If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Unable to rename domain controller: 'The account already exists.'
(I posted this to superuser.com, but in case I don't get any help there,
I've decided to post this here, because I can't find any newsgroups with activity that are dedicated to Active Directory and Windows Server. I would have posted this to serverfault.com, but they only want posts dealing with business production environments. This is a personal project.) I successfully demoted an old domain controller (Windows Server 2016) in a clean manner, cleanly removed the server from the domain, deleted the associated object in 'Computers' in Active Directory Users and Computers, but when I went to rename the new domain controller (running Windows Server 2019) to the name of the old domain controller, I get the following error: 'The account already exists.' So I scoured Active Directory Users and Computers, DNS Manager, Active Directory Sites and Services, and even the registry on the new domain controller itself. I've restarted the new domain controller numerous times. There is no mention of the old domain controller's name, but I still get the error, regardless of whether I run Rename-Computer in Powershell, or NETDOM at the command line: 'The account already exists.' Now, the old domain controller was running Active Directory Certificate Services as well, but I removed all the data entries created by the old CA service from Active Directory Sites and Services. Is there any place else to look for references to the old domain controller? -- Andrew |
Ads |
#2
|
|||
|
|||
Unable to rename domain controller: 'The account already exists.'
On 09/02/2019 03:18, Andrew wrote:
Is there any place else to look for references to the old domain controller? -- Andrew Please use Microsoft Official Forums by choosing the appropriate link from he https://social.technet.microsoft.com/Forums/lync/en-US/home?category=windowsserver G/L -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
#3
|
|||
|
|||
Unable to rename domain controller: 'The account already exists.'
"Andrew" wrote in message ...
(I posted this to superuser.com, but in case I don't get any help there, I've decided to post this here, because I can't find any newsgroups with activity that are dedicated to Active Directory and Windows Server. I would have posted this to serverfault.com, but they only want posts dealing with business production environments. This is a personal project.) I successfully demoted an old domain controller (Windows Server 2016) in a clean manner, cleanly removed the server from the domain, deleted the associated object in 'Computers' in Active Directory Users and Computers, but when I went to rename the new domain controller (running Windows Server 2019) to the name of the old domain controller, I get the following error: 'The account already exists.' So I scoured Active Directory Users and Computers, DNS Manager, Active Directory Sites and Services, and even the registry on the new domain controller itself. I've restarted the new domain controller numerous times. There is no mention of the old domain controller's name, but I still get the error, regardless of whether I run Rename-Computer in Powershell, or NETDOM at the command line: 'The account already exists.' Now, the old domain controller was running Active Directory Certificate Services as well, but I removed all the data entries created by the old CA service from Active Directory Sites and Services. Is there any place else to look for references to the old domain controller? -- Andrew Andrew, It may be because the name still exists in WS2019's tombstone. Rather than me trying to recall how I did this (several years back) try reading this article. http://www.firewall.cx/microsoft-kno...tombstone.html You may find a more recent dated article for WS2019 but this should help you get started. Has directions on how to change the lifetime of tombstone objects. -- Bob S. |
#4
|
|||
|
|||
Unable to rename domain controller: 'The account already exists.'
