none
Re-addition of a DC without demotion

    Question

  • Dear All,

    i had initially 2 DC's in my domain and i am a child domain of our company's worldwide forest. Server1 was the main DC that has been suffered due to some hardware issues. and i have move FSMO to the Server2 that is the backup of Server1.

    And i didnt dismount the Server1 and server2 is now working as the Main DC. Now i have re-install the Server1 after installation of new hardware.

    Is it possible that i give the machine the name as "Server1" and the same IP address that it was having before and add it to the domain? it is ok or not ?

    (i want to give it the same name because i have a NTbackup of Exchange previously installed on this Server1 and now i want to restore the Exchange Backup on it)

    Please Suggest.

    Regards,

    Rashid Ali


    • Edited by Rashid.Ali Saturday, April 14, 2012 8:44 AM
    Saturday, April 14, 2012 8:43 AM

Answers

All replies

  • Hi,

    There is no any problem to use same name and IP address.

    Did you demote the SERVER1 gracefully?
    >> If yes, ensure the everything is replicated to all other DCs and you can promote the new server using the same name and IP address.

    >> If not you need to perform metadata cleanup by stepping through http://support.microsoft.com/kb/555846 then Wait until the changes replicate throughout the forest then promote the new server as a DC using same name and IP. 

    Check his thread for more information : Replacing Old Domain controller, but keeping same name and IP


    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.



    Saturday, April 14, 2012 8:52 AM
  • You said server 1 went down , Have you seized the FSMO roles?

    If yes,

    I would recommand not to name it as server1. Reason is you have seized the FSMO roles and it will create lot of problems when you name server to its old name.

    This is because its refernces in Active directory. Even If you have performed metadata clean up , there will be some small(ignored referece) in AD.

    Hope this will help you.

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights. Email-giteepag@yahoo.co.in

    Saturday, April 14, 2012 8:56 AM
  • There is no problem in assigning same server name to server1 as long as the instances of Server1 are not present in AD database.Since you have moved the FSMO roles to server2 and if the SERVER1 demotion was graceful then you can assign the same Servername/IP Address,but if the demotion was not done and if you have directly install OS or have done forceful demotion in this case you need to first perfrom metadata cleanup and then proceed with server promotion.

    Complete Step by Step Guideline to Remove an Orphaned Domain controller (including seizing FSMOs, running a metadata cleanup, and more)
    http://msmvps.com/blogs/acefekay/archive/2010/10/05/complete-step-by-step-to-remove-an-orphaned-domain-controller.aspx
    http://sandeshdubey.wordpress.com/2011/10/12/metadata-cleanup-of-a-domain-controller/

    I would also recommend not to install exchange on DC.It should on member server this is the correct time to do so.

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    Saturday, April 14, 2012 9:00 AM
  • Thank you all very much,

    Dear As i have mentioned above that i haven't perform any of demotion neither graceful nor forceful and i have simply transferred the FSMO to the other DC.

    i haven't seized the FSMO on Server1. i just simply unplug it from the Network and Installed the New Windows Server on it after new hardware installation.

    Now i want to give it the same name as Server1 and the same IP and its entries are residing in the domain everywhere in all places it has created when it was installed previously.

    is it ok to move forward as i want?

    Regards,

    Rashid

    Saturday, April 14, 2012 9:26 AM
  • As mentioned before since you only transfered the FSMO role and not demoted the DC and have directly reinstalled OS on Server1.You need to login on Server2 and perform metadata cleanup to remove the instances of server1 and then only you can assign same name and IP address to SERVER1 and then promote server1 as DC.


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    Saturday, April 14, 2012 9:35 AM
  • Hi

    I am very much agree with the sandesh dubey as we have to run the metadata cleanup to clean server1 addatabase.

    Follow the below given link.

    http://technet.microsoft.com/en-us/library/cc736378(v=ws.10).aspx

    http://www.petri.co.il/delete_failed_dcs_from_ad.htm

    Ajay sharma.

    Saturday, April 14, 2012 9:36 AM
  • You said that you have unplugged it from the network , installed new Hardware on it and then installed OS on it.

    Before unplugging it did you run DCpromo to demote it ? ( I assume you have not)

    That means Old server 1 references still exists in your Active directory.

    Now , You will have to perform Metadata cleanup to remove old DC reference http://support.microsoft.com/kb/216498

    Once done check for DNS entries in DNS of Old server 1 DC.

