Windows 2003 PDCE role transfer
Recently one of my DC got crashed (hardware failure). All FSMO roles were installed on it. It was acting as a NTP Server as it was carrying PDCE role. All client machines will synchronize time with that DC. Therefore I transferred all FSMO roles to the other DC. I had a GPO that applied on a Domain that indicates the old server as NTP Server. I belief, I have to change it to the current DC that is holding PDCE role, correct? Is there anything else as well I have to change wrt to Windows Time Service? Regards, Muhammad
August 22nd, 2011 6:45am

Hello, do you have another DC with GC? If no, I think it will be better to repair your server and maybe restore it from a backup. If yes then you have to perform: a metadata cleanup: http://support.microsoft.com/kb/216498 Resizing of FSMO roles: http://support.microsoft.com/kb/324801 Here if you want to bring back the old DC, you have to run dcpromo /forceremoval before keeping it online. Note that it is recommended to have at least two DC / DNS / GC servers per domain. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator
Free Windows Admin Tool Kit Click here and download it now
August 22nd, 2011 9:21am

Normally in a domain environmnet, the clients will locate the PDC Emulator for time syncronization on their own (DNS SRV records), so I am not sure why you are using a GPO. However, in any case, if you transferred the role, you also have to configure the new PDC emulator to sync with its source for authoritive time source such as with an atomic clock or a time server on the internet (unless the time set on the server is what you consider the actual time). Visit anITKB.com, an IT Knowledge Base. Follow me on Facebook.
August 22nd, 2011 1:08pm

Hello, as it sounds you have another DC in the domain make sure it is enabled as GC and DNS is installed on it. If you are SURE that the crashed one will NEVER come back please follow: http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx And for the time reconfiguration on the now new PDCEmulator see: http://msmvps.com/blogs/mweber/archive/2010/06/27/time-configuration-in-a-windows-domain.aspxBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
August 22nd, 2011 1:46pm

Hi, Please also check the following links for more information: Configuring an Authoritative Time Server with Group Policy Using WMI Filtering http://blogs.technet.com/b/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx Moving the PDC Emulator FSMO Role – Time Server Issues http://www.the-little-things.net/blog/2007/11/02/moving-the-pdc-emulator-fsmo-role-time-server-issues/ Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
August 24th, 2011 11:56pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics