This is a windows 2000 domain issue.

I had an old win2000 PDC that was beginning to fail. So, trying to be pre-emptive, I installed a new BDC, then "demoted" the old PDC and took it off the network.

Now it appears that no member server can "find" the domain anymore. No logins work (for services or a RDP or anything).

What I've tried (based on googling):

• Verified sysvol is shared on all servers.
• Used nslookup to verify that DC's are being found.
• netdiag /fix
• meta data cleanup routines.
• verified no firewall issues (port 389 etc)
• seizing all roles to new PDC (I did that as part of the original promotion).
• LMHOST file and Netbios settings.

At the moment it seems like I can get the DC's returned but cannot contact them. I'm at a loss.

My latest attempt was to remove a member server from the domain and try to "re-add" it. When I do that I get this message:

The query was for the SRV record for _ldap._tcp.dc._msdcs.cfwebtools.com

The following domain controllers were identified by the query:
db-dev1.cfwebtools.com
file-prod1.cfwebtools.com
cfwt-pdc2.cfwebtools.com

However no domain controllers could be contacted.

It then goes on to ask if I've checked my A record and made sure they are running.

Is there a way to force this domain to be seen?

I also shared sysvol (or double checked it) and restarted the dfsr service.

More information. I got looking at sysvol and found it was not shared on 2 of these servers. Only one of them (db-dev1) has a "good" or at least "populated" sys vol store. So I tried doing a "d2" recovery of my PDC against that good sysvol. But it never synchs - or at least it does not seem to synch.

I'm guessing if I could get sysvol and netlogin to kick in and replicate that would fix my issue. I think these DC's aren't responding because they are waiting for replication which is broken somehow.

Would taking down all the DC's except for db-dev1 fix the issue - at least temporarily? I know I can't just copy the sysvol stuff over to the other 2 can I?