I've started at my new place today, 5 minutes in, go to change someone's password, can't connect to the DC for AD from the remote AD manager.
I mucked about with it for a minute or 2 and get it connected to another DC, get the password changed and onto other things...
Left it for a couple of hours and the system time is now wandering so I checked out all the servers, they are all out. Checked which of the DCs is master, it's called backup (because it also hosts backups, not because it's the backup DC)
Remoted onto that box, it's sat with an error on the screen, corruption in C:\windows\resc blah blah. Cleared the error and NOTHING works, no control panel, no admin tools nothing and trying to fire them up brings up another 'corruption in C:\windows\resc' message. Read the error log on another machine and it's chock full of really nasty errors...
So, my question is, HELP how do I successfully move fsmo, global ca and master roles to the working DC and demote it so I can bring up a new DC? Never needed to do this before!
If you have a read through this technet article it will tell you how to transfer the fsmo roles Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller, if they dont successfully transfer which might be the case as the current server is not functioning correctly then follow the seize roles... if you have to seize the roles you will need to delete the DC from AD using the working DC and then rebuild the entire OS on the "backup" server.
One point that has caught me out in the article is step 5, when connecting to the server - this is the server that you want the roles to end up on (your working DC)
Hope that helps
There are currently 1 users browsing this thread. (0 members and 1 guests)