Click here to get back home

PDC - BDC Conflicts
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
PDC - BDC Conflicts Jean Paul Mertens 08-17-2007
| `--> Re: PDC - BDC Conflicts Jean Paul Merte...08-18-2007
---> Re: PDC - BDC Conflicts Jean Paul Merte...08-20-2007
---> Re: PDC - BDC Conflicts SuperGumby [SBS...08-20-2007
| |--> Re: PDC - BDC Conflicts Jean Paul Merte...08-20-2007
| `--> Re: PDC - BDC Conflicts Jean Paul Merte...08-21-2007
`--> Re: PDC - BDC Conflicts SuperGumby [SBS...08-21-2007
Posted by Jean Paul Mertens on August 17, 2007, 10:02 am
Please log in for more thread options
 Hello to all,

I have a problem with a BDC (windows 2000 server) who does not see that the
PDC (SBS 2000) is back on-line. I have got my PDC crashed,and for some
reason the NT-Mirror had stopped some time ago. I have taken the PDC out of
the network, and the BDC took over the security with no problem. I have put
my (early stopped) mirror disk as master and restored alle backups so that
the PDC is ok. I have put the PDC back in the network and had to disconnect
(temporary set them to workgroup) all workstations and servers from the
domain and then reconnect them to the domain. So far so good until I tried
to do the same with my BDC but he keeps saying that there is no PDC so he
can not disconnect and he is not trusted by the domain any more. I cant stop
the AD becourse the server is BDC etc.. I'm turning in a round so my BDC in
no more reachable by the domain and vise versa.

Is there a tool (or a way) to force the BDC server to stop from thinking he
has to stay a domain on his own so that I can downgrade the BDC to a simple
server, take is 'out of the domain' and reconnect it to the 'new domain'

Many tanks in advance

Jean Paul




Posted by Wallyb132 on August 17, 2007, 11:42 am
Please log in for more thread options
 you need to remove AD from the BDC using DCPromo, remove it completely from
the domain, turning it in to a stand alone server, rejoin it to the domain.
run adprep on your SBS, then run DCPromo on your BDC again to install AD and
make it a domain controller, once its rejoined as a DC make it a global
catalog again.

"Jean Paul Mertens" wrote:

> Hello to all,
>
> I have a problem with a BDC (windows 2000 server) who does not see that the
> PDC (SBS 2000) is back on-line. I have got my PDC crashed,and for some
> reason the NT-Mirror had stopped some time ago. I have taken the PDC out of
> the network, and the BDC took over the security with no problem. I have put
> my (early stopped) mirror disk as master and restored alle backups so that
> the PDC is ok. I have put the PDC back in the network and had to disconnect
> (temporary set them to workgroup) all workstations and servers from the
> domain and then reconnect them to the domain. So far so good until I tried
> to do the same with my BDC but he keeps saying that there is no PDC so he
> can not disconnect and he is not trusted by the domain any more. I cant stop
> the AD becourse the server is BDC etc.. I'm turning in a round so my BDC in
> no more reachable by the domain and vise versa.
>
> Is there a tool (or a way) to force the BDC server to stop from thinking he
> has to stay a domain on his own so that I can downgrade the BDC to a simple
> server, take is 'out of the domain' and reconnect it to the 'new domain'
>
> Many tanks in advance
>
> Jean Paul
>
>
>
>

Posted by Jean Paul Mertens on August 18, 2007, 2:09 am
Please log in for more thread options
Wally,

That is the problem, if I run DCPromo I got the answer that a domain
controller could not be contacted for the domain so he would not continue.
The message window says that I have to take out the server out of the domain
by making him member of a workgroup and then rejoin the domain. Bus as long
as AD is running on the machine I can not leave the domain (In the system
properties I can not change the identification of the computer becourse he
aims to be a domaincontroller...

and so we are back to start.

