Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Tombstone Issue- Correct procedure to dcpromo?

Status
Not open for further replies.

bran2235

IS-IT--Management
Feb 13, 2002
703
US
Hello everyone!

I have 3 DCs (win 2003). The one DC off-site (DR) hasn't been turned on in over 180 days(!). DCDIAG reports the tombstone issue.

I need to bring this off-site DC back on line ASAP.
Someone mentioned to DCPROMO it down to Member server and then DCPROMO it back up... I'm just not sure of the correct steps, can anyone help? Her's the method (& questions) that I suggested:

1) Before powering up the bad DC, take it off the LAN
QUESTION, can I log into DC with domain account when it's not connected to WAN? (silly question, I know....)
2) Power it up, DCPROMO it (down) using "dcpromo /forceremoval"
3) (When do I do the metadata cleanup?) Once it's a member server, power down, plug into LAN/WAN, power up and then DCPROMO it again back to a DC.

How does that sound everyone? Any suggestions?

Thanks!
Brando
 
You don't need to take it off the LAN, if its tombstoned it won't replicate anyway.

Change the bad dc primary dns to another dc

dcpromo /forceremoval the DC. You will get a couple of warnings about not able to replicate changed objects.

You will probibly manually have to delete the old DC computer account in AD to

Once this is done you can do the metadata cleanup.

Manually wait for replication to all DC's or force replication. (This is important as you will be back to square 1 otherwise)

Join the old DC to the domain, reboot it a couple of times.

Dcpromo, wait for replication, you could prestage this with a backup if its a real slow wan link to speed things up.

Wait a few days then change the DC primary dns back to itself.

 
Ok, so if my (bad) DC has been turned completely off (no power) for over 7 months, I have nothing to worry about as far as anything being replicated when I bring this box online, etc.?

I can just power up and start the steps we are discussing?
Just want to be sure!! :)

THANKS!

Brando
 
Prior to powering that system back online visit my FAQ faq96-4733 and grab the metaqdata cleanup script from it. Run that script to wipe the machine out of AD.

Next go into you DNS and manually remove any reference to that system from it. You will need to check all the keys under msdcs_yourdomain.local.

After you have done that cleanup I would then do the DCPROMO /ForcedRemoval. Move the server into a workgroup and then join back to the domain prior to running DCPROMO again.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top