Como reinstalar o AD DS para um domínio

2

OLD SERVER: SERVER NOVO SERVIDOR: AUTHSRV Eu estava brincando com meu laboratório e parece que não removi corretamente meu antigo servidor AD DS quando adicionei o novo, então agora não consigo adicionar novos computadores ao AD DS.

Este é o erro que estou recebendo:

Que direção devo escolher para descobrir o que causou isso?

Acabei de excluir o servidor antigo dos Sites e Serviços do Active Directory e não tenho certeza se isso estava correto ou não.

EDITAR:

PS C:\Users\administrator.INTERNAL> ntdsutil
C:\Windows\system32\ntdsutil.exe: metadata cleanup
metadata cleanup: remove selected server SERVER
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-03100225, problem 2006 (BAD_NAME), data 8350, best match of:
        'CN=Ntds Settings,SERVER'

Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the Active Directory Domain Controller (5). Please use the connection menu to s
pecify it.

EDITAR:

PS C:\Users\administrator.INTERNAL> dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = authsrv
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: CITY-HQ\AUTHSRV
      Starting test: Connectivity
         ......................... AUTHSRV passed test Connectivity

Doing primary tests

   Testing server: CITY-HQ\AUTHSRV
      Starting test: Advertising
         ......................... AUTHSRV passed test Advertising
      Starting test: FrsEvent
         ......................... AUTHSRV passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
         replication problems may cause Group Policy problems.
         ......................... AUTHSRV failed test DFSREvent
      Starting test: SysVolCheck
         ......................... AUTHSRV passed test SysVolCheck
      Starting test: KccEvent
         ......................... AUTHSRV passed test KccEvent
      Starting test: KnowsOfRoleHolders
         Warning:
         CN=NTDS Settings
PS C:\Users\administrator.INTERNAL> ntdsutil
C:\Windows\system32\ntdsutil.exe: metadata cleanup
metadata cleanup: remove selected server SERVER
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-03100225, problem 2006 (BAD_NAME), data 8350, best match of:
        'CN=Ntds Settings,SERVER'

Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the Active Directory Domain Controller (5). Please use the connection menu to s
pecify it.
ADEL:05f209fb-df38-424f-8660-52a43ce83c8e,CN=SERVER
PS C:\Users\administrator.INTERNAL> dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = authsrv
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: CITY-HQ\AUTHSRV
      Starting test: Connectivity
         ......................... AUTHSRV passed test Connectivity

Doing primary tests

   Testing server: CITY-HQ\AUTHSRV
      Starting test: Advertising
         ......................... AUTHSRV passed test Advertising
      Starting test: FrsEvent
         ......................... AUTHSRV passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
         replication problems may cause Group Policy problems.
         ......................... AUTHSRV failed test DFSREvent
      Starting test: SysVolCheck
         ......................... AUTHSRV passed test SysVolCheck
      Starting test: KccEvent
         ......................... AUTHSRV passed test KccEvent
      Starting test: KnowsOfRoleHolders
         Warning:
         CN=NTDS Settings%pre%ADEL:05f209fb-df38-424f-8660-52a43ce83c8e,CN=SERVER%pre%ADEL:fe8837d6-377c-4763-a3b8-409b2235ef9
e,CN=Servers,CN=CITY-HQ,CN=Sites,CN=Configuration,DC=internal,DC=DOMAIN,DC=com
         is the Schema Owner, but is deleted.
         ......................... AUTHSRV failed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... AUTHSRV passed test MachineAccount
      Starting test: NCSecDesc
         ......................... AUTHSRV passed test NCSecDesc
      Starting test: NetLogons
         ......................... AUTHSRV passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... AUTHSRV passed test ObjectsReplicated
      Starting test: Replications
         ......................... AUTHSRV passed test Replications
      Starting test: RidManager
         ......................... AUTHSRV passed test RidManager
      Starting test: Services
         ......................... AUTHSRV passed test Services
      Starting test: SystemLog
         ......................... AUTHSRV passed test SystemLog
      Starting test: VerifyReferences
         ......................... AUTHSRV passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : internal
      Starting test: CheckSDRefDom
         ......................... internal passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... internal passed test CrossRefValidation

   Running enterprise tests on : internal.DOMAIN.com
      Starting test: LocatorCheck
         ......................... internal.DOMAIN.com passed test LocatorCheck
      Starting test: Intersite
         ......................... internal.DOMAIN.com passed test Intersite
PS C:\Users\administrator.INTERNAL>
ADEL:fe8837d6-377c-4763-a3b8-409b2235ef9 e,CN=Servers,CN=CITY-HQ,CN=Sites,CN=Configuration,DC=internal,DC=DOMAIN,DC=com is the Schema Owner, but is deleted. ......................... AUTHSRV failed test KnowsOfRoleHolders Starting test: MachineAccount ......................... AUTHSRV passed test MachineAccount Starting test: NCSecDesc ......................... AUTHSRV passed test NCSecDesc Starting test: NetLogons ......................... AUTHSRV passed test NetLogons Starting test: ObjectsReplicated ......................... AUTHSRV passed test ObjectsReplicated Starting test: Replications ......................... AUTHSRV passed test Replications Starting test: RidManager ......................... AUTHSRV passed test RidManager Starting test: Services ......................... AUTHSRV passed test Services Starting test: SystemLog ......................... AUTHSRV passed test SystemLog Starting test: VerifyReferences ......................... AUTHSRV passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : internal Starting test: CheckSDRefDom ......................... internal passed test CheckSDRefDom Starting test: CrossRefValidation ......................... internal passed test CrossRefValidation Running enterprise tests on : internal.DOMAIN.com Starting test: LocatorCheck ......................... internal.DOMAIN.com passed test LocatorCheck Starting test: Intersite ......................... internal.DOMAIN.com passed test Intersite PS C:\Users\administrator.INTERNAL>
    
por Jason 12.07.2015 / 00:22

1 resposta

2

Você deve fazer uma limpeza de metadados para remover os vestígios de seu DC desativado do seu AD.

Você também deve certifique-se que todas as funções FSMO sejam mantidas por um dos seus controladores de domínio ativos, ocupar funções se elas não forem.

A execução de um dcdiag também pode fornecer informações úteis sobre a integridade geral do seu domínio controladores.

Com base em sua saída dcdiag, seu DC excluído ainda é o Proprietário do Esquema (e provavelmente também tem os outros papéis FSMO).

Você precisa forçar os papéis , eles são essenciais para um AD em execução. É possível que sua limpeza de metadados seja bem-sucedida.

    
por 12.07.2015 / 00:41