Re: A real tough one with DCPromo

What already did you do untill now?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2A63A210-2280-494D-8C48-B292ABA44BB9@xxxxxxxxxxxxxxxx
THe old server dc1 is erroring out under operations master. Says it can't
be
contacted. What are the steps if the computer was to just crash. I think
that is my only option. Just remove the old server dc1 because I can't do
any configurations on or to it.

"Jorge Silva" wrote:

- Transfer any fsmo roles olded by the servers to be removed
How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/kb/324801/en-us

-Make sure that you have at least one GC on your forest.
- Transfer any other services that you might have on the old DC (like;
DNS, DHCP, Wins, DFS, etc).
- Take the old server offline; confirm that everything works with the old
server offline.
- If everything OK, use Dcpromo to remove the old DC from network, (Ps:
don't
forget to remove it manually from Active Directory Sites and Services)
Check:
Decommissioning a Domain Controller
http://technet2.microsoft.com/WindowsServer/en/Library/b96e3f0a-bf98-4a80-8718-dd80dc1071fd1033.mspx?mfr=true



Dont forget to export the *EFS* certificate. If one of these two dcs is
the first dc that was installed in your domain then the EFS certificate
resides locally on that dc. When you remove the dc before you export the
efs certificate you will loose it. Without this certificate you are not
able to recover efs encrypted files.

http://support.microsoft.com/?scid=kb%3Ben-us%3B241201&x=5&y=13


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:059D1E14-8406-4C1A-B918-4941DABA2EB1@xxxxxxxxxxxxxxxx
Now that I have promoted a new server do I have to demote the old one?
I
don't have any screen to do anything so it might be a tough task to
demote.
What will happen if I just unplug it?

"Jorge Silva" wrote:

glad i could help.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9CFA3B58-D71E-405E-BDB0-C38E52A8FF1C@xxxxxxxxxxxxxxxx
It worked. Thanks for all the help. I guess think it was the DC1
was
not
set to itself in DNS. Once that was changed it worked like a charm.
Thanks
for the patience.

"Jorge Silva" wrote:

I am in the process but wanted to clarify as I am rebooting. You
want
me
to
set the Primarty DNS of dc1 to itself? x.x.0.2? Should I put a
secondary
DNS
of the router or anything?


if you want to provide internet access you should use forward tab
on
DNS
properties to configure your router ipaddress or your ISP DNS
SERVER.

Then you said " Make sure that DC1 has DNS forward lookup zone
Active
Directory integrated." I'm not really sure what this means? If
it
doesn't
have one how do I create it?

Go to your zone properties and in the type ofzone hit the button
change,
and
change it to ad integrated.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1BBE381C-DED3-44DA-BDFD-17C38D8FCA58@xxxxxxxxxxxxxxxx
OK so

dc1 = x.x.0.2
dc2 = x.x.0.3

I am in the process but wanted to clarify as I am rebooting. You
want
me
to
set the Primarty DNS of dc1 to itself? x.x.0.2? Should I put a
secondary
DNS
of the router or anything?

Then you said " Make sure that DC1 has DNS forward lookup zone
Active
Directory integrated." I'm not really sure what this means? If
it
doesn't
have one how do I create it?


"Jorge Silva" wrote:

It seems that I'm out the base here, please clarify me

the old server has an IP of x.x.0.2 and the server has a DNS
of
x.x.0.2

Old server? - The old server is online right? and it's
functioning
well
right? and it has that IPAddress x.x.0.2

I have recreated the DNS on the new server but am not sure
what
you
mean
by
replicate.

You don't need to create any zone on the new server. You only
need
to
install DNS service on the new server.

I have created new zones on each and tried with no luck, then
I
changed the NS and the SOA to point to the old server and
tried
with
the
same
results. Could you be more specific. I have promoted a few
servers
before
but that is the extent of my knowledge. Thanks in advance.

Ok lets go.

Lets assume the "old" server as DC1 with IP = 10.0.0.2

The server that you want to add as DC2 with IP = 10.0.0.3



- Make sure that DC1 has DNS forward lookup zone Active
Directory
integrated.

- Make sure that you have DC1 NIC DNS properties primary server
=
10.0.0.2

- Install DNS service on DC2, MAKE the DC2 NIC DNS properties
primary
server
= 10.0.0.2

- Run Dcpromo on DC2, choose the option additional Dc on the
existent
domain....

- After Dcpromo wizard reboot DC2.

- After the reboot of DC2 wait for replication or use Active
directory
Sites
and services to force replication between the 2 DCs.

- On DC2 go to DNS server console and check if the DNS zone has
already
been
replicated, if yes, then go to DC2 NIC properties and make DNS
primary
=
10.0.0.3, and if you want you can also set secondary DNS =
10.0.0.2
(generally this can speed up in the boot process and avoid some
startup
errors when AD starts before DNS).

-If needed you can make DC2 a GC (This is especially true if you
have
Exchange Server or any other App that needs to contact the GC,
or
if
you
have a DFL later than Windows 2000 Mixed, or more than one
Domain)

- Don't forget to configure Sites and services, and related
subnets.



--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2F3AB56F-FF66-4B50-8380-D4815EABE7D3@xxxxxxxxxxxxxxxx
the old server has an IP of x.x.0.2 and the server has a DNS
of
x.x.0.2

I have recreated the DNS on the new server but am not sure
what
you
mean
by
replicate. I have created new zones on each and tried with no
luck,
then
I
changed the NS and the SOA to point to the old server and
tried
with
the
same
results. Could you be more specific. I have promoted a few
servers
before
but that is the extent of my knowledge. Thanks in advance.

Jamie

"Jorge Silva" wrote:

On the secondary server place the primary dns server pointing
to
the
existent DC, Install the DNS on the additional DC, replicate
DNS,
then
after
the DNS zone has been replicated point the additional DC NIC
primary
DNS
pointing to itself again.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jamie" <Jamie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3C7C45EF-F39A-4D48-9C94-F0F6A77393B4@xxxxxxxxxxxxxxxx
Well I pulled up the tool and can see the lookup zones.
Not
really
sure
what
I can do from here. I recreated the two zones under the
"new"
server
to
match the ones on the "old" server and still getting the
same
error.
Here
is
how far I get.

1. check the additional domain controller for an existing
domain
2. enter username and password
3. I attempt "mydomain.com" and it fails but if I put
"mydomain"
it
lets
me
to the next screen
4. Next screen I can browse and see "mydomain.com" and
select
it
but
when
I
click next I get the error.

Active directory Installation Wizard

The domain "mydomain.com" cannot be contacted. Ensure that
the
DNS
domain
name is type correctly. This condition may be caused by a
DNS
lookup
problem. If this domain was recently created, its name may
not
yet
be
registered with the Domain Naming Service.


.