On 2/9/2019 4:19 PM, n/a wrote:
"Andrew"Â* wrote in message ... (I posted this to superuser.com, but in case I don't get any help there, I've decided to post this here, because I can't find any newsgroups with activity that are dedicated to Active Directory and Windows Server. I would have posted this to serverfault.com, but they only want posts dealing with business production environments. This is a personal project.) I successfully demoted an old domain controller (Windows Server 2016) in a clean manner, cleanly removed the server from the domain, deleted the associated object in 'Computers' in Active Directory Users and Computers, but when I went to rename the new domain controller (running Windows Server 2019) to the name of the old domain controller, I get the following error: 'The account already exists.' So I scoured Active Directory Users and Computers, DNS Manager, Active Directory Sites and Services, and even the registry on the new domain controller itself. I've restarted the new domain controller numerous times. There is no mention of the old domain controller's name, but I still get the error, regardless of whether I run Rename-Computer in Powershell, or NETDOM at the command line: 'The account already exists.' Now, the old domain controller was running Active Directory Certificate Services as well, but I removed all the data entries created by the old CA service from Active Directory Sites and Services. Is there any place else to look for references to the old domain controller? -- Andrew Andrew, It may be because the name still exists in WS2019's tombstone.Â* Rather than me trying to recall how I did this (several years back) try reading this article. http://www.firewall.cx/microsoft-kno...tombstone.html You may find a more recent dated article for WS2019 but this should help you get started. Has directions on how to change the lifetime of tombstone objects. Success: There apparently was an entry in ADSI Edit under: Configuration - CN=Sites - CN=Default-First-Site-Name - CN=Servers - CN={Old Domain Controller}. The thing is, in ADSI Edit, 'Configuration' isn't normally shown (at least with the Remote Server Administration Tools), unlike the screen shots in that link you provided. You have to right-click on 'ADSI Edit' in MMC, and in the 'Connection Settings', under 'Connection Point', and under 'Select a well known Naming Context', you select 'Configuration'. You can also type it under the 'Name' field at the top. So it looks like that was what was blocking me from changing the name. I didn't need to change the tombstone lifetime. Thanks! -- Andrew |
#5
|
|||
|
|||
Unable to rename domain controller: 'The account already exists.'
"Andrew" wrote in message ...
On 2/9/2019 4:19 PM, n/a wrote: "Andrew" wrote in message ... (I posted this to superuser.com, but in case I don't get any help there, I've decided to post this here, because I can't find any newsgroups with activity that are dedicated to Active Directory and Windows Server. I would have posted this to serverfault.com, but they only want posts dealing with business production environments. This is a personal project.) I successfully demoted an old domain controller (Windows Server 2016) in a clean manner, cleanly removed the server from the domain, deleted the associated object in 'Computers' in Active Directory Users and Computers, but when I went to rename the new domain controller (running Windows Server 2019) to the name of the old domain controller, I get the following error: 'The account already exists.' So I scoured Active Directory Users and Computers, DNS Manager, Active Directory Sites and Services, and even the registry on the new domain controller itself. I've restarted the new domain controller numerous times. There is no mention of the old domain controller's name, but I still get the error, regardless of whether I run Rename-Computer in Powershell, or NETDOM at the command line: 'The account already exists.' Now, the old domain controller was running Active Directory Certificate Services as well, but I removed all the data entries created by the old CA service from Active Directory Sites and Services. Is there any place else to look for references to the old domain controller? -- Andrew Andrew, It may be because the name still exists in WS2019's tombstone. Rather than me trying to recall how I did this (several years back) try reading this article. http://www.firewall.cx/microsoft-kno...tombstone.html You may find a more recent dated article for WS2019 but this should help you get started. Has directions on how to change the lifetime of tombstone objects. Success: There apparently was an entry in ADSI Edit under: Configuration - CN=Sites - CN=Default-First-Site-Name - CN=Servers - CN={Old Domain Controller}. The thing is, in ADSI Edit, 'Configuration' isn't normally shown (at least with the Remote Server Administration Tools), unlike the screen shots in that link you provided. You have to right-click on 'ADSI Edit' in MMC, and in the 'Connection Settings', under 'Connection Point', and under 'Select a well known Naming Context', you select 'Configuration'. You can also type it under the 'Name' field at the top. So it looks like that was what was blocking me from changing the name. I didn't need to change the tombstone lifetime. Thanks! -- Andrew I just remoted into a clients WSE2016 VM (non-AD server) setup to see how to get to the Connection Settings. I opened ADSIEdit.msc (it's also available under Windows Admin Tools ADSI Edit) and on the right side clicked on More Actions Connect To and arrived at the same window. I haven't used WS2019 yet but it should be close....? At any rate, the "idea" worked even though you had to figure out the route to get there.... Glad it helped. -- Bob S. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|