FASTTRACK ARTICLE
Exchange 2010 was installed on a domain controller, it actually was a Small Business Server 2011. Something happened to the AD database, backup not good. Server would only boot in AD restore mode.
In AD restore mode, we could login using domain credentials because the other DC (backup) was providing logon and authentication. We could even start a whole bunch of services and also the Exchange services. We seized the Roles on our other DC so that users would be able to logon without issues.In the next days we prepared to move the mailboxes away, in our case to Office365 in the cloud.
After that happened we followed the steps to remove the last Exchange server including disconnecting all mailboxes from AD users, removing public folders and such. On the final step, to uninstall Exchange it would not continue stating that the server was pending a reboot.
“A reboot from a previous installation is pending. Please restart the system and then rerun Setup.”
Restarting did not help of course, because we could only boot in to directory services restore mode.
So I had to find a way to fix the AD.
1) Checking the AD database (ntds.dit) from restore mode:
Open a CMD command prompt (As Administrator);
execute command ntdsutil
at the prompt type: activate instance ntds
at the prompt type: files
A] If you get an error about corruption ->
Move all the .log files in C:\windows\ntds\ to another directory (desktop perhaps);
Open a new CMD command prompt (As Administrator);
execute command: ESENTUTL.EXE /p C:\windows\ntds\ntds.dit
execute command: ESENTUTL.EXE /g C:\windows\ntds\ntds.dit
Try the files command again in the open ntdsutil command prompt.
B] If you get an error about being in the recovered state ->
Open a new CMD command prompt (As Administrator);
execute command: ESENTUTL.EXE /g C:\windows\ntds\ntds.dit
The integrity check will show all is normal, otherwise see step A.
Reboot the computer and set the date in the BIOS a couple of months or from before the backup-date if you tried a AD restore. Or set it a year back or so if you are unsure. Try to boot in normal mode. Normally it should boot up, but could take a while, change the date/time back to the correct values when it’s booted up.
2) Replication and authentication to other domain controllers
If you have other domain controllers to replicate to, then you might probably need to change BURFLAGGS for non-authorative restore (to fix NTFRS corruption on SYSVOL) and first reset the machine account password for the secure channel to the other domain controllers. See this post: http://ares.gobien.be:8080/2013/07/sync-issues-krb_ap_err_modified-0x80090322-target-principal-name-incorrect/
3) Now you can either try to fix everything further or go ahead and uninstall Exchange. Try the uninstall the normal way.
If you get errors about the sate of the Active Directory, try it like this:
Open a new CMD command prompt (As Administrator);
execute command: cd %programfiles%\Microsoft\Exchange Server\v14\bin
execute command: setup.com /m=uninstall /dc:otherdc.domain.local
Make sure the server is still in the “Exchange Servers” security group.
Make sure there are no entries in the hosts file for your DC’s. Because it can also trigger the following error:
Setup encountered a problem while validating the state of Active Directory: ‘server.domain.local’ isn’t a fully qualified domain name (FQDN). Please provide a valid FQDN. For example: ‘SERVER’.
Happy uninstalling!
Log excerpt:
[12/31/2014 08:27:56.0273] [1] Active Directory session settings for 'Get-ExchangeServer' are: View Entire Forest: 'True', Configuration Domain Controller: 'SRV-APP1.contoso.com', Preferred Global Catalog: 'SRV-APP1.contoso.com', Preferred Domain Controllers: '{ SRV-APP1.contoso.com }'
[12/31/2014 08:27:56.0273] [1] Beginning processing Get-ExchangeServer -Identity:'SBS2011'
[12/31/2014 08:27:56.0273] [1] Searching objects "SBS2011" of type "Server" under the root "$null".
[12/31/2014 08:27:56.0273] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 08:27:56.0273] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 08:27:56.0273] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[12/31/2014 08:27:56.0273] [1] Ending processing Get-ExchangeServer
[12/31/2014 08:27:56.0491] [1] [REQUIRED] There is a pending reboot from a previous installation of a Windows Server 2008 role or feature. Please restart the system and rerun Setup.
