So, an environment I'm new to, is having some problems that I'm trying to correct.
Old config: Single SBS2011 server, a second 2008 R2 DC was added at some point. SBS failed, roles were seized and SBS was never brought back online.
Current config: Original second 2008 R2 DC still exists, as well as 3(!) additional DCs, ranging between 2008 R2 and 2012 R2.
In an effort to reduce the amount of DCs down to 2, I began by attempting to demote one of the 2008R2 that only held DC and DNS roles. Immediately after the dcpromo process starts, i get this:
All work is being performed on the FSMO role holder, a 2012R2 machine.
NTDSUtil shows the current DC as the holder of all roles. OK, onto ADSIEdit.
Looking at CN=Infrastructure,DC=DomainDNSZones,DC=Domain,DC=Local It shows the current correct DC in the fSMORoleOwner attribute.
Looking at CN=Infrastructure,DC=ForestDNSZones,DC=Domain,DC=Local It shows the old SBS server as fSMORoleOwner. I know the 0ADEL: value refers to a missing or orphaned value.
I'm unable to change the value to the new DC.
It seems that the directory is unable to contact the SBS server (of course, its long gone) and will not allow me to change the value.
I have checked that all the old metadata has been cleaned up for the SBS server, nothing exists in AD Site and Services, DNS or in ADUC for it either.
1 Answers