First DC Down .. What Now?

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

About 20 months ago we installed a fresh AD 2000 infrastructure with
four sites. Each site had a single DC and DHCP server (two sepearte
machines). We also installed Exchange 2000 Standard.

Our first domain controller installed, which we aptly named DC1, has
crashed. It was mirrored but we get stop errors on both.

Our Exchange server is on the same site (subnet) as DC1 so the email
system is not working (global cat being down, right?).

So, since (from what little I know and understand) the first domain
controller installed is the schema master, what do we do? Can we just,
somehow, put in a brand new 2000 server, do a dcpromo on it, then
somehow designate it as the schema master or whatever else it needs to
be and hope that it gets a good replication from the other DCs on the
other sites? How would I go about such a thing, if this is the way to go?

Thanks,
Jim

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

"Jim in Arizona" <tiltowait@hotmail.com> wrote in message
news:uqGKGt4aFHA.796@TK2MSFTNGP09.phx.gbl...
> About 20 months ago we installed a fresh AD 2000 infrastructure with
> four sites. Each site had a single DC and DHCP server (two sepearte
> machines). We also installed Exchange 2000 Standard.

You need DNS in (practically) all of those sites.

> Our first domain controller installed, which we aptly named DC1, has
> crashed. It was mirrored but we get stop errors on both.

You could try a REPAIR install from the original CD -- do
install into same directory and MAKE SURE that it ask if
you wish to do a Repair (or new) install and confirm the
repair. (This works in nearly all cases.)

> Our Exchange server is on the same site (subnet) as DC1 so the email
> system is not working (global cat being down, right?).

With such a small or with such a single domain forest you
may make EVERY DC a GC so that Exchange will always
have one available.

There should be a GC in each sites in any case -- maybe
two if the site is critical to your business.

> So, since (from what little I know and understand) the first domain
> controller installed is the schema master, what do we do? Can we just,
> somehow, put in a brand new 2000 server, do a chromo on it, then
> somehow designate it as the schema master or whatever else it needs to

You can both add another DC and you can pick one to "seize the roles" ;
the two are separate issues and you probably shouldn't complicate things
by doing both at the same time but it also should work that way.

> be and hope that it gets a good replication from the other DCs on the

If you DCPromo you must get "good replication" or the DCPromo will
never complete anyway.

> other sites? How would I go about such a thing, if this is the way to go?

NTDSUtil in the roles area. You connect (use) the DC will seize or
accept the roles: Schema Master, Domain Naming Master, PDC emulator,
RID Master, and Infrastructure Master

....but NOT the GC. "GC" is not a (single master) role.

NEVER seize a role if the original will ever be brought back
as a DC -- so don't do this until you give up on the repair of DC1.

Also note that you can make more GCs now. Many GCs are fine. More
than one (single) master is bad, very bad:

After
NTDS metadata cleanup

Search Google for:

[ NTDS "metadata cleanup" remove DC Domain ]

No need to add either site:microsoft.com OR microsoft:
since the NTDS and other terms make it Microsoft specific
by itself.

Unless you WISH to restrict answers to the site:microsoft.com
for some reason.

[ NTDS "metadata cleanup" remove DC Domain site:microsoft.com ]

Key points to NOTE when doing the metadata cleanup:

