question

EdWin-7892 avatar image
0 Votes"
EdWin-7892 asked DSPatrick commented

My Domain Controller is unavailable (Windows Server 2012 R2). What to do?

Hi everyone,

One of my Domain Controllers "died". I had to reboot it, but it doesn't work, and it crashed. So, I have a backup made last week (this DC is a VM). What should I do?

1- Use this Backup? If so, how to initialize the DC? Should I initialize this DC by using an authoritative restoration? How to make this?
2- Making a MetaData Cleanup of the unavailable Domain Controller and then creating a new DC from the scratch?

Thank you.

windows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented

How many domain controllers? Assuming there's another healthy one the simplest solution is to seize roles (if necessary)
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/transfer-or-seize-fsmo-roles-in-ad-ds

then perform cleanup to remove the failed one.
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564

then rebuild the failed one.

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health.


--please don't forget to upvote and Accept as answer if the reply is helpful--





· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @DSPatrick ,

Thank you for your answer. Yeah, I have 4 domain controllers in my environment (3 now, since one of them is unavailable).
Well, I think I'll just make metadata cleanup and remove this DC. I made this thing before, and I had just a curiosity about being an authoritative restoration...

That's it! Thank you buddy! Have a nice day!

0 Votes 0 ·

Sounds good, you're welcome.


0 Votes 0 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered

Any progress or updates?




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered

Hi,

Welcome to share here!
If the "died" DC is not the only on your domain, we don't need to restore it from the backup.
For a FSMO holder, we may try to size the FSMO role from a good DC.
Then perform a metadata cleanup.

If you still want to it a DC again, you can create a new one as you mentioned above.

If you have any questions about it, feel free to let us know.
Best Regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.