Primary/Root Domain Controller Died

Discussion in 'Windows Server' started by Grumpa, Jun 20, 2005.

  1. Grumpa

    Grumpa Guest

    I just lost the "root tree of the forest" in my WIN 2003 Domain and want to
    know what I need to do to keep my domain working. Do I need to 'promote'
    another AD server to be the CA or ??? - whatever keeps track of the unique
    SIDs? Is there a good reference or checklist I can use to make sure it all
    get done? I've seen this type of info before on the web, but can't seem to
    find it when I desperately need it! Thanks, (Also, is there a better group
    to discuss this???)
    Grumpa, Jun 20, 2005
    1. Advertisements

  2. Grumpa

    David Davis Guest

    What you need to do is "Seize" the master roles and configure them on another
    server. Here is a article that I keep in a favorites. While it is for 2000
    the procedure should be the same. You may want to search for the exact
    procedure for 2003:

    If I find the 2003 version I will post it. Make sure you HEED ALL of the
    warnings when completing this.
    David Davis, Jun 21, 2005
    1. Advertisements

  3. Grumpa

    David Davis Guest

    David Davis, Jun 21, 2005
  4. Grumpa

    Manny Borges Guest

    Hey there old dude,

    David covered the process pretty well, but I just want to verify a few things.
    1 You have another DC in that domain, right?
    2 You realize that if FSMO the roles are siezed that the old DC can never
    come back. The hardware can be retasked and a new DC can be created, but the
    DC as it is named today must cease to exist.
    Manny Borges, Jun 21, 2005
  5. Grumpa

    Grumpa Guest

    I followed you very well until "DC as it is named today must cease to exist"
    and I just want to make sure I understand correctly... Are you saying I
    should never use that name/IP address (we use static IP addresses) as a DC
    ever again, or once I repair-reformat-reinstall Win 2003, I can make it a DC
    with that same name again but never 'recover' what I had before??? For some
    reason I was under the impression I could reuse the name/IP address because
    it now has a different SID, et al.???

    Otherwise, "Roger" on the multiple servers and the FSMO roles...

    Thanks! (See my profile for more info on the equipment I support.)

    Also, I"m still in a testing mode, but I used the second reference David
    provided and everything seems to be working great, so far!
    Grumpa, Jun 21, 2005
  6. Grumpa

    David Davis Guest

    What Manny is referring to is that if were able to restore the Dead
    controller that contained the master roles, you could not place it back into
    production as it would conflict with the new server. You can reuse the name
    and IP, as long as it is a new install and it rejoined the domain as a new DC.
    David Davis, Jun 21, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.