On Tue, Feb 23, 2010 at 11:00 AM, Michael B. Smith <mich...@smithcons.com> wrote: > Then your plan seems reasonable, as I don't believe dcpromo in Windows 2000 > supported the "forceremoval" flag.
Great! I was worried about the order of steps. I guess we'll get started now .... Thanks. I'll report back, when it's done. > > Regards, > > Michael B. Smith > Consultant and Exchange MVP > http://TheEssentialExchange.com > > > -----Original Message----- > From: Michael Leone [mailto:oozerd...@gmail.com] > Sent: Tuesday, February 23, 2010 10:59 AM > To: NT System Admin Issues > Subject: Re: Win2000 - DC seems to have been renamed > > On Tue, Feb 23, 2010 at 10:51 AM, Michael B. Smith <mich...@smithcons.com> > wrote: >> Just to make sure - you DO have ANOTHER DC/GC, right? > > I have 2 others, yes. > > The renamed DC is in a child domain. The parent domain has 4 DCs; the child > has 3. Of those 3, only this one is fubarred, from what I can see. > >> >> Regards, >> >> Michael B. Smith >> Consultant and Exchange MVP >> http://TheEssentialExchange.com >> >> -----Original Message----- >> From: Michael Leone [mailto:oozerd...@gmail.com] >> Sent: Tuesday, February 23, 2010 10:37 AM >> To: NT System Admin Issues >> Subject: Win2000 - DC seems to have been renamed >> >> Got a bit of an emergency. We run a Win2000 domain (yes, we realize >> it's not supported any longer; that's why we were planing on upgrading >> it to Win2003 this weekend ...) >> >> Anyway, this morning, we saw something strange. One of my DCs - >> ADMNWDC003 - seems to have been renamed in AD to ADMNWDC003TEMP. Turns out, >> the new guy was making a new DC for one of our other sites, and >> inadvertently called this new DC he was building the existing name of >> ADMNWDC003. He tried to rename the computer account, but the damage was done. >> >> It shows up in AD U&C, Domain Controllers as "ADMNWDC003TEMP". The actual >> computer, however, still has the name of ADMNWDC003. Sites and Services >> still lists it as ADMNWDC003. So what I've got are entries for a DC that now >> longer has a valid computer account ... >> >> So now we're more than slightly stuck in it. :-( >> >> I can't DCPROMO the physical computer back down from not being a DC, since >> there's no corresponding computer account. Luckily, it holds no FSMO roles. >> >> Here's what we think we should do - >> >> Power down ADMNWDC003. >> Delete the ADMNWDC003TEMP computer account in AD U&C. >> Use ADSIEDIT to remove the ADMNWDC003 entries, *and* ADMNWDC003TEMP entries, >> as per KB 555846 ("How to remove completely orphaned Domain Controller"). >> Then clean up AD , by using KB 216498 ("How to remove data in AD after an >> unsuccessful domain controller demotion"). >> >> Any and every help greatly appreciated. Will this work? I want to fix my AD, >> so we can upgrade to a supported version ASAP. >> >> Thanks >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