    Check here,

    -Each & every sub folder inside _msdcs folder in DNS

    -Name server tab in DNS

    -Host records in DNS

    Once you made sure none of the Reference exists , wait for replication.

    After this promote the new window server as domain controller (I still recommend you to use different name as I have seen the scenarios where we have faced lot of problems if we use same name and IP address of failed DC).

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights. Email-giteepag@yahoo.co.in

    Saturday, April 14, 2012 9:42 AM
  • you all are correct :-)

    i have tried to join the server with domain as additional DC with the same name Server1. it gives the error joining domain "the specified user already exist"

    But i have now run metadata cleanup using server2 and successfully demote and remove the Server1 by following the link http://www.petri.co.il/delete_failed_dcs_from_ad.htm

    i have restarted the Server1 machine after metadata cleanup.

    Now i am trying to run dc promo with the same name Server1 but again it give the same error.

    "Error joining Domain" 

    The attempt to join this computer to the abc.com domain failed.

    "The specified user already exist."

    What should i do Now.:-(

    Regards,

    Saturday, April 14, 2012 11:09 AM
  • Hello,

    if a DC is NOT demoted but removed from the domain the AD database must be cleaned fropm it and also AD sites and services and DNS zones and zone properties. NO way around if you like to have a good running domain and the event viewer not flooded with errors.

    http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx

    Never reuse a DC name BEFORE it is cleaned.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, April 14, 2012 11:13 AM
  • It seems that still the instances of server is present.Have you removed the instances from DNS,AD sites and services & Domain Controller OU.

    To remove the failed server object from the sites
    1. In Active Directory Sites and Services, expand the appropriate site.
    2. Delete the server object associated with the failed domain controller.

    To remove the failed server object from the domain controllers container
    1. In Active Directory Users and Computers, expand the domain controllers container.
    2. Delete the computer object associated with the failed domain controller.

    To remove the failed server object from DNS
    1. In the DNS snap-in, expand the zone that is related to the domain from where the server has been removed.
    2. Remove the CNAME record in the _msdcs.root domain of forest zone in DNS. You should also delete the HOSTNAME and other DNS records.
    3. If you have reverse lookup zones, also remove the PTR record of the server from these zones

    Once done ensure that you point the preferred dns setting on Server1 to Server2 and then promote the DC.

    http://sandeshdubey.wordpress.com/2011/10/12/metadata-cleanup-of-a-domain-controller/

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Saturday, April 14, 2012 11:15 AM
  • Did you check the DNS entries for old DC as I suggested in my previous post...

    Please make sure that none of the old reference exists and then promote it as DC.

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights. Email-giteepag@yahoo.co.in

    Saturday, April 14, 2012 11:17 AM
  • Hello Rashid.Ali,

    as i mentioned in http://social.technet.microsoft.com/Forums/en/winserverDS/thread/d00bd1b5-7f78-4202-a3f5-29f5b97c59c1 please work problem by problem and THEN go on with another thread.

    I can understand that you have multiple questions BUT still this is one topic about changing the DC/Exchange environment. Thank you for understanding.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, April 14, 2012 11:47 AM
  • Hi,

    You need to perform the following steps to perform a metadata cleanup before re-add the DC with the same name and IP address.

    1.Use the following knowledgebase to remove common Domain Controller settings from the Active Directory.
     
    http://support.microsoft.com/kb/216498
     
     
    Note 1: : You may need to seize the FSMO to alternative Domain Controller
     
    Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
    http://support.microsoft.com/kb/255504
     
    Note 2: You may need to configure a new authoritative timerver in the domain.
     
    2. Remove old computer account by using "Active Directory Sites and Services" tool.

    3. Remove old DNS and WINS records of the orphaned Domain Controller.
     
    4. Use "ADSIEdit" to remove old computer records from the Active Directory:
         
    a. OU=Domain Controllers,DC=domain,DC=local
    b. CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
    c. CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=domain,DC=local
                  
    5. Force Active Directory replication by using "Repadmin.exe" tool:
     
    Using Repadmin.exe to troubleshoot Active Directory replication
    http://support.microsoft.com/kb/229896/

    Regards,


    Arthur Li

    TechNet Community Support

    Monday, April 16, 2012 7:04 AM
    Moderator