Archived from groups: microsoft.public.win2000.active_directory (
More info?)
"" wrote:
> My w2k PDC just died, totally crashed and burned which hosts
> my AD. Only
> have a BDC NT4 box (needed for unix server to do NTLM with
> domain), got no
> other BDC w2k boxes and my system state backup happens to be
> corrupted on
> the media its on. (Murphy working its magic again).
>
> So in theory Im dead! and probably will have to build another
> AD, using the
> NT4 BDC which has the basic user account information to
> upgrade to a new w2k
> domain
>
> Then switch over all computers to new domain, and some how get
> access to the
> mailboxes/PF's on the exchange server? I have all the
> mailboxes/folders on
> backup (medias still good) so can probably redirect restore to
> another
> exchange server, since I dont think I can easily reclaim the
> exchange server
> due to different domain security ID's for all the objects.
>
> Im on the right track, anyone got a miracle solution?
Just to be sure... The W2K PDC belonged to the same domain as the NT4
BDC... Is this true? If yes.. the following might help you
As your AD is dead you also don’t have a configuration partition with
the Exchange configuration
try the following:
* Promote your last NT4 BDC to PDC (let’s call this box NT4DC01)
* Cleanup the NT4 domain by removing the account of the W2K PDC
* Install TWO!! W2K or W2k3 members in the NT4 domain and install and
configure DNS and WINS (and DHCP if needed) on them (W2KxDC01 and
W2KxDC02)
* Install additional NT4 BDC (let’s call this box NT4DC02) (use some
desktop) and point for DNS and WINS to W2KxDC01 and W2KxDC02
* if you have other w2k/wxp/w2k3 clients/servers see also:
http://support.microsoft.com/?kbid=298713 and
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q284937 and
http://www.petri.co.il/first_dc_in_domain_problem.htm. However your
clients might allready be using the old w2k pdc in the past so at this
moment they will not authenticate to the nt4 dc because the
w2k/wxp/w2k3 clients/servers already upgraded the secure chanel
* Upgrade NT4Dc02 to W2K or W2K3
* DCPROMO W2KxDC01 and W2KxDC02 to DCs
* Reconfigure AD OUs, sitees, subnets, etc
* Assign GC role to W2KxDC01 and W2KxDC02
* Transfer FSMO roles from NT4Dc02 to either W2KxDC01 or W2KxDC02
* Demote NT4Dc02 and remove from domain
* install exchange organisation, administrative groups, routing
groups, server with the same names
* restore exchange stores
* If needed connect mailboxes to user accounts
The SIDs used on resources will be no issue regarding translation
because you upgraded the domain and the domain SID does not change
because of that. Resources will still be available for users/groups
that existed on the NT4 BDC.
If you created a pristine w2k domain and migrated users from an NT4
domain to the AD domain then you would have a SID issue, but if I read
correctly it will be no issue
Cheers,
--
Posted using the
http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL:
http://www.windowsforumz.com/Active-Directory-big-troub...
Visit Topic URL to contact author (reg. req'd). Report abuse:
http://www.windowsforumz.com/eform.php?p=1744293