Re: New Domain

Paul:

I used your method for removing AD from the DC's. I was still left with the
new domain and so removed that as well using the NTDS tool. I promoted the
DC again for the new domain tree under the existing forest. Now I'm able to
browse via unc with no problem - Paul thanks.

The issue that I am now having is; when working with groups in the old
domain, under members and then clicking on Add and then selecting the
location by clicking on the locations button(the new domain), the Locations
window displays the two domains. When I click on th + sign for the new
domain, I do not see any OU objects. When I click on the + sign for the old
domain, I see all the ou objects.


When logged into the NEW DC (New Domain) I can see both. Do you know why
this is happening?

"romulus" wrote:

thanks much for your help so far. for this test I won't need to copy
anything across. I'm going to try your suggestions so far and let you know
how it went.

"Paul Bergson [MVP-DS]" wrote:

If you are certain that you don't need to actually copy anything across and
you want to remove a dc, you could do a force demotion and metadata cleanup.

dcpromo /forceremoval (On the dc you want to remove)

Metadata cleanup
http://support.microsoft.com/Default.aspx?id=216498

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"romulus" <romulus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:25473615-6A86-44CF-9B16-B10AD7578F83@xxxxxxxxxxxxxxxx
Paul:

I would like to start from scratch but I receive the following error when
I
try to remove the domain:
The operation failed bcause:

Active Directory could not transfer the remaining data in directory
partition CN=Schema,CN=Configuration,DC=OLDDC,DC=org to domain
controller
dc1.olddomain.org.

"The DSA operation is unable to proceed because of a DNS lookup
failure."

do you know how I can fix this?


"Paul Bergson [MVP-DS]" wrote:

Neither, I misunderstood. You have disjoint name space in the same
forest.
So you could just setup secondaries of each other, but I would just use
the
same dns server within your primary dns server in your original domain
and
replicate all DC's in your forest to replicate all dns info to all dc's,
so
the dns servers would cover the zones of both name spaces. Once the new
domain is online bring up the new dns server on the new dc making sure
they
are all AD integrated. You should also make sure that the Infrastruture
Master is not a GC in your original domain. Remember to point your new
clients to the new dns server within the new domain.

http://technet2.microsoft.com/WindowsServer/en/library/6c0515cf-1719-4bf4-a3c0-7e3514cef6581033.mspx?mfr=true

See ForestWide AD Integrated Zones
http://www.windowsitpro.com/Windows/Articles/ArticleID/40049/pg/2/2.html


--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"romulus" <romulus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B93E71FC-E976-4D9E-A25E-F7EBAB33DA20@xxxxxxxxxxxxxxxx
Paul:

Before I start to perform the delegation, which DNS will be considered
the
child DNS? I called the first domain in the forest olddomain and the
new
domain tree in the forest the newdomain - This new DC also was setup
with
DNS
during the DCPROMO.

Regards

"Paul Bergson" wrote:

Did you delegate your child dns namespace to this new dns server?
Otherwise
the parent isn't going to know how to find the child domain.

http://support.microsoft.com/default.aspx?scid=kb;en-us;255248&sd=RMVP



--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"romulus" <romulus@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A5D3AAA1-0645-460A-AC9A-0DEE43CAEB1F@xxxxxxxxxxxxxxxx
Hey everyone:

My company has aquired several other companies and we have decided
to
start
a new domain. All New client rollouts and member servers will be
part
of
this new domain. We will gradually migrate users and systems over
to
the
new
domain.

We need to be able to utilize the resources (e.g. shares ) between
the
two
domains. One way of accessing the resources will be using UNCs.
Based
on
my
understanding using the dcpromo wizard and New domain tree in an
existing
forest should do the trick - creating the necessary trust
automatically.

For some reason, things are never quite that simple, Here is the
problem -
I ran the wizard on a test environment and selected the option to
create a
new dns. Once the wizard completed, I could access resources
between
domains
through the network neighborhood. I am not able to access the
resources
using the unc such as \\server\share or \\10.1.1.143\share. I know
I
can
map
a drive, but there may be instances where I would need use the UNC.
Is
there
any reason why this is happening.

Also in the test invironment, I tried to demote the new domain and
remove
it
from AD through DCPromo, just as a test and I receive the following
error:

The operation failed bcause:

Active Directory could not transfer the remaining data in directory
partition CN=Schema,CN=Configuration,DC=OLDDC,DC=org to domain
controller
dc1.olddomain.org.

"The DSA operation is unable to proceed because of a DNS lookup
failure."


Thanks for any help or gudance that can be provded.

regards









.