Re: Problem adding a second Domain Controller windows 2008
- From: Paul Bergson [MVP-DS] <pbbergs@xxxxxxxxxxxxxx>
- Date: Fri, 28 Nov 2008 21:36:41 +0000 (UTC)
Hello HTTPSDS,
Is this a multihomed DC? If so that needs to be changed to a single nic.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights.
Hi Paul
Thats all excellent Advice but as i said before Exchange 2007 sp1
seems to need IPv6 enabled
futher to that I have proven as i said in my last post that the active
directory is not at fault in any way as it works perfectly with
another server, I then changed to the server internal 100mb network
card and when i did this it work perfectly so its not an installation
issue, seem to me its a network card issue, now of course i don't want
my server connect on a 100mb connection
I had also switch the firewall off completely as part of my fault
diagnoise and will be switching it all back on now
I have replaced the network card a Reltek one with an intel pro 1000
and this seems to have totally resolved the problem so to me it either
a fault network card what seems unlikely as it was performing all the
other network functions without issue or an issue with the microsoft
Reltek driver either way my problem is resolved, the network card gets
marked as suspect and now on to find the next bug in windows 2008
server
Thanks to both of you who have replied, both with excellent advice but
it was a strange one
Tony
"Paul Bergson [MVP-DS]" wrote:
Hello HTTPSDS,
Since we aren't using IPv6 at this time I disable all references to
it as
well as enable IPv4 pings
Enable Pings, Firewall doesn't allow IPv4 pings
Server Manager / Configuration / Windows Firewall with Advanced... /
Inbound
Rules
Action / New Rule
Select Custom
Next
Select All Programs
Next
Protocol Type = ICMPv4
Next
Local Ip Address = Any
Remote IP Address = Any
Next
Select allow the connection
Next
Check Domain
Check Private
Check Public
Next
Name = IPv4
Finish
Network
Right Click Network Places
Select Manage Network Connections For each enabled and used NIC
Right Click - Local Area Connection - Select Properties
Networking Tab
DeSelect IPv6
Close
Change the Nic Provider Order
Network Connections
Advanced
Advanced Settings
Provider Order
Move Microsoft Windows Networks to First
Run diagnostics against your Active Directory domain.
If you don't have the support tools installed, install them from your
server
install disk.
d:\support\tools\setup.exe
Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"
**Note: Using the /E switch in dcdiag will run diagnostics against
ALL dc's in the forest. If you have significant numbers of DC's this
test could generate significant detail and take a long time. You also
want to take into account slow links to dc's will also add to the
testing time.
If you download a gui script I wrote it should be simple to set and
run (DCDiag and NetDiag). It also has the option to run individual
tests without having to learn all the switch options. The details
will be output in notepad text files that pop up automagically.
The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm
Just select both dcdiag and netdiag make sure verbose is set. (Leave
the default settings for dcdiag as set when selected)
When complete search for fail, error and warning messages.
Description and download for dnslint
http://support.microsoft.com/kb/321045
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
I have just migrated my domain from windows 2003 to windows 2008
i decided i really should have a backup domain controller with a
plan to use the DC as a print server also i installed windows 2008
server standard with no issues, added it to the domain again no
issues however when it came to promoting it to a domain controller
it claims it can contact the present domain controller
i double checked it could by using the domain user and computer tool
and that could browser the AD no issues
next i found a reference t o a nltest /dsgetdc:domainname
i ran this on the server that couldn't find the domain and it found
it no issue found the domain controller that was the GC etc etc
I have check the DNS and all the entries are correct there is a A
host record for the orginal DC with the correct IP address
I am wondering if it could be an IP v6 issue I have IP v6 enabled on
both servers when i disable v6 then the nltest fails
i have to have ip v6 on the present DC as it is running exchange and
the System Attendent server will not start ip V6 is not enabled
any ideas would be great
Thanks
Tony
.
- Follow-Ups:
- References:
- Prev by Date: Re: Extract report for Group Policy Information for all OU's in domain
- Next by Date: Re: 2008 DC ntfrs journal error - conflicting advice
- Previous by thread: Re: Problem adding a second Domain Controller windows 2008
- Next by thread: Re: Problem adding a second Domain Controller windows 2008
- Index(es):
Relevant Pages
|
