So after my last blog Reflections of Trainings I went to Hanover to deliver a two-day class on Windows Server 2003. I was just asked to take over that Training one week earlier and unfortunately I wasn't able to travel on the day prior to the training. So I had to get up at 3am to catch my flight.
I got in to the location of the training at 8am, class was supposed to start at 10. The staff that was in charge setting up the classroom equipment did a good job, everything was set up and the images were installed. Good so far? Not! I figured that one machine was looking like one of the machines at the end of the last class. After figuring out what password the student was using I checked the machine which was supposed to be a plain Windows Server 2003 in a workgroup and set to DHCP. But instead it was a DC which was member of a forest of 6 other domains, set to static IP, DNS and multiple other components were configured. I checked some other computers, and they were all the same, even same network-name and IP. And the other five domains of the forest (as well as DNS and everything else) didn't exist. Then I checked the baseimage which is used to set up the computers. Somehow it was cleanly overwritten by the image of one of the machines of the last class, and so it got duplicated to eleven machines.
OK - I had less than two hours to clean up the mess, and no "good" base image left to reinstall (this process is fairly automated using RIS and WinPE - if there is a base image I could use - but there wasn't any). Not to mention that we have a Windows XP VMWare-Image on each machine as well. So I used dcpromo /forceremoval to get rid of AD (had to force, the forest root and other trusted domains were not there anymore), deinstalled the additional windows components, cleaned up the network interfaces, changed the primary network settings, verified services (especially NTFRS) and cleaned up additional files on every machine. Since I had issues with networking (same network-name and IP) I copied NewSid from SysInternals on a memory stick and used it to change SID and network name. I was finished with the whole procedure just a few minutes before 10, and we were able to start the class right in time. And for some reasons we had less issues during the class as last time where we had minor issues with the machines.
The class was great - very interested students, and we covered a lot of DNS, AD, and other features of Windows Server 2003. And all of the labs just worked great - no issues there. I had a great time, and from the feedback I received the students had a great experience as well. We had loads of interesting scenarious and discussions.
On the evening of the first class I took one of the machines we didn't use during the day (2 students were missing) and cleaned up the rest: reinstalled VMWare since it wasn't happy, cleaned up the eventlog (got rid of the additional eventlogs which are just on a DC) and rechecked services. Then I syspreped, uploaded and tested the new image: there is a new class with the same hardware and in the same classroom so I didn't want the trainer of the next week running into the same issue. And actually I was pretty happy about the kick fixing the machines in the morning, the adrenaline woke me up, I didn't remember that I was up since 3am and I wasn't feeling sleepy until late at night (actually I was in the newsgroups that night until 1am).
So sorry Training-God - I didn't intend to upset you - but thanks for that great class after that kick/warning.