HELP major problem with mixed mode, need to demote PDC...

Discussion in 'Active Directory' started by Nathan Walter, Feb 9, 2004.

  1. We have a mixed mode domain.. Right now we have an AD DC setup and running
    but it is conflicting with a winnt 4.0 PDC server. The PDC also runs our
    exchange server. What is happening is that when I load the AD server it
    errors out saying that there is another PDC present in the domain and kills
    just about everything so that no one can login. If the AD DC loads and the
    PDC is brought online after it errors out with the same message and of
    course because net logon wont start on the PDC this also kills the exchange
    processes. What i want to do is demote the PDC to a BDC so that it will
    play nice with AD.. I tried server manager on the NT4 machine but there is
    no option to demote it to a BDC, i think because it is recgonizing itself as
    the only PDC in the domain because it thinks that the AD server is a BDC....
    Nathan Walter, Feb 9, 2004
  2. Nathan Walter

    Chriss3 Guest

    what is the case here? Do you have two domains with the same NetBIOS name?


    Christoffer Andersson
    Chriss3, Feb 9, 2004
  3. Nathan Walter

    Adam Wood Guest

    How did you reach this state?? I can only assume that you created a
    parallel domain with the same name, or took a BDC off the network, made
    it a PDC, upgraded it to Windows 2000 before putting it back on the network.

    Either way you have two domains with the same name and in the end will
    have to lose one of them. From the sounds of things the existing NT4
    domain is more important, so I would suggest backing up both the Win2k
    domain controller and NT4 PDC, reinstalling the Win2k DC as a member
    server, upgrading the NT4 PDC to create a Windows 2000 domain upgraded
    from the NT4 domain, and then adding the Win2k server as a second DC.
    Adam Wood, Feb 9, 2004
  4. well.. We had a NT4 domain which was upgraded to a windows 2000 domain.
    its worked like this for a long time now, something another system admin
    did.. To tell you the truth i have no idea how it even worked but it did...
    But our DC just died due to hardware failure and its going to take several
    weeks to get it back.. SO we are trying to get the second DC we had to take
    over the domain but the second DC keeps coming back with this error about
    the PDC.. And so that is how we got where we are. All the servers are in
    the same domain the problem is that the DC is set to be the PDC for the
    WinNT domain but there is still a NT4 PDC that doesn't want to let go...
    Nathan Walter, Feb 9, 2004
  5. You may not have all your facts straight.

    There is *no* *way* a NT 4.0 PDC and a Win 2k DC can be in the same domain.

    When running dcpromo on the Win 2k server you are asked if this is the first
    DC in the domain. If you say no you are required to point it to a Win 2k AD
    DC or the install will fail. Since NT 4.0 has *no* AD information this will
    If you say yes, you are creating a NEW domain. If you do not upgrade and run
    dcpromo on your existing NT 4.0 PDC, you are creating a new Win 2k domain.
    The SID is different. Even if you name it the same the SID is different.

    In order to move your user info and SID into the Win 2k domain you MUST
    upgrade the PDC of your existing domain first.

    As I said there is no way to have a NT 4.0 PDC and Win 2k DC in the *same*

    A Win 2k server can ONLY be a PDC emulator (by upgrading the existing NT 4.0
    PDC) or a member server on a NT 4.0 domain.

    Is it possible the Win 2k server was set up in it's own domain and trusts
    were set up with the NT 4.0 domain?

    Danny Sanders, Feb 9, 2004
  6. There were no trusts setup as far as I know.. Is there a way to find out
    the SID of the two domains? Originally a PDC was upgraded from the original
    domain, to create the AD domain that we have. What I think may have
    happened is that for some reason, or some how when the AD DC went offline
    the NT4 machine got promoted to a domain controller for the domain and so
    this is what is screwing me up.. Anyways the system has always been a bit
    touchy, when rebooting systems you had to restart them in a specific order
    or nothing would come up right so I think something funky was done but
    anyways i have been working on smoothing this stuff out but having a DC
    suddenly crash like this didn't help matters any. I just want my domain
    back to where workstations can log in and our email works...
    Nathan Walter, Feb 9, 2004
  7. There were no trusts setup as far as I know.. Is there a way to find out
    Not that I know of. That does not mean there is no way, I don't know of any.

    What I think may have
    That would do it.

    Anyways the system has always been a bit

    Consider upgrading the NT 4.0 "PDC" to Win 2k and AD.

    Without knowing more I hesitate to suggest more.

    Danny Sanders, Feb 9, 2004
  8. Ok.. i got it all worked out now..

    I had to turn off the second DC, i then took another server and installed NT
    4 and joined it to the NT4 domain. I promoted that one to a PDC and demoted
    the other NT4 machine with exchange to a BDC. I then did a Win2k upgrade on
    the new PDC, installed AD and DNS etc. I then formatted the old DC and
    recreated a second Win2k DC. Everything seem sto be working well, infact
    probably better than it was before and atleast now I know it has been done
    the correct way.
    Nathan Walter, Feb 11, 2004
