What would happen if i removed the entire domain and demoted the last DC and removed the domain and forest and then immediately rebuilt the domain again on a new server which would then be the new PDC as it were, holding the FSMO roles and then joining the old PDC that used to hold the FSMO roles before the domain got taken down.
I know you cannot take down a DC and then bring it up later since the tombstone life or whatever it is kicks in and then you get problem with the replication and stuff. Would the same be the case with a domain rebuild. I have done it before but only using the same PDC which i should imagine wouldn't raise this issue or am i looking into it in too much complexity?
This is the problem when working on multiple OSes, i'm beginning to get a little confused over which does which.
The two DC's would have different domain SID's so they wouldn't play together. Why do you want to rebuild the domain are you having issues with Active Directory?
A better way (assuming you don't have active directory issues) would be to build a new DC and join it to the domain then move over all FSMO roles (DNS/DHCP if necessary) and then demote the old one (DCPROMO) and rebuild it if that is what's required.
Last edited by cookie_monster; 24th July 2008 at 10:35 AM.
Even though the old domain is not coming back up?
I will try to clarify if i made my description a little muddy.
The new server will host the only domain. The new domain however will be the old domain but the new server will host the FSMO roles instead. The old DC that WAS the PDC DC that used to hold the FSMO roles will then join the new domain.
I may just re-build the old DC as well so it is fresh. I just didn't want to re-build the group policies again. I hate that part.
What of Member servers? Could they be demoted back to stand-alone servers and then added to the new domain? This is the SIMS server and so i cannot re-build this one.
Ok sorry so you have demoted the last DC in the domain so the last DC is now just a member server and you now want to add it to the new domain. This shouldn't be a problem you might want to make sure that the sysvol and ntds folders have been removed from the old DC before you join it to the new domain (just in case but they should be replaced when you DCPROMO into the new domain) then you should be good to go.
Personally i'd take the oppurtunity to rebuild the box but if you're short on time go for it.
Last edited by cookie_monster; 24th July 2008 at 10:48 AM.
I think you're overcomplicating this a lot.. As cookie says, just add the new server, promote it to a DC and wait for replication. All the group policies will be replicated as part of AD. Seize or transfer the FSMO roles to the new DC, and once all that has completed, demote the old DC and rebuild it at your lesiure, re-adding it when you've done.
Is there some reason you think you need to knock down the entire domain, and start from scratch?
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote