Removing a windows 2003 domain controller

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I hope somebody here can shed some light on a windows 2003 server issue for me.

We had a windows 2003 (enterprise edition) server fail (dead C drive). This
was the first server, active directory installed. We had added a second
server some time back (before the first failed) and it is also a 2003 server
(enterprise edition). The second server has exchange server and SQL server
and sharepoint portal server running on it. All seemed well until the first
server died.

Now there are many errors in the event log, many to do with replication and
DNS, also some to do with ASP.
We will most likely not be returning the first server to duty since the
company is small (5 users).

What do I have to do to resolve the errors appearing in the event log and
assure that the second server runs properly?

FYI there was no backup of the system state data from the first server if
that matters.

Any help is much appreciated.
3 answers Last reply
More about removing windows 2003 domain controller
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    1. Make sure DNS is installed and the server only pointing to itself
    2. Seize FSMO roles. Follow Microsoft Knowledge Base article 255504
    (http://support.microsoft.com/?id=255504)
    3. Perform metadata cleanup. Follow Microsoft Knowledge Base article
    216498 (http://support.microsoft.com/?id=216498)

    Best regards,

    Frank Szita [MSFT]

    This posting is provided "AS IS" with no warranties, and confers no rights.
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    I did the steps you outlined and these are samples of the errors that I am
    seeing now:


    Event Viewer

    *** BEGIN EVENT VIEWER SAMPLE ERRORS ***

    Application:

    Source: Active Server Pages
    Event ID: 5

    Error: The Template Persistent Cache initialization failed for Application
    Pool 'MSPS2003AppPool' because of the following error: Could not create a
    Disk Cache Sub-directory for the Application Pool. The data may have
    additional error codes..

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: MSExchangeSA
    Event ID: 9098

    The MAD Monitoring thread was unable to read its configuration from the DS,
    error '0x80010002'.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Source: MSExchangeSA
    Event ID: 1005

    Unexpected error The specified domain either does not exist or could not be
    contacted. Facility: Win32 ID no: c007054b Microsoft Exchange System
    Attendant occurred.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Source: MSExchangeFBPublish
    Event ID: 8213

    System Attendant Service failed to create session for virtual machine
    DOGBERT. The error number is 0xc103073a.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Source: MSExchangeAL
    Event ID: 8231

    Permanent failure reported by policy group provider for 'CN=System
    Policies,CN=West-Age Web Services,CN=Microsoft
    Exchange,CN=Services,CN=Configuration,DC=wahq,DC=local':'MAD.EXE',
    error=80040103. Taking provider offline.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Source: MSExchangeAL
    Event ID: 8231

    Permanent failure reported by policy group provider for 'CN=System
    Policies,CN=West-Age Web Services,CN=Microsoft
    Exchange,CN=Services,CN=Configuration,DC=wahq,DC=local':'MAD.EXE',
    error=80040103. Taking provider offline.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Source: MSExchangeDSAccess
    Event ID: 2103

    Process MAD.EXE (PID=2532). All Global Catalog Servers in use are not
    responding:
    dilbert.wahq.local


    For more information, click http://www.microsoft.com/contentredirect.asp.

    ------------------------

    Security:

    No errors in the security log.

    ------------------------

    System:

    Source: LSASRV
    Event ID: 40961

    The Security System could not establish a secured connection with the server
    DNS/dogbert.wahq.local. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40960

    The Security System detected an authentication error for the server
    DNS/dogbert.wahq.local. The failure code from authentication protocol
    Kerberos was "The attempted logon is invalid. This is either due to a bad
    username or authentication information.
    (0xc000006d)".

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: Service Control Manage
    Event ID: 7001

    The Microsoft Exchange MTA Stacks service depends on the Microsoft Exchange
    System Attendant service which failed to start because of the following
    error:
    The operation completed successfully.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: Service Control Manager
    Event ID: 7001

    The Microsoft Exchange Information Store service depends on the Microsoft
    Exchange System Attendant service which failed to start because of the
    following error:
    The operation completed successfully.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40961

    The Security System could not establish a secured connection with the server
    cifs/dogbert.wahq.local. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40960

    The Security System detected an authentication error for the server
    cifs/dogbert.wahq.local. The failure code from authentication protocol
    Kerberos was "There are currently no logon servers available to service the
    logon request.
    (0xc000005e)".

