DC off-line need to demote it

[cwaalen]

Hope someone can help
I have a 2003 domain with 4 domain controllers. One of the domain controllers has been off line for about a yr now and I'd like to find a way to demote this server. Can I just turn it on let it sync up and then demote or is there a better way of doing this. Will turning this server on be a bad thing since it's been off for a year?

Thanks

 

[mrdenny]

Yes you can turn it on and it'll sync and then you can demote it.

That or you can delete the server from Sites and Services and it'll be removed from AD. You may have some DNS cleanup to do manually.

It should only take you about 10 minutes or so to do.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2005 BI / SQL 2008 DBA / SQL 2008 DBD / SQL 2008 BI / MWSS 3.0: Configuration / MOSS 2007: Configuration)
MCITP (SQL 2005 DBA / SQL 2008 DBA / SQL 2005 DBD / SQL 2008 DBD / SQL 2005 BI / SQL 2008 BI)

My Blog

 

[pagy]

I doubt it will sync, if it's been off for a year it's gone past the tombstone lifetime which is either 60 or 180 days depending on whether the OS was installed without SP1 or had SP1 slipstreamed into the install.

Leave the server off and do a metadata cleanup;

http://support.microsoft.com/kb/216498

Paul
VCP4

https://www.mcpvirtualbusinesscard.com/VBCServer/PaulP/profile

RFC 2795 - The Infinite Monkey Protocol Suite (IMPS)

http://www.faqs.org/rfcs/rfc2795.html

Difficult takes a day, impossible takes a week

 

[cwaalen]

Thanks for the tips but now it seems I have a bigger problem
I got to the step where I type "remove seleted server" and below is what I get

C:\WINDOWS\system32\ntdsutil.exe: medadata cleanup
Error 80070057 parsing input - illegal syntax?
C:\WINDOWS\system32\ntdsutil.exe: metadata cleanup
metadata cleanup: connections
server connections: connect to server sdahq
Binding to sdahq ...
Connected to sdahq using credentials of locally logged on user.
server connections: quit
metadata cleanup: select operation target
select operation target: list domains
Found 1 domain(s)
0 - DC=amerysd,DC=k12,DC=wi,DC=us
select operation target: select domain 0
No current site
Domain - DC=amerysd,DC=k12,DC=wi,DC=us
No current server
No current Naming Context
select operation target: list sites
Found 1 site(s)
0 - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amerysd,DC=k12,DC=wi
,DC=us
select operation target: select site 0
Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amerysd,DC=k12,DC
=wi,DC=us
Domain - DC=amerysd,DC=k12,DC=wi,DC=us
No current server
No current Naming Context
select operation target: list servers in site
Found 4 server(s)
0 - CN=SDAHQ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=
amerysd,DC=k12,DC=wi,DC=us
1 - CN=SDAAPPS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,D
C=amerysd,DC=k12,DC=wi,DC=us
2 - CN=SDAADMIN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,
DC=amerysd,DC=k12,DC=wi,DC=us
3 - CN=SDADATA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,D
C=amerysd,DC=k12,DC=wi,DC=us
select operation target: select server 2
Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amerysd,DC=k12,DC
=wi,DC=us
Domain - DC=amerysd,DC=k12,DC=wi,DC=us
Server - CN=SDAADMIN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura
tion,DC=amerysd,DC=k12,DC=wi,DC=us
DSA object - CN=NTDS Settings,CN=SDAADMIN,CN=Servers,CN=Default-First-Si
te-Name,CN=Sites,CN=Configuration,DC=amerysd,DC=k12,DC=wi,DC=us
DNS host name - sdaadmin.amerysd.k12.wi.us
Computer object - CN=SDAADMIN,OU=Domain Controllers,DC=amerysd,DC=k12,DC
=wi,DC=us
No current Naming Context
select operation target: quit
metadata cleanup: remove selected server
Transferring / Seizing FSMO roles off the selected server.
Removing FRS metadata for the selected server.
Searching for FRS members under "CN=SDAADMIN,OU=Domain Controllers,DC=amerysd,DC
=k12,DC=wi,DC=us".

Removing FRS member "CN=SDAADMIN,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=amerysd,DC=k12,DC=wi,DC=us".
Deleting subtree under "CN=SDAADMIN,CN=Domain System Volume (SYSVOL share),CN=Fi
le Replication Service,CN=System,DC=amerysd,DC=k12,DC=wi,DC=us".
LDAP error 0x50(80 (Other).
Ldap extended error message is 00000070: SysErr: DSID-03370544, problem 28 (No s
pace left on device), data -510

Win32 error returned is 0x70(There is not enough space on the disk.)
)
Deleting subtree under "CN=SDAADMIN,OU=Domain Controllers,DC=amerysd,DC=k12,DC=w
i,DC=us".
LDAP error 0x50(80 (Other).
Ldap extended error message is 00000070: SysErr: DSID-03370544, problem 28 (No s
pace left on device), data -510

Win32 error returned is 0x70(There is not enough space on the disk.)
)
The attempt to remove the FRS settings on CN=SDAADMIN,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=amerysd,DC=k12,DC=wi,DC=us failed becau
se "An internal error occurred.";
metadata cleanup is continuing.
DsRemoveDsServerW error 0x70(There is not enough space on the disk.)



2 of the 3 current domain controllers have at least 2GB of C: space and the 3rd DC has 700MB, not sure where to go from here. Any ideas

 

[cwaalen]

When I first tried this I connected to a VM domain controller. Would it hurt anything if I were to start over and connect to a physical server rather than a VM server?

 

[theravager]

That could be really nasty, fair chance that a indicator of a corrupt AD database.

Try it from another DC and see how you go, the process should work on any DC bar the broken one.

 

[theravager]

Oh one question, just realized your have a DC running in a VM.

Did you build a new server and promote the DC or did you try some sort of migration physical to virtual.

(I'm guessing the later which is most likely the reason the AD database is corrupt)

 

[cwaalen]

You are guessing right(migration). So this morning I decided to try it on a DC that is not a VM and the process worked. Needed to do some DNS cleanup but things seem to be good now.
Thanks for you help