I cannot DCPROMO (degrade as member server)

  • Thread starter Thread starter myBasic
  • Start date Start date
M

myBasic

Hi all,

I promoted a server to be a 2nd DC yesterday, I change my mind and attempt
to degrade that server as a member server today, but failed. The error
message shown:

The operation failure because:
The Directory Service failed to replicate off changes mode locally.
"The DSA operation is unable to proceed because of a DNS lookup failure."

The questioned server name: a-server.domain.local <--
but the FSMO, or GC DC name: dc-server.domain.com <-- diff suffix

How do I fix it in DNS record?

Many thanks.
 
Something is definitely wrong.

You could do a dcpromo /forceremove followed by a metadata cleanup
http://support.microsoft.com/Default.aspx?id=216498

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Hi Paul,

Thanks for reply.

Now I just want to spend an hour to reinstall that member server, but I
cannot delete that server name in
dsa.msc, Domain Controller list
why?

Does it mean that I have to remove the AD metadata by Ntdsutil.exe. I fear I
would make severe mistake to affect the domain data.

Thanks
 
myBasic said:
Hi Paul,

Thanks for reply.

Now I just want to spend an hour to reinstall that member server, but I
cannot delete that server name in
Click to expand...

That is silly.

The likely reason you are had this trouble -- and probably the reason you
(didn't say) you decided to remove the new DC) is that you never configured
the DNS correctly.

95% of AD problems are actually DNS issues. Most likely is you didn't
set the NEW DC as a "DNS client" of the DNS server which
would register (or at least find) your Dynamic DNS Zone that supports
your domain. It is also possible you don't have the DNS set as dynamic
but odds of that are lower.
dsa.msc, Domain Controller list
why?

Does it mean that I have to remove the AD metadata by Ntdsutil.exe. I fear
I
would make severe mistake to affect the domain data.
Click to expand...

Well don't make those mistakes. CONNECT to the WORKING server,
and SELECT the "dead" server for deletion -- if you do that (and it is the
only way it will do anything with only two servers involved) then you
cannot make a mistake and harm anything.
 
Back
Top