Promote Additional Domain controller to Primary Domain Controller

Discussion in 'Active Directory' started by Noel Pereira, Feb 2, 2008.

  1. Noel Pereira

    Noel Pereira Guest

    Dear Sir,
    Our Domain "SevenSeasgroup.co.ae" had two domain controller .one
    is Primary domain controller and other one is additional domain controller. A
    week before primary domain controller was down(Operating System corrupted)
    and it is inactive.Now we are managing all the users and computers with
    additional domain controller and facing lot of problems without primary
    domain controller. Please tell me the procedures to promote this additional
    domain controller to Primary Domain controller.

    Regards

    Abdul Rahuman.M
     
    Noel Pereira, Feb 2, 2008
    #1
    1. Advertisements

  2. Hello Noel,

    If it NEVER comes back, you have to seize the FSMO roles:
    http://support.microsoft.com/kb/255504/en-us

    Also make it a Global catalog server and DNS server, if not already done
    before.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 2, 2008
    #2
    1. Advertisements

  3. Noel Pereira

    Marcin Guest

    Marcin, Feb 2, 2008
    #3
  4. Noel Pereira

    Noel Pereira Guest

    Dear Meinolf,

    Following error is appearing while seizing the roles.
    "
    Attempting safe transfer of domain naming FSMO before seizure.
    ldap_modify_sW error 0x34(52 (Unavailable).
    Ldap extended error message is 000020AF: SvcErr: DSID-03210362, problem 5002
    (UN
    AVAILABLE), data 8

    Win32 error returned is 0x20af(The requested FSMO operation failed. The
    current
    FSMO holder could not be contacted.) "

    Please note that Primary Domain controller is no more Available and all the
    systems are managing by Additional Domain Controller only. Please advise .


    Regards

    Abdul Rahuman.M
     
    Noel Pereira, Feb 2, 2008
    #4
  5. Noel Pereira

    Noel Pereira Guest

    Dear Marcin,

    Following are the error when attempting to seize the roles.


    Attempting safe transfer of domain naming FSMO before seizure.
    ldap_modify_sW error 0x34(52 (Unavailable).
    Ldap extended error message is 000020AF: SvcErr: DSID-03210362, problem 5002
    (UN
    AVAILABLE), data 8

    Win32 error returned is 0x20af(The requested FSMO operation failed. The
    current
    FSMO holder could not be contacted.)

    Please advice.

    Regards

    Abdul Rahuman.M
     
    Noel Pereira, Feb 2, 2008
    #5
  6. Hello Noel,

    Srcoll down in the document to the part SEIZE the FSMO roles.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 2, 2008
    #6
  7. Meinolf Weber, Feb 2, 2008
    #7
  8. Noel Pereira

    s Guest

    How are you trying to move the FSMO roles ?

     
    s, Feb 2, 2008
    #8
  9. Noel Pereira

    Noel Pereira Guest

    Dear Marcin,

    According to this microsoft Article
    http://support.microsoft.com/kb/255504/en-us , i move all the FSMO roles to
    the BackupDomain Controller. Please tell me , how can i check the roles are
    assigned to the Backup controller. And also please advice me , how to make
    backup domain controller as global catalog server.


    Regards

    Abdul Rahuman.M
     
    Noel Pereira, Feb 5, 2008
    #9
  10. Hello Noel,

    The document also contains the Global catalog part.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 5, 2008
    #10
  11. Noel Pereira

    Noel Pereira Guest

    Ok. I have assigned FSMO roles to Backup Domain Controller. Please tell me ,
    where can i go and check these roles were assigned properly.
     
    Noel Pereira, Feb 5, 2008
    #11
  12. Noel Pereira

    Noel Pereira Guest

    Hello Meinolf,

    Thanks for your king Cooperation. I have promoted Backup Domain
    controller to PDC by seizing all five roles. Now while working on users and
    computers ,When i attmept to display members of any security group , i got
    the following error.

    " A global catalog cannot be located to retrieve the icons
    for the member list"

    Then i configure this new PDC as global catalog server.After
    that i am not getting any error when working on the "Active Directory users
    and computers" Kindly advice me, is there any problem configuring 'global
    catalog server' and 'infrastructure master' on the same Domain Controller ?.
    what are the impacts will happen ? and please advice me how to solve this
    issue ?


    Regards

    Abdul Rahuman
     
    Noel Pereira, Feb 6, 2008
    #12
  13. Hello Noel,

    No impact, if you have a single forest, single domain environment like you
    have.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 6, 2008
    #13
  14. Noel Pereira

    Noel Pereira Guest

    Hello Meinolf,

    Thanks for your advice. Now i have promoted a Backup
    Domain Controller for this new PDC . After this operation, i cant able to
    open anything in Active Directory on BDC.I am getting the following error
    when i open "Active Directory Users and Computers" in BDC.

    " Naming Information cannot be located because: The
    Specified domain either does not exist or could not be contacted. ".

    Please help me to make new Backup domain Controller in operational.


    Regards

    Abdul Rahuman.M
    Tel:8033-306
     
    Noel Pereira, Feb 6, 2008
    #14
  15. Hello Noel,

    Just one note before. Since windows 2000 there are no longer the terms PDC/BDC,
    all Dc's are the same, the differences are in the FSMO roles.

    Did you run dcdiag and netdiag before starting with the new server on the
    old machine to see that everything is ok and without errors?

    Please describe the steps you have taken to promote the new machine. Also
    post an ipconfig /all from both machines.


    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 6, 2008
    #15
  16. Noel Pereira

    Noel Pereira Guest

    Hello Meinolf,

    Backup Domain Controller is done and i can open the
    Active Directory. The Problem now is , What ever the modification i m doing
    in the Primary Domain controller is not replicating in Backup Domain
    Controller. So i planned to demote the BDC and Promote Again. When i start
    Demoting , i could see a error message
    " A Domain Controller could not be contacted for the domain
    SevenSeasgroup.co.ae that contained an account for this Computer".

    Please let me know what is this error ? Why the modification is not
    replicating?

    Regards

    Abdul rahuman.M
     
    Noel Pereira, Feb 13, 2008
    #16
  17. Hello Noel,

    Do not demote in the moment. let's try to find your problem. As ia sked BEFORE:

    Did you run dcdiag and netdiag before starting with the new server on the
    old machine to see that everything is ok and without errors?

    Please describe the steps you have taken to promote the new machine. Also
    post an ipconfig /all from both machines.



    Best regards

    Meinolf Weber
     
    Meinolf Weber, Feb 13, 2008
    #17
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.