You CONNECT to a WORKING DC.
You SELECT the missing/dead DC or DOMAIN

'Connect' and 'Select' are technical terms in this context.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Herb Martin wrote:
> "Jim in Arizona" <tiltowait@hotmail.com> wrote in message
> news:uqGKGt4aFHA.796@TK2MSFTNGP09.phx.gbl...
>
>>About 20 months ago we installed a fresh AD 2000 infrastructure with
>>four sites. Each site had a single DC and DHCP server (two sepearte
>>machines). We also installed Exchange 2000 Standard.
>
>
> You need DNS in (practically) all of those sites.
>
>
>>Our first domain controller installed, which we aptly named DC1, has
>>crashed. It was mirrored but we get stop errors on both.
>
>
> You could try a REPAIR install from the original CD -- do
> install into same directory and MAKE SURE that it ask if
> you wish to do a Repair (or new) install and confirm the
> repair. (This works in nearly all cases.)
>
>
>>Our Exchange server is on the same site (subnet) as DC1 so the email
>>system is not working (global cat being down, right?).
>
>
> With such a small or with such a single domain forest you
> may make EVERY DC a GC so that Exchange will always
> have one available.
>
> There should be a GC in each sites in any case -- maybe
> two if the site is critical to your business.
>
>
>>So, since (from what little I know and understand) the first domain
>>controller installed is the schema master, what do we do? Can we just,
>>somehow, put in a brand new 2000 server, do a chromo on it, then
>>somehow designate it as the schema master or whatever else it needs to
>
>
> You can both add another DC and you can pick one to "seize the roles" ;
> the two are separate issues and you probably shouldn't complicate things
> by doing both at the same time but it also should work that way.
>
>
>>be and hope that it gets a good replication from the other DCs on the
>
>
> If you DCPromo you must get "good replication" or the DCPromo will
> never complete anyway.
>
>
>>other sites? How would I go about such a thing, if this is the way to go?
>
>
> NTDSUtil in the roles area. You connect (use) the DC will seize or
> accept the roles: Schema Master, Domain Naming Master, PDC emulator,
> RID Master, and Infrastructure Master
>
> ...but NOT the GC. "GC" is not a (single master) role.
>
> NEVER seize a role if the original will ever be brought back
> as a DC -- so don't do this until you give up on the repair of DC1.
>
> Also note that you can make more GCs now. Many GCs are fine. More
> than one (single) master is bad, very bad:
>
> After
> NTDS metadata cleanup
>
> Search Google for:
>
> [ NTDS "metadata cleanup" remove DC Domain ]
>
> No need to add either site:microsoft.com OR microsoft:
> since the NTDS and other terms make it Microsoft specific
> by itself.
>
> Unless you WISH to restrict answers to the site:microsoft.com
> for some reason.
>
> [ NTDS "metadata cleanup" remove DC Domain site:microsoft.com ]
>
> Key points to NOTE when doing the metadata cleanup:
>
> You CONNECT to a WORKING DC.
> You SELECT the missing/dead DC or DOMAIN
>
> 'Connect' and 'Select' are technical terms in this context.
>


We're going to try the repair first. If that doesn't work, we'll look
into the other options.

I neglected to mention that each DC at each site (there's only one DC at
each site) has DNS installed and is AD Integrated. Each DC was also
designated as a GC server. Why Exchange will not reference one of these
other GCs is unknown. Each worksation and server were given DC1 and DC3
as their DNS servers. DC3 is online and working normally as far as we
can tell.

I will post back when I know more. Thanks.

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Jim in Arizona wrote:
>> Herb Martin wrote:
>>
>>
>> You could try a REPAIR install from the original CD -- do
>> install into same directory and MAKE SURE that it ask if
>> you wish to do a Repair (or new) install and confirm the
>> repair. (This works in nearly all cases.)


We did the repair, got the prompt, did a fixboot and all was well.

Thanks for all the pointers Herb. I'm going to keep your post archived
for any future disasters that may be.

Jim

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

"Jim in Arizona" <tiltowait@hotmail.com> wrote in message
news:#OSPgd6aFHA.1312@TK2MSFTNGP09.phx.gbl...
> Jim in Arizona wrote:
> >> Herb Martin wrote:
> >>
> >>
> >> You could try a REPAIR install from the original CD -- do
> >> install into same directory and MAKE SURE that it ask if
> >> you wish to do a Repair (or new) install and confirm the
> >> repair. (This works in nearly all cases.)
>
>
> We did the repair, got the prompt, did a fixboot and all was well.
>
> Thanks for all the pointers Herb. I'm going to keep your post archived
> for any future disasters that may be.

I will live in infamy <grin> Glad it help.

I am an evangelist for Repair Installs. <BIG GRIN> They have saved
every machine where I have used the technique (and the hardware was
intact.)

And they can even be used for migrating a backup to new hardware --
after the restore, the repair install can fixup hardware incompatibilities.

This is probably the best kept 'secret' to fixing Windows machines.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

>
> Jim