No, it was an admin (new guy) that caused the initial problem. On Tue, Feb 23, 2010 at 12:05 PM, Jeff Bunting <[email protected]>wrote:
> Good to hear it is fixed but, unless I misunderstood the problem, isn't the > fact that this was able to happen in the first place indicative of something > else being wrong? (AD replication?) > > Jeff > > > On Tue, Feb 23, 2010 at 12:39 PM, Michael Leone <[email protected]>wrote: > >> On Tue, Feb 23, 2010 at 11:07 AM, Michael Leone <[email protected]> >> wrote: >> > On Tue, Feb 23, 2010 at 11:00 AM, Michael B. Smith >> > <[email protected]> wrote: >> >> Then your plan seems reasonable, as I don't believe dcpromo in Windows >> 2000 supported the "forceremoval" flag. >> > >> > Great! I was worried about the order of steps. I guess we'll get >> > started now .... >> > >> > Thanks. I'll report back, when it's done. >> >> This all worked. I follwed the steps below, which worked as >> advertised. Had only 2 small issues - when removing the server from >> Sites and Services, I had to delete all the connections first (pretty >> obvious ...), but then I had to delete the "NTDS Settings" entry - I >> couldn't delete the server name itself. Then, when cleaning up DNS, I >> had to remove the server name as "Name Server" on the properties of >> every Reverse Lookup Zone .. and I have like 90 of those, one for >> every subnet ... :-) >> >> But it all seemed to go OK. No sign of the server in AD anywhere, and >> I ran "repadmin" to force the other DC in this domain to pull the >> changes from the DC I performed the cleanup on. >> >> (just some notes, in case anyone searches for a similar issue) >> >> Thanks >> >> > >> >> >> >> Regards, >> >> >> >> Michael B. Smith >> >> Consultant and Exchange MVP >> >> http://TheEssentialExchange.com >> >> >> >> >> >> -----Original Message----- >> >> From: Michael Leone [mailto:[email protected]] >> >> Sent: Tuesday, February 23, 2010 10:59 AM >> >> To: NT System Admin Issues >> >> Subject: Re: Win2000 - DC seems to have been renamed >> >> >> >> On Tue, Feb 23, 2010 at 10:51 AM, Michael B. Smith < >> [email protected]> wrote: >> >>> Just to make sure - you DO have ANOTHER DC/GC, right? >> >> >> >> I have 2 others, yes. >> >> >> >> The renamed DC is in a child domain. The parent domain has 4 DCs; the >> child has 3. Of those 3, only this one is fubarred, from what I can see. >> >> >> >>> >> >>> Regards, >> >>> >> >>> Michael B. Smith >> >>> Consultant and Exchange MVP >> >>> http://TheEssentialExchange.com >> >>> >> >>> -----Original Message----- >> >>> From: Michael Leone [mailto:[email protected]] >> >>> Sent: Tuesday, February 23, 2010 10:37 AM >> >>> To: NT System Admin Issues >> >>> Subject: Win2000 - DC seems to have been renamed >> >>> >> >>> Got a bit of an emergency. We run a Win2000 domain (yes, we realize >> >>> it's not supported any longer; that's why we were planing on upgrading >> >>> it to Win2003 this weekend ...) >> >>> >> >>> Anyway, this morning, we saw something strange. One of my DCs - >> >>> ADMNWDC003 - seems to have been renamed in AD to ADMNWDC003TEMP. Turns >> out, the new guy was making a new DC for one of our other sites, and >> inadvertently called this new DC he was building the existing name of >> ADMNWDC003. He tried to rename the computer account, but the damage was >> done. >> >>> >> >>> It shows up in AD U&C, Domain Controllers as "ADMNWDC003TEMP". The >> actual computer, however, still has the name of ADMNWDC003. Sites and >> Services still lists it as ADMNWDC003. So what I've got are entries for a DC >> that now longer has a valid computer account ... >> >>> >> >>> So now we're more than slightly stuck in it. :-( >> >>> >> >>> I can't DCPROMO the physical computer back down from not being a DC, >> since there's no corresponding computer account. Luckily, it holds no FSMO >> roles. >> >>> >> >>> Here's what we think we should do - >> >>> >> >>> Power down ADMNWDC003. >> >>> Delete the ADMNWDC003TEMP computer account in AD U&C. >> >>> Use ADSIEDIT to remove the ADMNWDC003 entries, *and* ADMNWDC003TEMP >> entries, as per KB 555846 ("How to remove completely orphaned Domain >> Controller"). >> >>> Then clean up AD , by using KB 216498 ("How to remove data in AD after >> an unsuccessful domain controller demotion"). >> >>> >> >>> Any and every help greatly appreciated. Will this work? I want to fix >> my AD, so we can upgrade to a supported version ASAP. >> >>> >> >>> Thanks >> >>> >> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> >>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >>> >> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> >>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >>> >> >>> >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < >> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> >> >> >> > >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > > > > -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