Any further ID's

Greets

Jean Paul


> you need to remove AD from the BDC using DCPromo, remove it completely
> from
> the domain, turning it in to a stand alone server, rejoin it to the
> domain.
> run adprep on your SBS, then run DCPromo on your BDC again to install AD
> and
> make it a domain controller, once its rejoined as a DC make it a global
> catalog again.
>
> "Jean Paul Mertens" wrote:
>
>> Hello to all,
>>
>> I have a problem with a BDC (windows 2000 server) who does not see that
>> the
>> PDC (SBS 2000) is back on-line. I have got my PDC crashed,and for some
>> reason the NT-Mirror had stopped some time ago. I have taken the PDC out
>> of
>> the network, and the BDC took over the security with no problem. I have
>> put
>> my (early stopped) mirror disk as master and restored alle backups so
>> that
>> the PDC is ok. I have put the PDC back in the network and had to
>> disconnect
>> (temporary set them to workgroup) all workstations and servers from the
>> domain and then reconnect them to the domain. So far so good until I
>> tried
>> to do the same with my BDC but he keeps saying that there is no PDC so he
>> can not disconnect and he is not trusted by the domain any more. I cant
>> stop
>> the AD becourse the server is BDC etc.. I'm turning in a round so my BDC
>> in
>> no more reachable by the domain and vise versa.
>>
>> Is there a tool (or a way) to force the BDC server to stop from thinking
>> he
>> has to stay a domain on his own so that I can downgrade the BDC to a
>> simple
>> server, take is 'out of the domain' and reconnect it to the 'new domain'
>>
>> Many tanks in advance
>>
>> Jean Paul
>>
>>
>>
>>



Posted by Phillip Windell on August 17, 2007, 12:04 pm
Please log in for more thread options
> Hello to all,
>
> I have a problem with a BDC (windows 2000 server) who does not see that
> the PDC (SBS 2000) is back on-line.

1. There is no such thing as a PDC and BDC in Windows 2000 or newer. There
is a PDC "role" but it is not the same thing.

2. SBS cannot join an existing Domain, so having a second DC in an SBS
controlled system is almost [but not quite] totally worthless.
a. Rebuilding SBS and giving it the same Domain name as before only
creates two *different* domains that just happen to have the same name.
b. The other DC can not see the SBS as being back online on the original
Domain because the SBS is not back online in the orignal Domain. It is a
completely new SBS on a completely new Domain that just happens to use the
same name.

The proper way to have fault tolerance and recoverability with SBS is by
using System-State Backups for the software side and RAID for the hardware
side. The RAID itself needs to be done in Hardware and not in Windows. IMO,
disaster recovery with SBS is itself a disaster and is why I would never
want to run SBS.

There have been third-party non-Microsoft solutions "invented" to deal with
this. You may have to ask in a SBS Group to find details on that. I don''t
have any links or information for that myself.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------



Posted by Steve on August 17, 2007, 12:46 pm
Please log in for more thread options
Please explain why you say SBS can't join an existing domain? There is a KB
that gives the steps to do so:

http://support.microsoft.com/kb/884453

>> Hello to all,
>>
>> I have a problem with a BDC (windows 2000 server) who does not see that
>> the PDC (SBS 2000) is back on-line.
>
> 1. There is no such thing as a PDC and BDC in Windows 2000 or newer.
> There is a PDC "role" but it is not the same thing.
>
> 2. SBS cannot join an existing Domain, so having a second DC in an SBS
> controlled system is almost [but not quite] totally worthless.
> a. Rebuilding SBS and giving it the same Domain name as before only
> creates two *different* domains that just happen to have the same name.
> b. The other DC can not see the SBS as being back online on the
> original Domain because the SBS is not back online in the orignal Domain.
> It is a completely new SBS on a completely new Domain that just happens to
> use the same name.
>
> The proper way to have fault tolerance and recoverability with SBS is by
> using System-State Backups for the software side and RAID for the hardware
> side. The RAID itself needs to be done in Hardware and not in Windows.
> IMO, disaster recovery with SBS is itself a disaster and is why I would
> never want to run SBS.
>
> There have been third-party non-Microsoft solutions "invented" to deal
> with this. You may have to ask in a SBS Group to find details on that. I
> don''t have any links or information for that myself.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or
> Microsoft, or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>



Similar ThreadsPosted
Windows Defender conflicts with spooler April 25, 2006, 3:49 pm
Base CRL OverIssuing and Delta CRL Conflicts August 7, 2006, 4:12 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap