Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Upgrade to w2k AD and had to rollback......

Status
Not open for further replies.
amtrak23

amtrak23

MIS
Aug 7, 2003
19
US
PDC was NT 4.0 all other severs were 2000 BDC's. Purchased a new server, made it an NT BDC and migrated over all settings from old PDC. Then performed upgrade on the new NT BDC up to win2k and promoted it to the PDC. So now we have a win2k PDC that seemed to be working ok.

All user accounts were locked out when they tried booting up the first time so everyonnes accounts needed reset. We decided to scrap the upgrade and plug the old NT PDC back into the network. Everything was back to normal so we though.

Now all other win 2k BDC's at remote offices won't allow me to change permissions. Only the local accounts are available, whihc don't inlcude any of the users?

Upon further inspection My computer--> Network Identification shows win2k BDC's as joined to the new companyname.net AD domain even though it was removed from the netork and we went back to the NT PDC. It also has a note that the changes will take effect upon reboot.

The big question is what will happen upon reboot? Will the win2k BDC's get all wacked becasue they are trying to join an AD domain that is no longer there or will they just say no domain available and allow me to add the old domain back into the properties tab and join it upon another reboot, and then all will be well?

On my XP pro notebook I had to join a workgroup that didn't exist, uncheck "change DNS suffix upon reboot" in my computer--> properties-->join domain--> more options, and then reboot. I logged onto "workgroup", and joined the old NT domain, the rebooted again. I was able to get bakc on the network and everything was fine. Will the BDC servers do the same and do I need to worry about the "Change DNS suffix upon reboot" stuff?

Thanks you!!!
 
Sort by date Sort by votes
I thought you couldn't upgrade a BDC?

When I tried to, it told me that the first machine MUST be the PDC, which is why I took a fully-synched BDC offline before I started the upgrade.

Once done, I did ran up 2 clean Win2K servers, ran dcpromo, transferred the FSMO roles to one of them, and took down the original PDC for a clean install of 2K. Now have 3 nice clean DCs, plus a BDC sitting in the cupboard collecting dust.

For your problem, my first questions would be:
1. How did you create the win2k BDCs?
2. Are the Win2K machines actually in the NT4 domain, or a new AD domain? (I think it may be the latter.) To check this, go to Admin Tools, Active Directory Users & Computers. Is there anything in there?

If the Win2K machines are actually in the AD Domain, then DCpromo them so that they aren't DCs anymore, then re-join the NT4 domain.

Otherwise, can you answer the above, and post the results?

Cheers,
Sam

Please let members know if you found their posts helpful.
 
Upvote 0 Downvote
First things first. Did you run DCPROMO to demote the W2K server, if not it still exist. As for the W2K worstations haveing problem logging in, that is to be expected. W2K works fine logging into WinNT as log as they have never authenticated to a W2K server. Once they see a W2K DC they will authenticate to and from then on they will only authenticate to a W2K DC. There is a registery fix, search Technet, that we used early on until we had W2K DC at all sites.

Probably the best thing to do is do as suggested above and get your W2K server back up and running and make it assume the PDC emilator role, and go from there.
 
Upvote 0 Downvote
"I thought you couldn't upgrade a BDC?"

Sorry, it was a brand new server that came pre-installed with w2k. We wiped it out and installed NT 4 and turned it into a BDC. We then synched the old NT PDC to the new NT BDC and renamed it to the same name as teh old PDC. Then promoted it to PDC, this was off the network. Then we did the upgrade to w2k. We removed the old PDC from the network and plugged the new PDC and in and everything seemed fine until users tried logging in and all passwords had expired.


"For your problem, my first questions would be:"
1. How did you create the win2k BDCs?

They came pre-installed from the factory.


2. Are the Win2K machines actually in the NT4 domain, or a new AD domain? (I think it may be the latter.) To check this, go to Admin Tools, Active Directory Users & Computers. Is there anything in there?

There is no "Active directory Users & Computers" in admin tools, so It hasn't actually made it to the AD yet. However, if you view the Network ID tab when you right click my computer it shows it as being in the new AD domain, but says some stuff about changes being made upon rebooting. I'm skeptical to reboot because I don't want this thing to join the new AD domain that really isn't there. I'm not quite sure if it will go very smoothly if I'm trying to get back to the old domain.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
195
DTGMI
DTGMI
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
305
suncit
suncit
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
229
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
137
DrB0b
DrB0b
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
123
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top