Can't access SQL after switching server role to domain controller

[Domo]

We're running SQL Server 2008 on Win Server 2008. It's used for testing web solutions we build.

Up until recently it was fine using local accounts, and as there was no need for AD we kept things simple. However, a recent applicaton requires an FQDN.

Subsequently I added the domain controller role - everything appears fine except it's stripped out all the local accounts. Now I can't access my SQL instance via Management Studio.

Any tips? Or is it a re-install job

 

[Nikumba]

This was a standalone machine on your network? Did you not have an active directory name?

FQDN means "machine.domain.local" not "machine" the domain part normally being your DNS domain, which you do not need the domain controller role.

You are right as its removed all the local accounts as a domain controller does not have local accounts.

I would remove the domain controller role, and see if that puts your accounts back in, but you might be best of doing a reinstall.

 

[NiCkNaMe]

Quickest solution is to reinstall and just restore your last backup.

I take it the SA account has been removed?

 

[ruffneck]

.

I take it the SA account has been removed?

 

[Domo]

Unable to use the SA account.

I'll go for the re-install. To clarify what the requirements for this additional software. We provide the vendor with a domain name which the installation routine then checks in order to validate. The license file is domain sensitive.

Note, our server is a stand alone machine, it's not connected to anything at all.

What should I do?

 

[NiCkNaMe]

So it doesn't actually use any functionality of AD? It just needs it for licensing purposes?

Do you have any other requirements for AD in your test environment? Is this test envrionment supposed to replicate a live environment that has AD? Will you be moving this software into a live environment?

How critical is your test box?

 

[ecksmen]

Quickest solution is to reinstall and just restore your last backup.

I take it the SA account has been removed?

Quickest solution? Its now a domain controller, so no, this is not the quickest solution...

Where are the FSMO roles running, did you update sites & services? (netdom query fsmo, transfer away from this server or you will need to seize the roles afterwards).

Run DCPROMO again to remove the role, but select the option that it is not the last DC in the forest / domain. Clear up AD sites and services once demoted. Disjoin from the domain and delete the computer account, go into DNS onthe domain and make sure that all the records are correct (that SRV / GC etc... records are removed for this "DC".

Then look at fixing SQL...

 

[IndieSchmindie]

Have you tried logging in with Windows Authenication using a domain admin account?

 

[Deathwish]

Can you not just run the SQL Surface Area Configuration utility to add a new admin?

 

[NiCkNaMe]

Quickest solution? Its now a domain controller, so no, this is not the quickest solution...

Where are the FSMO roles running, did you update sites & services? (netdom query fsmo, transfer away from this server or you will need to seize the roles afterwards).

Run DCPROMO again to remove the role, but select the option that it is not the last DC in the forest / domain. Clear up AD sites and services once demoted. Disjoin from the domain and delete the computer account, go into DNS onthe domain and make sure that all the records are correct (that SRV / GC etc... records are removed for this "DC".

Then look at fixing SQL...

errr, I suggest you re-read the post. He created the domain on this machine. He doesn't need it. Yes, the quickest solution is to trash the domain and re-create it if it turns out the product does require domain services. It takes all of 15 minutes to create a new dev domain.

 

[Skidilliplop]

Best practice Rule #1, Don't run SQL on a DC. Infact in the days of Virtualisation, there's no real reason to run anything on a DC anymore.

 

[dessimpson]

With a bit of hindsight you should run all your test kit on virtual machines. Especially if running 2008. Hyper-V isn't the best but it's free and comes with the OS.

It might be worth running dcpromo to demote it back to standalone (are the old accounts still there after doing this?).

If that fails. Re-install SQL and restore the database from backups.

 

[Domo]

Thanks for all the advice guys. Since it's a test box I've gone ahead and reloaded the OS. So I'm sat with a new build, all updates complete.

Now I need your advice once more. Please be gentle with me! I'm not a server admin - but a developer. Since I have some IT background I get to do server builds etc. This is the first app I've encountered which is domain sensitive.

At the moment the machine is sat in the default workgroup.

So what do I need to do, so that when this software installs and checks for the domain name xxxxxxx.com it actually exists?

It's a standalone server and there is no requirement for AD.

 

[dessimpson]

Don't know if this will work.

Press windows key
Right click on "computer" and select "properties"
Select "advanced system settings"
Select the "computer" tab
Click "change"
Click "more"
Put the dns suffix in there.

Like I said. I've no idea if this will work but if it doesn't then you're no worse off than before.

Des

 

[SoundsGood]

What about an entry in the hosts file pointing fictitiousdomain.com to 127.0.0.1?

 

[NiCkNaMe]

Hyper-V isn't the best but it's free and comes with the OS..

What's wrong with Hyper-V? Or are you another blind VMware fanboy?

 

[ChrisD.]

What's wrong with Hyper-V? Or are you another blind VMware fanboy?

Lots wrong with Hyper-V. They are starting to get it right though.

 

[dessimpson]

What's wrong with Hyper-V? Or are you another blind VMware fanboy?

We use both. Yes, I think VMware is a superior product to Hyper-V.
Don't get me wrong, it's a million miles better than Virtual PC and I'm sure the next gen virtualisation from Microsoft will close the gap completely but for now it's not quite there.

 

[m4cc45]

Whilst I like Hyper-V the last time I used it, it was very disjointed.

As soon as you have a Virtual Center server with VMware it's all there and available. We went to see Microsoft to see if they had caught up with VMware (i.e. SDRS / HA / VMotion / etc.) and whilst they were catching up they didn't have it all under one hood. They suggested that we write our own scripts on System Center so that when resources got low it would migrate the machine.



M.

 

[NiCkNaMe]

Whilst I like Hyper-V the last time I used it, it was very disjointed.

As soon as you have a Virtual Center server with VMware it's all there and available. We went to see Microsoft to see if they had caught up with VMware (i.e. SDRS / HA / VMotion / etc.) and whilst they were catching up they didn't have it all under one hood. They suggested that we write our own scripts on System Center so that when resources got low it would migrate the machine.



M.

Lots and lots of improvements have been made in the last year or two. Hyper-V has had DRS since Hyper-V R2/VMM R2 with PRO tips, via SCOM integration. (In VMM 2012 you can get standard DRS without SCOM through a feature called Desired Optimisation) It's also had VMotion via Live Migration which goes hand in hand with HA since R2 as well.

VMware is just a standard free hypervisor without VCenter, just like Hyper-V is a standard free hypervisor without System Center (mainly VMM). You don't need all of the System Center suite to get a solid virtual infrastructure.

With VMware/VCenter you get great Virtual Machine management/automation.

With Hyper-V/System Center you get great Virtual Machine management/automation as well as a brilliant holistic solution for your datacenter and desktop environment

...and don't get me started on Server 8/Hyper-V 3.0 because it will be VMware catching up