AD::: desastre e recuperação

  • Thread starter Thread starter Sandro
  • Start date Start date
S

Sandro

Caros amigos,


Na semana passada, a CPU do meu servidor de AD parou de funcionar, e a
CPU-backup para minha infelicidade está alocada em outro cliente. Tentei
colocar o HD-SCSI em outra CPU qualquer porém é exibido a famosa "tela
azul".

Para aliviar os problemas de rede (DNSs e Exchange), devido a ausência do
meu AD (DNS primário), executei as seguintes ações:
1) adicionei o IP do AD-server, como IP secundário no DC-1 (com DNS
secundário)
2) Promovi a zona secundária do DC-1 para zona primária, uma vez que as
zonas começaram a expirar, e os demais DCs (DC-2, DC-3, DC-4) foram
apontados para o DC-1.
3) Transferi as funções de PDC e Infrastructure para o DC-1.

Erro:
Não consegui transferir o RID, porque o servidor não estava on-line.

As pergunta são:

1) Qual é o melhor procedimento para restaurar o AD nesta situação ?
2) Consigo montar um novo AD, e fazer com que no novo AD leia as informações
dos outros DCs, independente de um backup, ou utilizando as informações do
HD que está parado?

PS: Tenho o HD-SCSI, e não consigo iniciá-lo com Windows em outro hardware,
e o Backup também não funciona para outro hardware.

Desde já agradeço pela colaboração, e desejo Boas Festas !!!!!

Abraços,

SANDRO


FELIZ
 
Hello Sandro,

Sorry, but this NG is in english.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
 
Dear Sirs,


The CPU from my AD server (DNS-1) stopped to work on last week, and I don´t
have a backup recent.
When I try to put the HD-SCSI into another CPU, I have saw "blue screen" at
windows startup.

I did the follow steps to resolve the problem of my network without AD
server:

1) Added IP from AD-server as secondary IP on DC-1 (Domain Controller 1,
with DNS-2 installed)
2) Promoved the secondary zone of DC-1 to primary zone, and now the primary
DNS server of DC-2, DC-3, DC-4 is DC-1.
3) I transfered the functions (rules) PDC and Infrastructure to DC-1. But
the function RID didn´t work.

The questions are:

1) How can I restore AD server in this case, with backup, and having just a
HD-SCSI ?
2) Can I mount a new AD server, and making it read information from another
DCs?

Thank for your attention.

Best Regards

SANDRO
 
Hello Sandro,

see inline

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
Dear Sirs,

The CPU from my AD server (DNS-1) stopped to work on last week, and I
don´t
have a backup recent.
When I try to put the HD-SCSI into another CPU, I have saw "blue
screen" at
windows startup.
I did the follow steps to resolve the problem of my network without
AD server:

1) Added IP from AD-server as secondary IP on DC-1 (Domain Controller
1,
with DNS-2 installed)
Click to expand...

Do not do this, will make more problems then solving them.
2) Promoved the secondary zone of DC-1 to primary zone, and now the
primary
DNS server of DC-2, DC-3, DC-4 is DC-1.
3) I transfered the functions (rules) PDC and Infrastructure to DC-1.
But
the function RID didn´t work.
Click to expand...

Do you mean you have seized/tried to seize the FSMO roles to another server?
Or only tried a transfer? Important because if you seize them NEVER reconnect
the broken DC which also have the FSMO roles. So check all DC's for the existing
5 FSMO roles, you need to have all. http://support.microsoft.com/kb/324801

CHECK THAT FIRST, before going on.
The questions are:

1) How can I restore AD server in this case, with backup, and having
just a
HD-SCSI ?
Click to expand...

As i follow your description you have more DC's, because of DC-2 3 and 4?
 
Hi Meinolf Weber,

I saw all my domain controllers, and actually the option RID is my
AD-server.
I tried change to another RID to another DC, but didn´t work I stopped.
The infrastructure and PDC in the all DCs are my DC1.

Thank for your help.

Best Regards,

SANDRO
 
Hello Sandro,

Can not really follow your description, what do you mean with option RID
is AD server?

How many domain controller do you have now running? A domain controller holds
Active directory. Also you have the need for minimum one Global Catalog server
and one DNS server in the domain.

Since windows 2000 there is not longer the PDC/BDC concept like in NT4. All
domain controllers are the same. The differences are based on the 5 FSMO
roles. This gives the advantage if you have a broken DC, which can not be
restored/repaired, you can move/transfer or seize the FSMO roles to another
machine and have the full domain running again.

Best regards and merry chirstmas

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
 
Hi Meinolf Weber

I saw all domain controllers, and they are with same configuration, PDC
and Infrastructure is DC-1.
I moved the options PDC and infrastructure to DC-1, whitout AD server to be
on line, and this configuration was replicated to another DCs. (DC-2, DC-3
and DC-4, are my remote sites (wan))
I tried to move RID to DC-1 too, but I received a message of error and I
stopped it.

Thank for your help.

SANDRO
 
Hi Meinolf Weber,

I will describe here the configuration about my network versus server,
before and after of the problem, when my AD server crashed its CPU.
Please hold on.

Thank you,

SANDRO
 
My network.

A1) MAin Site
A1.1) (1) one server W2K, AD-server (primary DNS), florest
mycompany.com.br, Global Catalog, e.g.: IP(ad)=10.0.0.1
A1.2) (2) two servers W2K, Domain Controller (DC1, and DC2), with DNS
services, DHCP services, and WINS services installed each one.
A1.3) (1) one server W2K, Domain Controller (DC3)
A1.3) (1) one server W2K, Domain Controller (DC4), with Exhange Server
2000.

