Re: Problems after domain upgrade
- From: Mallika <Mallika@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 8 Oct 2006 23:51:02 -0700
How did you rename your server name?
You should following following procedure while rename domain controller in a
domain that has single domain controller.
http://technet2.microsoft.com/WindowsServer/en/library/aad1169a-f0d2-47d5-b0ea-989081ce62be1033.mspx?mfr=true
Regards,
Mallika.
"Wolfgang Kais" wrote:
I forgot:.
After raising the functional levels I renamed the new server and gave
him the name of the old one.
"Wolfgang Kais" wrote:
My question is about an error in the directory service event log after
an upgrade to a Windows Server 2003 domain.
There was a single Windows 2000 domain with one domain controller (SP4).
I executed "adprep" 3 times (after correcting the schema conflict with
Exchange 2000) with /forestprep, /domainprep and /domainprep /gpprep.
Then I added a Windows Server 2003 SP1 domain controller to the domain.
I transferred all 5 fsmo roles to the new domain controller (ntdsutil),
replicated the global catalog to the new domain controller and made the
new server a dns (AD integrated in "windows 2000 mode"), dhcp and wins
server.
After checking that replication between the two was successful using
replmon, I demoted the old domain controller to be a member server and
then completely removed it from the domain.
As the old server name still appeared in "AD Sites and Services", I
tried a "metadata cleanup" using ntdsutil, but the old server was not
listed in the site, so I deleted the server object using the snap-in.
Also, I made sure that the new server is ISTG and site licensing server.
Then I raised domain and forest functional levels to Windows Server 2003.
We fixed the msdtc issue using component services.
Checking the event log, the only problem left now is error 1411 from
source "NTDS Replication". It states that a SPN for a certain
"guid"._msdcs.domain.local could not be determined and that mutual
authentication could not take place.
I did browse the dns zones for that guid, but did not find it.
The guid is not the one from the new DC.
Any ideas on how to fix this error?
Another problem (not really a problem for the moment, but I'd like it
to be fixed): The dhcp service on the new server was never authorized
but now (after renaming the server) it is. That's OK so far, but:
I can't remove the authorization, neither using the dhcp snap-in nor
using netsh. The error message states that there was no such object.
Trying to authorize the server (using netsh) results in the message,
that the object already exists...
Maybe someone can tell me where to edit the authorization list manually
(adsiedit)?
--
Thanks in advance,
Wolfgang
- Follow-Ups:
- Re: Problems after domain upgrade
- From: Wolfgang Kais
- Re: Problems after domain upgrade
- References:
- Problems after domain upgrade
- From: Wolfgang Kais
- Re: Problems after domain upgrade
- From: Wolfgang Kais
- Problems after domain upgrade
- Prev by Date: AD without DNS
- Next by Date: Re: Event 2088 and Event 1960
- Previous by thread: Re: Problems after domain upgrade
- Next by thread: Re: Problems after domain upgrade
- Index(es):
Relevant Pages
|
