Domain controller doesnt know its a DC

  • Thread starter Thread starter Steve S
  • Start date Start date
S

Steve S

I was in the process of upgrading an old DC with new
hardware. I built out the new computer, and loaded Win2k
server on it. I then demoted the old DC and reset its
account in AD. I then promoted the new server to a DC with
DCPROMO, and gave it the servers old name. It is the 3rd
DC controller on the network. Everything worked fine at
first, then it started to deny me logon after a few hours.
That was up and down, and random for about 2 days, and now
I cant use it at all or logon to it. I can only get into
that server using safe mode. When I look at its role under
AD, its says that it is not a domain controller but a
workstation or server. I figured that I might need to
demote it and re-promote it as something might have gone
wrong. When I have been able to logon to it, and run
DCPROMO it tells me my credentials are are no good, that I
need to be an enterprise admin, but I am. So now im stuck
sitting here with a server than I cannot logon to or
DCPROMO anymore. It doesnt seem to have established a trust
with the rest of my domain. Under my computer though, it
says that it is a domain controller, but the domain is
marked *UNKNOWN*. I assume i am going to have to manually
fix this somehow in safemode, as I can no longer log into
it as an administrator in regular mode. Any clues as to
what I can do?
 
Our primary domain controller is still intact and operating
fine, and had those roles already. The server I upgraded
did not have any of those roles to begin with. This server
is just sitting here and I cannot logon to it anymore.
Earlier today when I could logon to it, I tried to DCPROMO
it to demote it and it told me that I was not an enterprise
admin, even though I was logged on as administrator and am
in the Enterprise Admin group. That computer was listed
under computers, and not domain controllers in AD. When you
logon it says "your account has been disabled, please
contact your network administrator", but if you try to use
another name it says that password is wrong. Its as if it
only partly connected to AD, its listed but not as a domain
controller. I have removed it from the list in a futile
effort to try to rejoin it, but if I cannot logon to it, I
cant DCPROMO it again. All AD sycronisation attempts have
failed, and it says in REPLMON that it has tried 84 times
now. Trying to re-sync it gives the error
"error_bind_to_remote_server_failed". Its there, but its
not. We have tried to clean up the AD on that machine in
safemode according to some various articles we found in the
knowledge base, but its still sitting there in the same
state. It has SP3 on it. Thanks for your help.
 
Back
Top