Domain Controller etiquette after a crash between Server 2003 & Server 2008 [closed]

I have 2 domain controllers on a non-Internet connected network running Windows Server 2008 R2. They running RAID 5 on a 8 Hard Drive server. Sometime last week the Boot Sector became corrupt on DC1 and I was unable to recover the server. I am not going to have to rebuild the server. I have been reading about the changes from Server 2003 to Server 2008. DC1 was the main domain controller and now that it won't but it is all falling to DC2. I know that in previous versions of Windows Server you had to make on the primary and one the secondary. Since DC2 does not see DC1 anymore is there anything I need to do to DC2 as it is now the one in control? I am thinking some kind of meta data clean up but I can't find any hard information on what procedure to do. I understand as of Server 2008 domain controllers are on an equal footing and provide replication to each other so they should be the same correct?


Solution 1:

You are correct in saying that domain controllers are not "primary" or "secondary" anymore (although a bit incorrect on the timing: this became reality when Active Directory was first introduced in Windows 2000, and the whole "PDC/BDC" thing ceased to exist with Windows NT 4).

However, there are some things that are specifically done on a single domain controller at a time, and those are called the FSMO roles; if the failed DC held one or more of them, you'll have to forcibly transfer ("seize") them to the remaining one: https://technet.microsoft.com/en-us/library/cc816779(v=ws.10).aspx.

Also, you'll have some cleaning up to do in Active Directory, by removing all references to the dead DC: https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx.

Last but not least, after you finish cleaning up your AD, bring up another domain controller as soon as possible; you should never run an Active Directory domain with a single DC, because if that breaks too, you'll just find yourself with no domain anymore.

Solution 2:

This procedure perfectly fits your needs. It is called seizing and is used to transfer FSMO Roles between a "death" and a "working" DC.

The process of moving the FSMO role from a non-operational role holder to a different DC is called Seizing...

If you want to know more before following the how to, read this.

Just, when you're done, never ever bring DC1 up again after this.

I warn you to rename the server to DC3 or something else whether you plan to reinstall it in the future.