Upgrade AD issues

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Rob (rlivermore_at_twns.com)
Date: 02/11/04 

Date: Wed, 11 Feb 2004 14:53:15 -0800

Broke down and called MS support. Here's the fix.

Opened local system policy on ServerA to "Authenticated
Users" and "Everyone" groups.

Goto:
-Active Directory Users and Computers
-Properties of Domain Controllers
-Group Policy tab
-Local Policy
-Windows Settings
-Security Settings
-Local Policies

Made adjustment here: "Access this computer from the
network"

All is well again. Most of the time it's the little
things that get over-looked - atleast it's that way for me.

>-----Original Message-----
>Also ran dcdiag -v on ServerA all systems passed except
>the following.
>
>Event String: The File Replication Service is having
>trouble
>enabling replication from ServerB to ServerA for
>c:\winnt\sysvol\domain using the DNS name
ServerB.xyz.com.
>FRS will keep retrying.
>
>Following are some of the reasons you would see this
>warning
>[1] FRS can not correctly resolve the DNS name
>ServerB.xyz.com from this computer.
>[2] FRS is not running on zechariah.twt.com.
>[3] The topology information in the Active
>
>Directory for this replica has not yet replicated
>to all the Domain Controllers.
>
>
>>-----Original Message-----
>>Ignore the following Event ID: 5774 - NETLOGON -
>>Registration of DNS
>>record '_kerberos_tcp.Default...dc_msdcs.twt.com
>>ServerB.xyz.com' failed. DNS operation refused.
>>
>>Found the problem - simply pointed the DC over to
ServerA
>>(DNS server).
>>
>>But I failed to mention this error:
>>Event ID: 1000 - USERENV - Windows cannot determine the
>>username or computer name. Return value (5)
>>
>>>-----Original Message-----
>>>I figure it's best if you have the "full-scope" of the
>>>issue than to only give bits and pieces here and there.
>>>With that being said...
>>>
>>>I upgraded company xyz over the weekend from NT 4.0
>>Domain
>>>to W2K Domain.
>>>
>>>NT 4.0 Domain structure
>>>Server A - PDC - OS NT 4.0
>>>Server B - member server - OS W2K
>>>Server C - BDC (demoted from PDC prior to upgrade)
>>>
>>>W2K Domain structure
>>>Server A - FSMO
>>>Server B - DC (via dcpromo)
>>>
>>>When I attempted to dcpromo Server B after Upgrading
>>>Server A ran into errors - would not allow promo.
>>Problem
>>>was caused by the domain name not being changed from
xyz
>>>to xyz.com prior to running upgrade. Found MS Kb
>article
>>>that gave Registry hack to fix issue.
>>>
>>>Problem now is - I can not manually synchronize the DC
>>>with Server A (via AD sites and services) - receive
>>>error: "Access is Denied". I can however add a user
>>>account on Server B and it will replicate to Server A.
>>>
>>>Also of importance - on a client PC: If I attempt to
>add
>>>a domain user via Control Panel receive the following
>>>error: Trust relationship between the workstation and
>the
>>>primary domain failed. The workaround is to add a
>LMHOST
>>>file on the local PC and point it to ServerA.
>>>
>>>On Server B event viewer reports:
>>>Event ID: 16650 - SAM - allocator failed to initialize
>>>properly.
>>>
>>>Event ID: 5774 - NETLOGON - Registration of DNS
>>>record '_kerberos_tcp.Default...dc_msdcs.twt.com
>>>ServerB.xyz.com' failed. DNS operation refused.
>>>
>>>I ran netdiag /test:dsgetdc and recv'd
>>>sysvol has not completely replicated. Machine not
>working
>>>as a DC.
>>>
>>>ran dcdiag /test:replications and recv'd skipping all
>>>tests because ServerB is not responding to DS requests.
>>>
>>>DNS appears to be working fine. Since environment is
>>>legacy - tested and confirmed WINS works.
>>>
>>>I have researched/reviewed several articles regarding
>the
>>>issues we are experiencing but am unable to really nail
>>>down where the problem lies. All of the problems are
>>>pointing to a DNS issue but I'm not able to determine
>>>what/where is causing the issue. Servers and clients
>are
>>>able to resolve both forward and reverse lookups.
>>>
>>>Any insight you might be able to give is appreciated.
>>>.
>>>
>>.
>>
>.
>

Relevant Pages

  • Upgrade AD issues
    ... Also ran dcdiag -v on ServerA all systems passed except ... The File Replication Service is having ... FRS can not correctly resolve the DNS name ...
    (microsoft.public.win2000.active_directory)
  • Re: Sending email between 2 SBS servers
    ... ServerA says user2 does not exist in the ... then tried relaying outbound SMTP connections through a third-party ... to have a higher priority than the default policy. ...
    (microsoft.public.windows.server.sbs)
  • Re: Path Rules - Enabled Paths sometime are restricted
    ... After careful review of the replication logs in event viewer on Skip, ... GpoTool said all GPO are now consistent on all ... > Check to see if SRP are configured on any other Group Policy including locally ... >> all DC were as expected and DNS records were good. ...
    (microsoft.public.windows.group_policy)
  • please help me answer these questions for 70-217
    ... The network contains Windows 2000 ... Server computers, Windows NT 4.0 Server computers and ... ServerA does not support dynamic updates. ... You discover that your DNS server has been compromised. ...
    (microsoft.public.cert.exam.mcse)
  • Re: Please help with these questions
    ... > You are the network administrator for your company. ... > Server computers, Windows NT 4.0 Server computers and Windows NT 4.0 ... The nwtraders.com zone on ServerA does not support ... > You discover that your DNS server has been compromised. ...
    (microsoft.public.cert.exam.mcse)