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: DCOM
    Event ID: 10002

    Access denied attempting to launch a DCOM Server. The server is:
    {9DA0E106-86CE-11D1-8699-00C04FB98036}
    The user is SYSTEM/NT AUTHORITY, SID=S-1-5-18.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40961

    The Security System could not establish a secured connection with the server
    .. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40960

    The Security System detected an authentication error for the server . The
    failure code from authentication protocol Kerberos was "There are currently
    no logon servers available to service the logon request.
    (0xc000005e)".

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40961

    The Security System could not establish a secured connection with the server
    LDAP/DOGBERT. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: LSASRV
    Event ID: 40960

    The Security System detected an authentication error for the server
    LDAP/DOGBERT. The failure code from authentication protocol Kerberos was
    "There are currently no logon servers available to service the logon request.
    (0xc000005e)".

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Directory Service:

    Source: NTDS General
    Event ID: 1126

    Active Directory was unable to establish a connection with the global
    catalog.

    Additional Data
    Error value:
    1355 The specified domain either does not exist or could not be contacted.
    Internal ID:
    3200caf

    User Action:
    Make sure a global catalog is available in the forest, and is reachable from
    this domain controller. You may use the nltest utility to diagnose this
    problem.

    For more information, see Help and Support Center at

    ------------------------

    Source: NTDS KCC
    Event ID: 1308

    The Knowledge Consistency Checker (KCC) has detected that successive
    attempts to replicate with the following domain controller has consistently
    failed.

    Attempts:
    241
    Domain controller:
    CN=NTDS
    Settings,CN=DILBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local
    Period of time (minutes):
    139120

    The Connection object for this domain controller will be ignored, and a new
    temporary connection will be established to ensure that replication
    continues. Once replication with this domain controller resumes, the
    temporary connection will be removed.

    Additional Data
    Error value:
    8524 The DSA operation is unable to proceed because of a DNS lookup failure.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    ------------------------

    Source: NTDS Replication
    Event ID: 1837

    An attempt to transfer the operations master role represented by the
    following object failed.

    Object:
    CN=Schema,CN=Configuration,DC=wahq,DC=local
    Current operations master role:
    CN=NTDS
    Settings,CN=DILBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local
    Proposed operations master role:
    CN=NTDS
    Settings,CN=DOGBERT,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=wahq,DC=local

    Additional Data
    Error value:
    1722

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    << Several More Similar Errors, shortened >>

    ------------------------

    DNS Server:

    << No Errors >>

    ------------------------

    File Replication Service:

    Source: NtFrs
    Event ID: 13508

    The File Replication Service is having trouble enabling replication from
    DILBERT to DOGBERT for c:\windows\sysvol\domain using the DNS name
    dilbert.wahq.local. FRS will keep retrying.
    Following are some of the reasons you would see this warning.

    [1] FRS can not correctly resolve the DNS name dilbert.wahq.local from this
    computer.
    [2] FRS is not running on dilbert.wahq.local.
    [3] The topology information in the Active Directory for this replica has
    not yet replicated to all the Domain Controllers.

    This event log message will appear once per connection, After the problem
    is fixed you will see another event log message indicating that the
    connection has been established.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    *** END EVENT VIEWER SAMPLE ERRORS ***

    Any help is greatly appreciated!

    John


    ""Frank Szita [MSFT]"" wrote:

    > 1. Make sure DNS is installed and the server only pointing to itself
    > 2. Seize FSMO roles. Follow Microsoft Knowledge Base article 255504
    > (http://support.microsoft.com/?id=255504)
    > 3. Perform metadata cleanup. Follow Microsoft Knowledge Base article
    > 216498 (http://support.microsoft.com/?id=216498)
    >
    > Best regards,
    >
    > Frank Szita [MSFT]
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    >
  3. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Looking at the NTFRS and NTDS errors it appears the working domain
    controller is still attempting to replicate with the non working domain
    controller which means metadata cleanup was not complete. Make sure you
    only have one server listed in the domain controllers OU. Also, make sure
    the working domain controller is a global catalog

    Best regards,

    Frank Szita [MSFT]

    This posting is provided "AS IS" with no warranties, and confers no rights.
Ask a new question

Read More

Windows Server 2003 Servers Domain Controller Active Directory Windows