Let me explain the experimental environment first:
Domain Name: demo.com
First Domain Controller:
Computer Name: server.demo.com
IP:192.168.5.1
Subnet mask: 255.255.255.0
DNS: 192.168.5.1
And FSMO five roles and GC are all in the first On a domain control.
Second Domain Controller:
Computer Name: test20031.demo.com
IP:192.168.5.2
Subnet Mask: 255.255 .255.0
DNS: 192.168.5.2
Disaster situation: The first domain controller could not be started due to hardware reasons.
At this time, we will find that the following client can also use the local cache to log in, but the domain resources can no longer be used. Our goal is to have the second additional domain controller take over the first. The work of the station, that is, the transfer of FSMO and GC to the extra domain controller. Here are two steps:
First, you must delete all the information of the first domain controller from the Active Directory:
(1), click “ Start - Run & rdquo ;, enter: “cmd” and press Enter, type: “ntdsutil” at the command prompt, and then press Enter. If you are not sure how to use “ntdsutil”, you can use “? ” Then enter the method to call the instructions:
Here we have to select "Metadata cleanup ---- clean up the object of the unused server" and then enter the following command:
Then we have to show the fields in the Site:
The result is two, where “1” is the subdomain I built, so I have to choose ""0”:
Through the above information, we can see two servers, of which SERVER is what we want to delete, because it has already DOWN machine. So here you have to select “0”:
After selecting, press “q” to exit to the previous menu:
Click on the above image “Yes”:
Then press 2 “q” to exit.
(2), use the ADSI EDIT tool to delete the Active Directory users and computers in the Domain controllers to delete the server object,
ADSI EDIT in the SUPPORT TOOLS toolkit, open, find the following Location:
Right click and select “delete”
(3) In the "Administrative Tools", open the "AD site and service", find the following location:
Delete the replication connection:
There are a few to delete a few.
Second, the FSMO role is forcibly captured. Here we need to use "Ntdsutil":
We need to connect to the target server first:
After the connection is successful, press “q” to exit to the upper menu and see help Information:
Please note: There are two methods here, Seize and Transfer. If the owner of the original FSMO role is offline, then Seize is used. If it is online, then Transfer is required. . Here SERVER is offline, so use "Seize": "
Here is the icon for capturing the PDC role, point "yes", the other roles are the same operation, and finally exit.
Everyone for security reasons, you can run the script that I gave to everyone last time:
As you can see from the above figure, all FSMOs have been transferred to the TEST20031 server. The last is to transfer the GC:
In the "Administrative Tools", open "ld sites and services", find the following location:
in the "properties" list Click:
Before the "Global Catalogue" checkbox, then confirm the exit.
Finally, go to the client to modify the location of the DNS server, you can find that the client can log in again. And all domain resources can be used normally. Finally, please pay attention to the following points:
1. In a single domain control environment, please try to backup as many times as possible to ensure the validity of the backup. It is best to use several backup types together.
2. In a multi-domain control environment, if Seize is used, then the broken server should not be returned to the network before reinstalling the system. Even if it has been repaired, it must be reinstalled. Operating system, why? Because the FSMO role is unique, if you return to the network at this time, there will be a phenomenon of FSMO role duplication.
3, in the multi-domain control environment, after the bad domain control repair, reinstall the system, please try not to use the original computer name to prevent some unexplained problems, let that server It will disappear forever in the network!
OK, please correct me! E-Mail: [email protected]
After the launch of Windows XP, it was highly praised by everyone for its good compatibility. It pro
The new GUI management page replaces Microsofts previous visual operator interface to make server co
In the LAN, the huge workload caused by the endless software installation, upgrade, maintenance, and
Disk Manager is a powerful graphical interface disk management tool in Windows 2000. We will use thi
Microsoft Windows Active Directory Remote Stack Overflow Defect
Nine tricks make the hard drive faster and the system more stable
Windows 2000 virtual host basic permissions settings
Detect Win2K/XP/2003 native system information
Windows Server 2008 enterprise users need to master early
Porting System Restore for Windows 2003
Modify the registry to completely block Win 2003 security risks
Let Windows 2003 also use the system to restore
Breaking through the limitations of the Win 2003 system
Win10 taskbar notification area time is not displayed solution
The Win10 hidden login interface activation method can activate the enhanced login screen
Win10 remote desktop connection Win2003 Carton how to solve
How to modify the graphic tutorial of windows2003 system password
Win10 bios can't get in how to do
Protect Privacy - Cancel WMP Jumplist Play Record in Windows 7
How to exit to normal login after Win8 enters clean boot