Issue with domain controller

Felix

Felix

Felix

Soldato
Joined
25 Jan 2003
Posts
2,701
I am currently installing a new domain controller to replace an older server. On the last step of changing the name of the 2 servers the new one has some how changed its name on the server but not updated it in active directory.

I now can't change it back to the original name as it says the account doesn't exist nor can I do a dcpromo to demote it, remove it from the domain and then add it back on this time hopefully correctly changing its account name in active directory. The promote it again.

There are no FSMO roles on this server, only a global cat.

Any ideas?
 
Can you detail the EXACT course of actions, including names (even if fake names, just to make for easier reading), that got you into this mess?

Hard to work out a solution without knowing the problem in its entirety.
 
Sorry for the lack of detail.

The old domain controller is 2003 DC3 - domain schema and forest schema both updated to version 47. I bring a new 2008 server online with the name DC-3, I promote it, they run side by side for a week. On Monday I demoted the old server.

Today I change the ip address of the old server DC3 to a spare ip, I reboot. I change the name to OLDDC3 reboot again. All fine.

On the new server DC-3 I change the IP address to the old servers and rebooted. I then tried to change the name, however it says the name already exists. I click ok and try again. Same thing. I reboot the new server log in to try again and the name has changed. I check AD but it hasn't in the list of domain controllers.
 
I'll double check but surely with AD integrated DNS the record will have had its name change too.

Regarding the same name, there are various services and 3rd party devices that authenticate using the server and they have the DNS name rather than the IP address.
 
Just another potential option, I've not done it on a 2008 DC, but did you do an 'ipconfig /registerdns' and 'dcdiag /fix' afterwards?

That's the procedure from MS when changing the IP of a DC for 2003, I did it recently and the old IP got left in DNS which is the source of my previous post.
 
Sounds like DNS is holding something to me. Check through ADSI Edit too for the old domain controller. To resolve, I'd bring up a VM DC, move all the FSMO roles to that, ensure AD and DNS are set up correctly and then start again.
 
Like I said, there are no FSMO roles on the DC, no DNS, it is just a domain controller with a global cat on it. There are 2 other domain controllers in that domain and they already have the FSMO roles. This DC is purely for redundancy and authentication for various devices and services.
 
Did you give the new server long enough to see and replicate the change in name of the old server? If you switch the two over too quickly with multiple DCs it probably wouldn't be too happy
 
I think that is what has happened, the new DC has been on for over a week but I think the demotion and then the name/ip changes have been too quick.

I'll get the new server reinstalled and just avoid the name change and find what devices and services are affected.

Thanks
 
You must log in or register to reply here.
Back
Top Bottom