Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

changing service account

Status
Not open for further replies.
proudusa

proudusa

MIS
Sep 19, 2001
439
0
0
US
I have a question...i may be in need of re-installing w2k on my DC. I know Exchange depends on the service account name and password to communicate with local services and the domain controller. What would be the best way to do this without having to also re-install exchange?

thanks
 
Sort by date Sort by votes
Any chance you can promo another box to DC before re-installing W2K on the DC?

Rich
 
Upvote 0 Downvote
Trying but because of the DNS issue it doesn't find an AD DC to replicate the database with.

Other possibility if i lose the service account would be to either use the exchange backups to restore or import the individual *pst files.

any other possibilities?

thanks
 
Upvote 0 Downvote
May I suggest that we work on fixing your DNS problem then? You're in for an awful lot of work if you bring down your domain, as you'll lose just about everything. What problems are you having?
 
Upvote 0 Downvote
Would love to solve but seems like the only way is to bring down the DC according to M$ KB

Problem is during the upgrade of NT PDC to W2KDC DCPromo wizard starts automatically and it appears as posted by M$ on their site that their is a problem with the upgrade process whereby the DNS Suffix does not get checked automatically. Hence the computer name results in computer.company. instead of computer.company.com

All the other servers were able to be applied the dns suffix and are named computer.company.com

The domain is correct: company.com on all servers

When i try adding another DC it gives me an error stating there is no AD DC.

Here is the article describing the exact problem:

Funny that during migration research not once did i see this problem mentioned. Also didn't happen in a test environment.

Any assitance greatly appreciated.
 
Upvote 0 Downvote
the old disjointed namespace...ugly. Well, I think it's important here to save your exchange environment. How about bringing up an entirely new domain, creating a trust between the 2, installing Exchange on the new DC (new Org/Site), and using the Move Server Wizard to put the old exchange box into the new? Then, when you fix your old domain, you can move it back...
 
Upvote 0 Downvote
Yep...the old disjointed name space...darn it.

Bronto,

That's the other possiblity i was thinking of....creating a new domain controller, trusting, installing exchange and moving the server. That's probably the best bet.

Once I fix the original domain, i can run the MOVE SERVER wizard and place the server back to the original but reinstalled exchange server. I'm assuming i'll have to run the installation again following the loss of the service account?

thanks for the feedback

 
Upvote 0 Downvote
Well, you could probably avoid losing the service account by using the ADMT to migrate it to the new domain, and keeping the SID history. It just may work...
 
Upvote 0 Downvote
testing it out....will post back details.
thanks
 
Upvote 0 Downvote
Bronto

I've setup two domains and am running Move Server to setup the exchange server on the new domain. You're saying i can run the ADMT tool to migrate the service account from the old to the new?

thanks
scooby
 
Upvote 0 Downvote
Yes. ADMT will migrate user accounts between Forests. Make sure you choose the option to keep the SID history. FYI - I believe this requires the target domain to be in "native" mode.
 
Upvote 0 Downvote
Bronto,

I was trying another approach and ran into a problem in the test environment. Wanted to see if you may know what might be causing it:

I'm testing a domain change for the exchange server. I've setup a trust relationship between both domains (two domains in same subnet). I've added the admin account from the target domain with proper rights to the org, site, config and schema nt-descriptor without a problem. When i try adding the account to the Services it tells me the domain is not operational or could not be contacted.


 
Upvote 0 Downvote
hmm...that sounds like the right procedure. Did you keep the old service account in the config as well as the new? It's a good idea to do so, and then restart the System Attendant.
 
Upvote 0 Downvote
i didn't remove the old service account.

Currently, Exchange SP4 in Domain 1. The service account from domain 1 and new domain 2 was placed in Site, ORG, Config and schema. Trust relationships had been previously setup and i can browse domain 1 from domain 2 and vice versa.

The only time i get an error stating the specified domain either does not exist or could not be contacted is from within System Attendant properties when i try adding the service account from the new domain to replace the old service account.

 
Upvote 0 Downvote
Bronto...

looking at your post again, when i finish adding the service account to the exchange org, site, etc. do i need to shutdown services and change domains at that point and then change the system attendant info? you mentioned restarting the SA
 
Upvote 0 Downvote
No. I think you should add the new service account info in as you did , but leave the old service account in there as well for now. Quit Exchange Raw Mode, then shut down the System Attendant Service. Now, change the service account info on all the exchange services. Then join the new domain and reboot. After that, assuming all is well, go back into Raw Mode and remove the old service account. Remember to do a BACKUP!
 
Upvote 0 Downvote
when i shutdown the services and browse to the other domain and select the service account i get the following message:

"processing of object administrator failed with the following error: the specified domain either does not exist or could not be contacted"

If i manually enter the account name i don't get the error. Will try on my home lab tonight and post back if it worked (got the same error there)

thanks
 
Upvote 0 Downvote
well i tested manually adding the account to the services. Initially i got a 1053 error stating the service didn't respond in time. Tried it again and the SA started. All other services started the first time once the SA was going.

I tried this at work as i didn't get a chance last night so i haven't changed domains (had the second domain DC with Exchange ... only 1 extra PC laying around). Just changed the logon account on all services, restarted and opened up Exchange without a problem.

I'm making the assumption that if i change domains i shouldn't have a problem now but i'll run one final complete test at home before i go after the production enviornment.

Thanks for the feedback Bronto!!
 
Upvote 0 Downvote
Bronto..
one last question. I'm doing nightly full backups of the exchange server with the NTBackup utility of W2K. As i understand it, W2K NTBackup is exchange aware and will backup everything i need in case of a problem and need to restore correct?

thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Beni Santoso
  • Locked
  • Question
pop3 account setup failed at outlook because client was not authenticated to send anonymous mail
Replies
1
Views
69
DrB0b
DrB0b
kzn
  • Locked
  • Question
Installing service packs
Replies
2
Views
36
markdmac
markdmac
cjtucker1976
  • Locked
  • Question
The Exchange server address list service failed to respond. This could be because of an address list
Replies
3
Views
57
markdmac
markdmac
AndrewArgus
  • Locked
  • Question
The Service did not respond to the start or control request in a timely fashion - Error 0x8007041d
Replies
1
Views
61
AndrewArgus
AndrewArgus
capotec2014
  • Locked
  • Question
Changing primary smtp email address in A.D.
Replies
1
Views
43
sircles
sircles

Part and Inventory Search

Sponsor

Back
Top