[12/31/2014 08:27:56.0523] [1] Ending processing test-setuphealth
[12/31/2014 08:27:56.0538] [0] **************
[12/31/2014 08:28:01.0312] [1] Ending processing Get-ExchangeServer
[12/31/2014 08:28:01.0702] [1] [REQUIRED] There is a pending reboot from a previous installation of a Windows Server 2008 role or feature. Please restart the system and rerun Setup.
[12/31/2014 08:28:01.0702] [1] Ending processing test-setuphealth
[12/31/2014 08:34:16.0514] [0] End of Setup
[12/31/2014 10:17:29.0782] [1] Ending processing Get-ExchangeServer
[12/31/2014 10:17:30.0047] [1] [REQUIRED] Unable to read data from the Metabase. Ensure that Microsoft Internet Information Services is installed.
[12/31/2014 10:17:30.0047] [1] [REQUIRED] Setup encountered a problem while validating the state of Active Directory: Active Directory operation failed on SBS2011.contoso.com. The supplied credential for 'CONTOSO\Administrator' is invalid.
[REQUIRED] Setup encountered a problem while validating the state of Active Directory: Active Directory operation failed on SBS2011.contoso.com. The supplied credential for 'CONTOSO\Administrator' is invalid.
[12/31/2014 10:53:05.0881] [1] Searching objects "SBS2011" of type "Server" under the root "$null".
[12/31/2014 10:53:05.0897] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 10:53:05.0897] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 10:53:05.0897] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[12/31/2014 10:53:05.0912] [1] Ending processing Get-ExchangeServer
[12/31/2014 10:53:06.0287] [1] [REQUIRED] Setup encountered a problem while validating the state of Active Directory: 'SBS2011.contoso.com' isn't a fully qualified domain name (FQDN). Please provide a valid FQDN. For example: 'SBS2011'.
[12/31/2014 10:53:06.0318] [1] Ending processing test-setuphealth
[12/31/2014 10:54:32.0491] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 10:54:32.0491] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 10:54:32.0491] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[12/31/2014 10:54:32.0491] [1] Ending processing Get-ExchangeServer
[12/31/2014 10:54:33.0043] [1] [REQUIRED] Active Directory does not exist or cannot be contacted.
[12/31/2014 10:54:33.0043] [1] [REQUIRED] Setup encountered a problem while validating the state of Active Directory: 'SBS2011.contoso.com' isn't a fully qualified domain name (FQDN). Please provide a valid FQDN. For example: 'SBS2011'.
[12/31/2014 10:54:33.0043] [1] Ending processing test-setuphealth
[12/31/2014 10:56:00.0320] [1] Previous operation run on domain controller 'SRV-APP1.contoso.com'.
[12/31/2014 10:56:00.0320] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[12/31/2014 10:56:00.0320] [1] Ending processing get-EdgeSubscription
[12/31/2014 10:56:00.0574] [1] [REQUIRED] Setup encountered a problem while validating the state of Active Directory: 'SBS2011.contoso.com' isn't a fully qualified domain name (FQDN). Please provide a valid FQDN. For example: 'SBS2011'.
[12/31/2014 10:56:00.0670] [1] Ending processing test-se
[12/31/2014 12:31:07.0542] [1] Previous operation run on domain controller 'SVR-DC1.contoso.com'.
[12/31/2014 12:31:07.0542] [1] Previous operation run on domain controller 'SVR-DC1.contoso.com'.
[12/31/2014 12:31:07.0542] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[12/31/2014 12:31:07.0542] [1] Ending processing Get-ExchangeServer
[12/31/2014 12:31:07.0791] [1] [REQUIRED] Setup encountered a problem while validating the state of Active Directory: The user-specified domain controller SRV-APP1 does not exist.