A2) Anothers Sites (Office)
A2.1) I have five links to communication between five locations.
A2.2) I have one DC to each office.
office1 --> **DC5, with DNS, DHCP and WINS services. **It has Global
Catalog too.
office2 --> DC6, with DNS, DHCP and WINS services.
office3 --> DC7, with DNS, DHCP and WINS services.
office4 --> DC8, with DNS, DHCP and WINS services.
office5 --> DC9, with DNS, DHCP and WINS services.

-------------------------------------

With Problem.

B1) Main Site
B1.1) I lost my AD server, because its CPU doesn´t work, and I don't have a
backup, I just have the HD-Scsi.
B1.2) I added IP(ad) into same network card of DC1 (10.0.0.2 + 10.0.0.1)
B1.3) Now, all DCs have DC-1 as a primary server (before it was AD-server)
B1.4) I reconfigured on "Active Diretory Users and Computers
[mycompany.com]" on Operatios Master
B1.4.1) RID = I cannot transfer the original, it has shown the name of
actual AD server.)
B2.4.2) PDC = I don´t have BDC NT-4.0 into my network, but I transfered
from AD server name to DC1 server name)
B2.4.3) Infrastructure = I transfered from AD Server name to DC1 server
name).


you said:
Since windows 2000 there is not longer the PDC/BDC concept like in NT4. All
domain controllers are the same. The differences are based on the 5 FSMO
roles. This gives the advantage if you have a broken DC, which can not be
restored/repaired, you can move/transfer or seize the FSMO roles to another
machine and have the full domain running again.

------------------------------------------

I think so have broken the DC-1, and What should I do to restore my AD
server ?


Meinolf Weber tank so much for your help and Merry Christmas for you too.


Best Regards,

SANDRO
 
Hello Sandro,

Is you B1 a different domain then A1? Please keep it easy, how many dc's
in the site/domain and which of the 5 FSMO roles are present on the running
machine. DC1 from my point of view does not longer exist or is this wrong?
Which DC did get also the ip of the broken DC1?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
My network.

A1) MAin Site
A1.1) (1) one server W2K, AD-server (primary DNS), florest
mycompany.com.br, Global Catalog, e.g.: IP(ad)=10.0.0.1
A1.2) (2) two servers W2K, Domain Controller (DC1, and DC2), with DNS
services, DHCP services, and WINS services installed each one.
A1.3) (1) one server W2K, Domain Controller (DC3)
A1.3) (1) one server W2K, Domain Controller (DC4), with Exhange
Server
2000.
A2) Anothers Sites (Office)
A2.1) I have five links to communication between five locations.
A2.2) I have one DC to each office.
office1 --> **DC5, with DNS, DHCP and WINS services. **It has
Global
Catalog too.
office2 --> DC6, with DNS, DHCP and WINS services.
office3 --> DC7, with DNS, DHCP and WINS services.
office4 --> DC8, with DNS, DHCP and WINS services.
office5 --> DC9, with DNS, DHCP and WINS services.
-------------------------------------

With Problem.

B1) Main Site
B1.1) I lost my AD server, because its CPU doesn´t work, and I don't
have a
backup, I just have the HD-Scsi.
B1.2) I added IP(ad) into same network card of DC1 (10.0.0.2 +
10.0.0.1)
B1.3) Now, all DCs have DC-1 as a primary server (before it was
AD-server)
B1.4) I reconfigured on "Active Diretory Users and Computers
[mycompany.com]" on Operatios Master
B1.4.1) RID = I cannot transfer the original, it has shown the
name of
actual AD server.)
B2.4.2) PDC = I don´t have BDC NT-4.0 into my network, but I
transfered
from AD server name to DC1 server name)
B2.4.3) Infrastructure = I transfered from AD Server name to DC1
server
name).
you said:
Since windows 2000 there is not longer the PDC/BDC concept like in
NT4. All
domain controllers are the same. The differences are based on the 5
FSMO
roles. This gives the advantage if you have a broken DC, which can not
be
restored/repaired, you can move/transfer or seize the FSMO roles to
another
machine and have the full domain running again.
------------------------------------------

I think so have broken the DC-1, and What should I do to restore my AD
server ?

Meinolf Weber tank so much for your help and Merry Christmas for you
too.

Best Regards,

SANDRO

Hi Meinolf Weber,

I will describe here the configuration about my network versus
server, before and after of the problem, when my AD server crashed
its CPU. Please hold on.

Thank you,

SANDRO
Click to expand...
Click to expand...
 
In
Sandro said:
Hi Meinolf Weber

I saw all domain controllers, and they are with same configuration, PDC
and Infrastructure is DC-1.
I moved the options PDC and infrastructure to DC-1, whitout AD server
to be on line, and this configuration was replicated to another DCs.
(DC-2, DC-3 and DC-4, are my remote sites (wan))
I tried to move RID to DC-1 too, but I received a message of error
and I stopped it.

Thank for your help.

SANDRO
Click to expand...

If you received an error, that may be a message indicating a warning about
seizing the RID role. If it was a warning, and the machine that originally
held the RID Master role will never again be online, then I would suggest to
go ahead and complete the process.

Ace
 
Back
Top