Re: [ActiveDir] Restoring RID
Collegues, Thank you all for your responses. They were very helpfull. I managed to restore the system. Thank you, Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. == Paul Williams [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 14/08/2006 11:48 Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject Re: [ActiveDir] Restoring RID Restore it as you would any other DC. The documentation that you refer to is either out of date, or incorrect. The DS will invalidate the current RID pool when you restore and request a new one from the RID master (itself) which should be the same value as it was when it went down (if the backup is from the night before or very recent, unless you've been doing lots of security principal creations). If it isn't, the new value will be replicated in (the value is held by all DCs -I don't think the RID master does anything different when replicating) as far as I'm aware. The issues with the RID master arise if you have multiple RID masters. Which, with k3 shouldn't really be possible if network and replication are OK. There were a bunch of changes made in SP1, SP2 and SP3 for the RID master and the way a DC handles its current RID pool, etc. As far as I'm aware, all of these issues are in the past and Win2k SP4/ Wink3 don't have any problems. --Paul - Original Message - From: Lucia Washaya To: ActiveDir@mail.activedir.org Sent: Monday, August 14, 2006 9:50 AM Subject: Re: [ActiveDir] Restoring RID How do I move the RID role when that server is already crashed? I want to recover from the loss of the RID master, so I canot move it since it is not available. Or there is a way to do it? Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. == Matt Hargraves [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 14/08/2006 03:43 Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject Re: [ActiveDir] Restoring RID I always recommend transferring FSMO roles from a box before upgrading it, then moving it back after the upgrade is completed successfully. If you've got enough DCs to justify splitting FSMO roles, you've got enough to move it to another box for a week to upgrade the box. On 8/13/06, Chong Ai Chung [EMAIL PROTECTED] wrote: When the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs. The best way is: - to use another DC to seize the RID master role. - Rebuild the OS on crashed DC and promote it back as Domain Controller - transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya [EMAIL PROTECTED] wrote: Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
Re: [ActiveDir] Restoring RID
How do I move the RID role when that server is already crashed? I want to recover from the loss of the RID master, so I canot move it since it is not available. Or there is a way to do it? Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. == Matt Hargraves [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 14/08/2006 03:43 Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject Re: [ActiveDir] Restoring RID I always recommend transferring FSMO roles from a box before upgrading it, then moving it back after the upgrade is completed successfully. If you've got enough DCs to justify splitting FSMO roles, you've got enough to move it to another box for a week to upgrade the box. On 8/13/06, Chong Ai Chung [EMAIL PROTECTED] wrote: When the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs. The best way is: - to use another DC to seize the RID master role. - Rebuild the OS on crashed DC and promote it back as Domain Controller - transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya [EMAIL PROTECTED] wrote: Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
RE: [ActiveDir] Restoring RID
Hi Lucia, You can seize the roles via NTDSUTIL. http://www.petri.co.il/seizing_fsmo_roles.htm Robert Rutherford QuoStar Solutions Limited The Enterprise Pavilion Fern Barrow Wallisdown Poole Dorset BH12 5HH T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lucia Washaya Sent: 14 August 2006 09:50 To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Restoring RID How do I move the RID role when that server is already crashed? I want to recover from the loss of the RID master, so I canot move it since it is not available. Or there is a way to do it? Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. == Matt Hargraves [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 14/08/2006 03:43 Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject Re: [ActiveDir] Restoring RID I always recommend transferring FSMO roles from a box before upgrading it, then moving it back after the upgrade is completed successfully. If you've got enough DCs to justify splitting FSMO roles, you've got enough to move it to another box for a week to upgrade the box. On 8/13/06, Chong Ai Chung [EMAIL PROTECTED] wrote: When the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs. The best way is: - to use another DC to seize the RID master role. - Rebuild the OS on crashed DC and promote it back as Domain Controller - transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya [EMAIL PROTECTED] wrote: Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
Re: [ActiveDir] Restoring RID
Restore it as you would any other
DC. The documentation that you refer to is either out of date, or
incorrect. The DS will invalidate the current RID pool when you restore
and request a new one from the RID master (itself) which should be the same
value as it was when it went down (if the backup is from the night before or
very recent, unless you've been doing lots of security principal
creations). If it isn't, the new value will be replicated in (the value is
held by all DCs -I don't think the RID master does anything different when
replicating) as far as I'm aware.
