Old DC won't let go

[Razule]

I've got this old 2k3 DC that even though all the FSMO roles have been transferred, it's DNS entry removed and settings on all routers and other DNS providers checked as well as static entries to make sure it's not in there and it's option to be a Global Catalog Server revoked, and all shares transferred off of it, it still apparently has some grip on the domain as when we take it down no one can log in to their roaming profile or access shares on the new DC and on the new DC more than half the time it can't access Active Directory Users and Computers when the old DC is turned off. I've run out of ideas as to what it can be as I've checked and rechecked the DNS settings (to include doing a flushdns on all machines), checked and rechecked that the FSMO roles are all transferred and showing to be on the new server and made doubly sure that the old server doesn't have the Global Catalog Server option checked. I've done everything short of decommissioning it but I'm afraid doing so will cause the same issues and then I'll be stuck. On a side note the new DC is a 2k8 R2, there is also a terminal server on 2k3 (it's access is also lost when the old DC is down). The domain and forest function levels are 2000 native and the terminal server is using 2000 licensing. With all that said...any ideas?

 

[sturm]

How many other DCs do you have besides the new 2k8 server and the old 2k server? If the 2,8 is the only other one, I would install another 2k8 server as a DC then remove the old 2k server as a DC.

Removing the old 2k server as a DC will tell you if there are any rolls still on it, the uninstall should warn you of this. Once it is removed, all inquiries should point to the new server.

 

[Razule]

there isn't a 2k server. The old DC is a 2k3 server and the new DC is a 2k8R2. The terminal server (only role on it) is also a 2k3 server but is running 2000 licensing however that works and the forest and domain function levels are set at 2000 native.

 

[Razule]

We seem to have come up with the reason and the solution to everything being messed up. A few things got cleared up as we went back and found out which of their past tech companies setup the term server. It wasn't who they first thought.

Reason: The last tech this company had didn't do things by the book. He's a self taught computer guru that knew enough to crack/patch the terminal licensing so that a fake 2000 license worked on a 2003 server. He also made a few other illegal adjustments that sadly has caused this mess. Sadly this isn't the only company we've taken over that he's had his fingers in but it is the most messed up one.

Solution: Luckily these people don't like being illegal and are willing to spend the money to do things right. We're going to rebuild their domain from scratch (luckily they only have about 20 users) and get them a new license for term server usage. Thankyou for your ideas and support.