC=org,DC=ar >>> failed >>> beca >>> use "Element not found."; >>> metadata cleanup is continuing. >>> "CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config >>> ur >>> ation,DC=h >>> ospitalneuquen,DC=org,DC=ar" removed from server "server2" >>> metadata cleanup: q >>> ***************************** >>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message >>> news:6cb2911d1199f8ccdc07ef6e3524(a)msnews.microsoft.com... >>>> Hello Gaspar, >>>> >>>> See my article about metadata cleanup, this includes also the >>>> information about the running DC: >>>> http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory- >>>> me tadata-cleanup.aspx >>>> >>>> In short, the existing one must be DNS server, Global catalog >>>> server and have all FSMOs before you can add a new DC to the >>>> domain. >>>> >>>> Best regards >>>> >>>> Meinolf Weber >>>> Disclaimer: This posting is provided "AS IS" with no warranties, >>>> and >>>> confers no rights. >>>> ** Please do NOT email, only reply to Newsgroups >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm >>>>> I used to have two 2003 domain controller servers (SERVER1 and >>>>> SERVER2). One of them (SERVER1) broke down and it's not available >>>>> anymore. >>>>> >>>>> I need: >>>>> - To safely remove SERVER1 from DC list in AD (in SERVER2). >>>>> - To install a new server as DC (SERVER3). >>>>> I googled a lot searching info on removing a failed DC but it >>>>> doesn't >>>>> seem like an easy task. What security measures must I take on >>>>> SERVER2 >>>>> before removing? >>>>> Thanks a lot!
First
|
Prev
|
Pages: 1 2 Prev: Windows 2000 and running Chkdsk /F /R on the D: \drive Next: copy profile? |