The issues with the RID master arise if
you have multiple RID masters. Which, with k3 shouldn't really be possible
if network and replication are OK.
There were a bunch of changes made in SP1,
SP2 and SP3 for the RID master and the way a DC handles its current RID pool,
etc. As far as I'm aware, all of these issues are in the past and Win2k
SP4/ Wink3 don't have any problems.
--Paul
- Original Message -
From:
Lucia Washaya
To: ActiveDir@mail.activedir.org
Sent: Monday, August 14, 2006 9:50
AM
Subject: Re: [ActiveDir] Restoring
RID
How do I move the RID role
when that server is already crashed? I want to recover from the loss of the
RID master, so I canot move it since it is not available. Or there is a way to
do it? Lucia
WashayaCITS UNIOSILTel.: 022-295-526 xtn. 5497Int'l Tel.:
Via Italy + (39) 083123-5497Via USA +1(212) 963-9588 (after audio response
dial
174-5497)==The
cobra will bite whether you call it Cobra or Dear Mr.
Cobra.==
"Matt Hargraves"
[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED]
14/08/2006 03:43
Please respond
toActiveDir@mail.activedir.org
To
ActiveDir@mail.activedir.org
cc
Subject
Re: [ActiveDir] Restoring
RID
I
always recommend transferring FSMO roles from a box before upgrading it, then
moving it back after the upgrade is completed successfully.If you've
got enough DCs to justify splitting FSMO roles, you've got enough to move it
to another box for a week to upgrade the box. On 8/13/06, Chong Ai Chung [EMAIL PROTECTED]
wrote: When the RID flexible single-master operations
DC is restored, it may use old RID pool values, and it can cause the restored
RID flexible single-master operations DC to begin issuing duplicate
SIDs. The best way
is: - to use another DC
to seize the RID master role. - Rebuild the OS on
crashed DC and promote it back as Domain Controller -
transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya
[EMAIL PROTECTED] wrote:
Colleagues,
We have a server which crashed
during upgrade (2000 to 2003). Now we want to restore it. Problem is
this server is the RID holder and the documentation on the technet says
"Restoring the RID Master can result
in Active Directory data corruption, so it is not recommended." So
what is the best way to restore this server? Thank you in
advance for your assistance Regards,
Lucia WashayaCITS UNIOSILTel.: 022-295-526 xtn. 5497
Int'l Tel.: Via Italy + (39) 083123-5497Via USA +1(212) 963-9588
(after audio response dial
174-5497)==The
cobra will bite whether you call it Cobra or Dear Mr. Cobra.
==
[ActiveDir] Restoring RID
Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia Washaya CITS UNIOSIL Tel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497 Via USA +1(212) 963-9588 (after audio response dial 174-5497) == The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
Re: [ActiveDir] Restoring RID
When the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs. The best way is: -to use another DC to seize the RID master role. - Rebuild the OS on crashed DC and promote it back as Domain Controller - transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya [EMAIL PROTECTED] wrote: Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia WashayaCITS UNIOSILTel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497Via USA +1(212) 963-9588 (after audio response dial 174-5497)==The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
Re: [ActiveDir] Restoring RID
I always recommend transferring FSMO roles from a box before upgrading it, then moving it back after the upgrade is completed successfully.If you've got enough DCs to justify splitting FSMO roles, you've got enough to move it to another box for a week to upgrade the box. On 8/13/06, Chong Ai Chung [EMAIL PROTECTED] wrote: When the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs. The best way is: -to use another DC to seize the RID master role. - Rebuild the OS on crashed DC and promote it back as Domain Controller - transfer the RID master role back to the rebuild DC. Regards, Ai Chung On 8/14/06, Lucia Washaya [EMAIL PROTECTED] wrote: Colleagues, We have a server which crashed during upgrade (2000 to 2003). Now we want to restore it. Problem is this server is the RID holder and the documentation on the technet says Restoring the RID Master can result in Active Directory data corruption, so it is not recommended. So what is the best way to restore this server? Thank you in advance for your assistance Regards, Lucia WashayaCITS UNIOSILTel.: 022-295-526 xtn. 5497 Int'l Tel.: Via Italy + (39) 083123-5497Via USA +1(212) 963-9588 (after audio response dial 174-5497)==The cobra will bite whether you call it Cobra or Dear Mr. Cobra. ==
