Re: adding new Domain Controller and removing old DC.

Tech-Archive recommends: Speed Up your PC by fixing your registry

On Sep 10, 11:21 pm, Ace Fekay [MCT] <ace...@xxxxxxxxxxxxxxxxxxxxxxx>
wrote:
On Sep 10, 8:46 pm, Ace Fekay [MCT] <ace...@xxxxxxxxxxxxxxxxxxxxxxx>
wrote:
On Sep 8, 6:35 pm, "Ace Fekay [MCT]" <ace...@xxxxxxxxxxxxxxxxxxxxxxx>
wrote:
"Nick" <nickl...@xxxxxxxxx> wrote in message
news:e63d5003-d57b-457e-a44f-7bb7403abd65@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Sep 8, 1:26 pm, "Ace Fekay [MCT]" <ace...@xxxxxxxxxxxxxxxxxxxxxxx>
wrote:

"Nick" <nickl...@xxxxxxxxx> wrote in message
news:509cb631-a008-4bcf-b04a-18ec4a3d9265@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
what if the zone is a primary?

Then you can create a secondary on the other server, allow the transfer,
then change it to a primary, then point to itself for DNS. Point the
other DC to this one for DNS, too until you demote it.
Ace

this mess was inherited.
thanks for your help.

Nick

You are welcome. I can understand inheriting a mess. That's how I got some
of my customers in my area. Not that I was trying to take business from
anyone, but after an evaluation and a course of action to fix things, some
of them ask me to be their point of contact. :-)
If you're still not sure of anything, post back! :-)
Ace

i now have a new set of issues. When i try to demote the old server
(dcpromo) and promote the new server (dcpromo). it fails. when i try
to promote i get. "The operation failed because: The Active Directory
Installation Wizard was unable to convert the computer account SEC-
DC2$ to a domain controller account.  "Access is denied." . it asks me
to log in again and when i do it fails at the same place. the Dcpromo
to demote fails also but with just a little different error. i cant
post that exact error because i shutdown that server for the time
being. i was able to move dhcp, dns and move the fsmo roles from the
server before i tried to demote it.

Nick

I assume you followed the suggested step by step with the DNS settings
changes?

It sounds like you are trying to do this simultaneously. Concentrate on
the demotion first, otherwise I can't see how you are trying to promote
the new server and expect to use the same name, unless I misunderstood
your intentions?

From what I remember, read back, and understodd, you are trying to keep
the same name and IP. So you must take care of the demotion first and
allow replication, delete the demoted DC object in Sites, etc, prior to
promoting the new one.

You can't do them simulatenously and expect to keep the same name and
IP address.

Correct my assumptions please, if I am wrong.

What's in the event logs?

Ace

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit
among responding engineers, and to help others benefit from your
resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please
checkhttp://support.microsoft.comforregional support phone numbers.

i'm not keeping the same name, only the same IP address. i tried the
demotion first and waited 4 hours before i tried to promote the new
server but since i'm not keeping the name it really shouldnt matter.
there are no errors in the event viewer that pertains to not allowing
dcpromo to work either way.

Ok, I thought you were keeping the name.

Let's take this one step at a time. Let's concentrate on the demotion,
firts. I thought you said the demotion failed in your previous post?
Are you now saying the demotion was successful?

Ace

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit
among responding engineers, and to help others benefit from your
resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please checkhttp://support.microsoft.comfor regional support phone numbers.

Ace,
Sorry for not replying back sooner. I finally got my new server
promoted and my old server demoted. i had to do everything manually.

BUT!!!...I have random users (including myself) that their accounts
get locked out for no reason. this is happening everyday but not
necessarly to the same users, just random but happens about 20 times
each day. Is there some way to trouble shoot this? i''ve updated my
virus software and re-scanned everything and found nothing.

Nick
.

Relevant Pages

  • Re: adding new Domain Controller and removing old DC.
    ... Point the other DC to this one for DNS, ... and promote the new server. ... the demotion first, otherwise I can't see how you are trying to promote ... Microsoft Certified Trainer ...
    (microsoft.public.windows.server.networking)
  • Re: adding new Domain Controller and removing old DC.
    ... DC to this one for DNS, too until you demote it. ... and promote the new server. ... to log in again and when i do it fails at the same place. ...
    (microsoft.public.windows.server.networking)
  • Re: Process for Hardware Migration for Domain Controller
    ... -I will need to demote from the actual OLD dc before it is powered off ... -We use AD Integrated DNS and all other DCs are DNS Servers ... I will be replacing this server with new hardware. ...
    (microsoft.public.windows.server.active_directory)
  • Re: adding new Domain Controller and removing old DC.
    ... DC to this one for DNS, too until you demote it. ... and promote the new server (dcpromo). ...
    (microsoft.public.windows.server.networking)
  • Re: DC with hard drive issues
    ... with trying to gracefully demote it might be doing more harm to your AD ... Are remove DNS for that matter. ... the new DNS server. ... of the drives was having to be rebuilt everytime it was rebooted. ...
    (microsoft.public.win2000.active_directory)