Sign in with
Sign up | Sign in
Your question

Removing a windows 2003 domain controller

Last response: in Windows 2000/NT
Share
Anonymous
December 23, 2004 3:19:02 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I hope somebody here can shed some light on a windows 2003 server issue for me.

We had a windows 2003 (enterprise edition) server fail (dead C drive). This
was the first server, active directory installed. We had added a second
server some time back (before the first failed) and it is also a 2003 server
(enterprise edition). The second server has exchange server and SQL server
and sharepoint portal server running on it. All seemed well until the first
server died.

Now there are many errors in the event log, many to do with replication and
DNS, also some to do with ASP.
We will most likely not be returning the first server to duty since the
company is small (5 users).

What do I have to do to resolve the errors appearing in the event log and
assure that the second server runs properly?

FYI there was no backup of the system state data from the first server if
that matters.

Any help is much appreciated.
Anonymous
December 23, 2004 2:34:25 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

1. Make sure DNS is installed and the server only pointing to itself
2. Seize FSMO roles. Follow Microsoft Knowledge Base article 255504
(http://support.microsoft.com/?id=255504)
3. Perform metadata cleanup. Follow Microsoft Knowledge Base article
216498 (http://support.microsoft.com/?id=216498)

Best regards,

Frank Szita [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.
Anonymous
December 23, 2004 2:34:26 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I did the steps you outlined and these are samples of the errors that I am
seeing now:


Event Viewer

*** BEGIN EVENT VIEWER SAMPLE ERRORS ***

Application:

Source: Active Server Pages
Event ID: 5

Error: The Template Persistent Cache initialization failed for Application
Pool 'MSPS2003AppPool' because of the following error: Could not create a
Disk Cache Sub-directory for the Application Pool. The data may have
additional error codes..

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: MSExchangeSA
Event ID: 9098

The MAD Monitoring thread was unable to read its configuration from the DS,
error '0x80010002'.

For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Source: MSExchangeSA
Event ID: 1005

Unexpected error The specified domain either does not exist or could not be
contacted. Facility: Win32 ID no: c007054b Microsoft Exchange System
Attendant occurred.

For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Source: MSExchangeFBPublish
Event ID: 8213

System Attendant Service failed to create session for virtual machine
DOGBERT. The error number is 0xc103073a.

For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Source: MSExchangeAL
Event ID: 8231

Permanent failure reported by policy group provider for 'CN=System
Policies,CN=West-Age Web Services,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=wahq,DC=local':'MAD.EXE',
error=80040103. Taking provider offline.

For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Source: MSExchangeAL
Event ID: 8231

Permanent failure reported by policy group provider for 'CN=System
Policies,CN=West-Age Web Services,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=wahq,DC=local':'MAD.EXE',
error=80040103. Taking provider offline.

For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Source: MSExchangeDSAccess
Event ID: 2103

Process MAD.EXE (PID=2532). All Global Catalog Servers in use are not
responding:
dilbert.wahq.local


For more information, click http://www.microsoft.com/contentredirect.asp.

------------------------

Security:

No errors in the security log.

------------------------

System:

Source: LSASRV
Event ID: 40961

The Security System could not establish a secured connection with the server
DNS/dogbert.wahq.local. No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40960

The Security System detected an authentication error for the server
DNS/dogbert.wahq.local. The failure code from authentication protocol
Kerberos was "The attempted logon is invalid. This is either due to a bad
username or authentication information.
(0xc000006d)".

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: Service Control Manage
Event ID: 7001

The Microsoft Exchange MTA Stacks service depends on the Microsoft Exchange
System Attendant service which failed to start because of the following
error:
The operation completed successfully.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: Service Control Manager
Event ID: 7001

The Microsoft Exchange Information Store service depends on the Microsoft
Exchange System Attendant service which failed to start because of the
following error:
The operation completed successfully.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40961

The Security System could not establish a secured connection with the server
cifs/dogbert.wahq.local. No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40960

The Security System detected an authentication error for the server
cifs/dogbert.wahq.local. The failure code from authentication protocol
Kerberos was "There are currently no logon servers available to service the
logon request.
(0xc000005e)".

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: DCOM
Event ID: 10002

Access denied attempting to launch a DCOM Server. The server is:
{9DA0E106-86CE-11D1-8699-00C04FB98036}
The user is SYSTEM/NT AUTHORITY, SID=S-1-5-18.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40961

The Security System could not establish a secured connection with the server
.. No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40960

The Security System detected an authentication error for the server . The
failure code from authentication protocol Kerberos was "There are currently
no logon servers available to service the logon request.
(0xc000005e)".

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40961

The Security System could not establish a secured connection with the server
LDAP/DOGBERT. No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: LSASRV
Event ID: 40960

The Security System detected an authentication error for the server
LDAP/DOGBERT. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
(0xc000005e)".

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Directory Service:

Source: NTDS General
Event ID: 1126

Active Directory was unable to establish a connection with the global
catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200caf

User Action:
Make sure a global catalog is available in the forest, and is reachable from
this domain controller. You may use the nltest utility to diagnose this
problem.

For more information, see Help and Support Center at

------------------------

Source: NTDS KCC
Event ID: 1308

The Knowledge Consistency Checker (KCC) has detected that successive
attempts to replicate with the following domain controller has consistently
failed.

Attempts:
241
Domain controller:
CN=NTDS
Settings,CN=DILBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local
Period of time (minutes):
139120

The Connection object for this domain controller will be ignored, and a new
temporary connection will be established to ensure that replication
continues. Once replication with this domain controller resumes, the
temporary connection will be removed.

Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------

Source: NTDS Replication
Event ID: 1837

An attempt to transfer the operations master role represented by the
following object failed.

Object:
CN=Schema,CN=Configuration,DC=wahq,DC=local
Current operations master role:
CN=NTDS
Settings,CN=DILBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local
Proposed operations master role:
CN=NTDS
Settings,CN=DOGBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local

Additional Data
Error value:
1722

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

<< Several More Similar Errors, shortened >>

------------------------

DNS Server:

<< No Errors >>

------------------------

File Replication Service:

Source: NtFrs
Event ID: 13508

The File Replication Service is having trouble enabling replication from
DILBERT to DOGBERT for c:\windows\sysvol\domain using the DNS name
dilbert.wahq.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name dilbert.wahq.local from this
computer.
[2] FRS is not running on dilbert.wahq.local.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

*** END EVENT VIEWER SAMPLE ERRORS ***

Any help is greatly appreciated!

John



""Frank Szita [MSFT]"" wrote:

> 1. Make sure DNS is installed and the server only pointing to itself
> 2. Seize FSMO roles. Follow Microsoft Knowledge Base article 255504
> (http://support.microsoft.com/?id=255504)
> 3. Perform metadata cleanup. Follow Microsoft Knowledge Base article
> 216498 (http://support.microsoft.com/?id=216498)
>
> Best regards,
>
> Frank Szita [MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
Anonymous
December 25, 2004 2:18:11 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Looking at the NTFRS and NTDS errors it appears the working domain
controller is still attempting to replicate with the non working domain
controller which means metadata cleanup was not complete. Make sure you
only have one server listed in the domain controllers OU. Also, make sure
the working domain controller is a global catalog

Best regards,

Frank Szita [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.
!