2

Because of some disaster I have lost my primary domain controller and thanks god that I had secondary domain controller so I could provide the service to the computer and save my data. After that I have seized the all 5 FSMO roles to the secondary domain controller and deleted the crashed primary domain controller from Active directory and site and services. Now I want to have another domain controller to have security in future . So my question is can I keep the same IP and Host name as crashed domain controller and join the domain and promote it as domain controller or I do need to use another domain name and IP. Thank you guys for the help.

Any tips will be helpful for me

kunal
  • 161
  • 3
  • 9
  • Since you're standing up a new domain controller, make sure the DNS settings on your NIC are correct. The first DNS server on the NIC should be another AD server and the second DNS server should be 127.0.0.1. – longneck Jun 27 '16 at 17:06
  • Hey @longneck , Thanks for the Tip, I will make make it sure. – kunal Jun 27 '16 at 18:06

2 Answers2

2

You can use the same name and IP but as suggested you will need to clean up AD first and remove references to the failed DC.

you can use NTDSUTIL to do this. NTDSUTIL.exe allows you to do a metadata clean up. this way you don't have to go through and manually delete stuff. use the link below, it as all the information you need.

https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

Michael Brown
  • 3,204
  • 2
  • 9
  • 10
  • Hi@michael Brown, I have done the same process for cleaning up the Old DC from the active directory via gui and after that i have also checked with ntdsutil , there was no entry for old dc. when i install the New DC with Same Name and IP agian, it didnt work properly and there was still some problem with syncing between both DC. – kunal Jun 27 '16 at 14:49
  • So i had to remove the New installted DC again and made the meta data clean up and now i am thinking to Installed the New DC with New Ip and Host name to prevent the problems. – kunal Jun 27 '16 at 14:50
1

You can use the same name and IP address, but before you build the new domain controller, you should go through both DNS and ADSIEdit and make sure (carefully) to remove any references to the old name and IP address.

Normally when you demote a domain controller and remove any computer from a domain, the AD cleanup is done for you. DNS doesn't always catch when a computer disappears for any reason so sometimes has to be manually cleaned up no matter what happened to a computer.

In DNS, you can pretty safely remove anything with the name or the IP address of the old DC. In ADSIEdit, you should be a bit more cautious. At least make sure you have an idea of what an AD entry is for before you manually delete it.

Todd Wilcox
  • 2,831
  • 2
  • 19
  • 31
  • I have checked the DNS setting and found the There was still the Old dc was Listed even after metada clean up. i am about to install the new dc with new name and New Ip to prevent the confussion, but just can i make sure that running DC is in right State healthy state- – kunal Jun 27 '16 at 14:51