Share via

Despromover Domain Controller W2008 R2

Salvador Flores 0 Reputation points
2023-12-10T19:57:21.7833333+00:00

Buen día

El de día de hoy realice una despromoción de un domain controller W2008 R2, migre todos los FSMO Roles a un nuevo W2016, me asegure de que estuviera bien todo el tema de replicación y todo me marcaba que se encontraba en perfecto estado sin errores sin embargo al correr el dcpromo me marca un error y no me permite continuar, por lo cual opte por hacer un dcpromo /forceremoval, al hacerlo termina y procedo con la limpieza del metadata, al termina el domain controller W2016 me marca un error de que el dominio no fue encontrado y al revisar veo que dejo de existir.

Recupere los dos servidores restaurándolos con sus respectivos checkpoint antes de hacer el cambio.

Pero mi duda es, ¿que pudo pasar? ya que no contaba con ningún FSMO role de su lado.

¿Algo que deba validar aparte de todo lo comentado anteriormente?

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | Other
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 36,261 Reputation points Moderator
    2023-12-10T20:23:19.47+00:00

    Hi @Salvador Flores

    My answer will be in English because here is a English forum.

    It seems that the replication is not completed when you move the FMSO roles to Windows 2016.

    Before launch the demotion of old domain controller you should check if the replication and the domain controller health are ok.

    #To force replication
repadmin /syncall
#Check the status of last replication
repadmin /showrepl
repadmin /replsum *
#check domain controller health
dcdiag

    It's recommended to fix all error before performing the demotion of old domain controller.

    Please don't forget to accept helpful answer

  2. Anonymous
    2023-12-10T20:41:02.3033333+00:00

    Hard to know for sure at this point but before demoting old ones you should confirm domain health is 100% by using dcdiag, repadmin tools. Also check the System and DFS/FRS Replication event logs are free of errors on all involved.

    --please don't forget to close up the thread here by marking answer if the reply is helpful--

  3. Anonymous
    2023-12-12T02:36:14.4666667+00:00

    Hi Salvador Flores,

    Thank you for posting in Q&A forum.

    I agree the answer from Thameur.

    Just add some information. When doing the demotion, please check the error and fix it, do not do the force demotion.

    Here are some references for you to refer:

    Error when you demote a domain controller - Windows Server | Microsoft Learn

    Domain controllers don't demote - Windows Server | Microsoft Learn

    Hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

     

    Best Regards,

    Daisy Zhou

    ==========================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments
  4. Anonymous
    2023-12-17T20:52:38.3266667+00:00

    SVRG0203 remove the public secondary DNS (8.8.8.8) and replace with loopback (127.0.0.1) then do ipconfig /flusdns, ipconfig /registerdns, restart the netlogon service.

    SVRG0010 remove the public secondary DNS (8.8.8.8, 4.4.4.4) and replace with loopback (127.0.0.1) then do ipconfig /flusdns, ipconfig /registerdns, restart the netlogon service.

    Then check the results. If problems persist then put up a new set of files to look at.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.