« Malaysian Election 2008 | Main | Trend Micro OfficeScan and ServerProtect »

Promoting Domain Controllers

Domain controllers for Windows rely on the DNS to work and find each other through SRV records. If the DNS is not available, the domain controllers don't work very well.

For member server, the DNS settings are typically any of the domain controllers. For Domain controllers, the DNS server should be set to its opposite partner as primary and itself as secondary.

If you don't do this, you will find that when performing DCPROMO, the domain controller will not replicate properly and the rest of the domain will not be able to recognize it. In the end you may not be able to login and the end result is to force a demotion using DCPROMO /forceremoval.

Forceremoval method is preferred because it save you the trouble of explaining to the Enterprise Administrator why you want to perform an AD cleanup

Checklist for Domain controllers is here

About

This page contains a single entry from the blog posted on March 18, 2008 11:59 PM.

The previous post in this blog was Malaysian Election 2008.

The next post in this blog is Trend Micro OfficeScan and ServerProtect.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type