none
Domain controller holds the last replica of the following active directory partitions

    Question

  • Hi

    I have a 2000 domain and I added a 2008 DC. Now I need to demote the 2008 dc. I remember after putting the 2008 dc I had to transfer the domain name master role to the 2008 dc for it to create AD partitions (why would it need to create partitions when they have alreayd been created ??). Now all the roles have been transferred back to a 2000 dc but when im trying to demote the dc it gives me warning that my forest and domain dns zones are the last replicas of the directory partitions ? If i connect with ntdsutil to other dcs, they do have these partitions listed and ad still works when shutting down the 2008 dc.....

    Why would I get this warning ?? Is it safe to proceed and delete the directory partitions ?

    Thanks
    Dan
    Thursday, September 10, 2009 2:32 PM

Answers

  • Dan,
    these are the application partitions (ForestDNSZones and DomainDNSZones) - which were introduced in Windows Server 2003-based domains. The impact would depend on where your AD-integrated DNS zones are hosted. Before you proceed, make sure that their replication scope is set to all domain controllers in Active Directory domain...

    hth
    Marcin
    Thursday, September 10, 2009 2:42 PM

All replies

  • Dan,
    these are the application partitions (ForestDNSZones and DomainDNSZones) - which were introduced in Windows Server 2003-based domains. The impact would depend on where your AD-integrated DNS zones are hosted. Before you proceed, make sure that their replication scope is set to all domain controllers in Active Directory domain...

    hth
    Marcin
    Thursday, September 10, 2009 2:42 PM
  • Thanks for your reply Marcin,

    ALL the other controllers are windows 2000. I joined this 2008 DC to the existing domain and now removing the DC role from the 2008 machine.

    You say those partitions were introduced with 2003. If all my DCs that are left will be 2000.. I guess I dont need those partitions right ? I mean, I  guess my AD zone info is stored in other partitions for the 2000 dcs? Why would I need to replicate the 2003 + specific application partitions to the 2000 servers ?

    Thanks

    Dan

    Thursday, September 10, 2009 3:20 PM
  • Dan - in your case, the partitions were introduced when you promoted your Windows Server 2008 DC. You have an option of storing your AD-integrated DNS data in either of two application partitions (in which case, you need Windows Server 2003 - or newer - DCs) or in the domain partition (which is the original Windows 2000 Server-based AD model). Before you demote you Windows Server 2008 DC, make sure that DNS info is back in the domain partition...

    hth
    Marcin
    Thursday, September 10, 2009 3:26 PM
  • Thanks again for your Help Marcin..

    Can you give me a little hint on how to make sure that the DNS info is back in the domain partition ?

    Thanks ;)

    Dan
    Thursday, September 10, 2009 5:13 PM
  • Dan,
    already did - " Before you proceed, make sure that their replication scope is set to all domain controllers in Active Directory domain..." (General tab of zone's Properties in DNS Management console)

    hth
    Marcin
    Thursday, September 10, 2009 6:00 PM
  • Ok. I even see it's (for windows 2000 compatibility).


    Thanks A LOT!!!!!

    Youve been great help.

    Dan

    Thursday, September 10, 2009 6:34 PM