DNS/Active Directory Issue
- From: Lem@xxxxxxxxxxxxxxxx <Lem@xxxxxxxxxxxxxxxx>
- Date: Wed, 2 Jul 2008 11:04:01 -0700
I recently added a new dc that is also the new global catalog server. I was
unable to demote the old dc using the dcpromo.
I have 2 main problems:
1. Clients are not using the new active directory server, for example i am
unable to share documents, cannot add users because I cannot find the ad when
trying to change permissions, etc.
2. Clients are also not using the new dns server (which is also the new
dc/global catalog server) to access the internet. I know this because
everytime I unplug the old dc from the network no one is able to access the
internet and they all have the new dns server added to their nic settings as
the primary dns server.
All addresses are static so there is no dhcp server. Also the dcdiag and
netdiag has a bunch of errors:
DCDiag Errors Below:
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : ilcuboard
Starting test: CrossRefValidation
......................... ilcuboard passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ilcuboard passed test CheckSDRefDom
Running enterprise tests on : ilcuboard.local
Starting test: Intersite
......................... ilcuboard.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
......................... ilcuboard.local failed test FsmoCheck
=====================================================
=====================================================
My Net Diag Errors are Below:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.CUB_DOMAIN>netdiag
.........................................
Computer Name: DBSERVER2
DNS Host Name: dbserver2.ilcuboard.local
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 3, GenuineIntel
List of installed hotfixes :
KB909520
KB921503
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB928090-IE7
KB929123
KB929969
KB930178
KB931768-IE7
KB931784
KB931836
KB932168
KB933360
KB933566-IE7
KB933729
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143-IE7
KB938127-IE7
KB939653-IE7
KB941202
KB941568
KB941569
KB941644
KB941672
KB941693
KB942615-IE7
KB942763
KB942830
KB942831
KB943055
KB943460
KB943485
KB943729
KB944533-IE7
KB944653
KB945553
KB946026
KB947864-IE7
KB948496
KB948590
KB948745
KB948881
KB949014
KB950759-IE7
KB950760
KB950762
KB951698
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 3
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : dbserver2
IP Address . . . . . . . . : 192.168.100.94
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.100.1
Primary WINS Server. . . . : 192.168.100.94
Secondary WINS Server. . . : 192.168.100.87
Dns Servers. . . . . . . . : 192.168.100.87
192.168.100.94
192.168.100.77
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to the
local
machine. This machine is not working properly as a DC.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{3193A4C9-B465-4280-A562-A1B85B1AC17C}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'dbserver2.ilcuboard.local.'. [RCODE_SERVER_FAILURE]
The name 'dbserver2.ilcuboard.local.' may not be registered in
DNS.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver '192.168.100.87'. Please wait for 30 minutes for DNS server replication.
PASS - All the DNS entries for DC are registered on DNS server
'192.168.100.
94' and other DCs also have some of the names registered.
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS
server 192.168.100.77, ERROR_TIMEOUT.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{3193A4C9-B465-4280-A562-A1B85B1AC17C}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{3193A4C9-B465-4280-A562-A1B85B1AC17C}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'CUB_DOMAIN'. [ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'CUB_DOMAIN': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Skipped
'CUB_DOMAIN': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The
specified d
omain either does not exist or could not be contacted.
[WARNING] Cannot find DC in domain 'CUB_DOMAIN'.
[ERROR_NO_SUCH_DOMAIN]
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Documents and Settings\Administrator.CUB_DOMAIN>
My plan of action is to do a dcpromo /forceremoval first on the old server
in directory services restore mode (because I cant boot into windows normally)
and then Ill perform a ntdsutil metadata cleanup on the new server
I believe this will resolve my problem but I am not totally sure and would
like feedback if anyone has any suggestions.
Also I did transfer all the roles to the new server and this is a single
domain network with 3 dcs we needed backups thats why i have 3 dcs for a
really small network of 30 users/computers.
Is there any thing I should do different or should I just build a whole new
forest which I dont really want to do.
Thanks for any help and suggestions.
.
- Follow-Ups:
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- RE: DNS/Active Directory Issue
- From: David Shen [MSFT]
- Re: DNS/Active Directory Issue
- From: Meinolf Weber
- RE: DNS/Active Directory Issue
- From: Lem@community.nospam
- RE: DNS/Active Directory Issue
- Prev by Date: Re: Windows 2008 Licensing Question
- Next by Date: RE: DNS/Active Directory Issue
- Previous by thread: Re: Remote Desktop - Local Drives appear as SYSTEM FOLDER on host
- Next by thread: RE: DNS/Active Directory Issue
- Index(es):
Relevant Pages
|
Loading
