RE: How to reinstate DC on network with same server name and ID bu
- From: v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles Yang [MSFT]")
- Date: Thu, 13 Oct 2005 09:04:25 GMT
HI,
>From your description, I understand that you want to update the DC on
Windows 2000 which is the member of SBS domain also to replicate the AD
information. That means you need to get a license for Windows 2000 DC as an
additional DC on SBS 2003 domain. You can refer to the article below for
adding an additional DC to SBS domain, please understand that this is the
only way for setting up additional DC on SBS domain and do the AD
replication as SBS domain can not establish any trust to other domain.
You can refer to the following documents to deploy additional DC in branch
office on SBS domain:
http://www.microsoft.com/technet/archive/windows2000serv/technologies/active
directory/deploy/adguide/addeploy/addch07.mspx
In addition, you may need to know about the properly configuration for the
license on every additional DC, please refer to the following section for
detailed steps:
A. Go to the additional Windows servers, open Services console in
''Administrative Tools''. Make sure that the ''License Logging services''
is running.
B. Go to the SBS 2003 server, open ''Active Directory Sites and
Services''. Click on Default-First-Site-Name and the double click on
Licensing Site on the right. Make sure that the SBS 2003 server is the
Licensing Computer.
C. Go to the additional servers, open ''Licensing'' console in
''Administrative Tools''. Set the licensing mode of the additional Windows
server to ''Per Seat''/''Per Device'' mode. The number of licenses should
be set to be equal to the number of SBS client access license (CAL). You
can select License->New License from the menu and then select Windows
Server from the dropdown and specify the same number of license that your
SBS server has.
If so, it should be the AD replication issue, please understand that you
need to use domain administrator account to make sure the DC replication
can be continued, as we know SBS is not allowed trust. Make sure that you
have logon SBS domain on Windows 2000 DC when doing AD replication.
You need also to make sure that DNS server on Windows 2000 DC is point to
SBS internal NIC. You need to get the SBS internal IP address or deploy a
site to site VPN connection in order to make the DC replication between SBS
server and Windows 2000 DC.
I appreciate your understanding on this issue; please feel free to post
back, if you have any further concerns. I am glad to help you.
Best regards,
Charles Yang (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: How to reinstate DC on network with same server name and ID
bu
| thread-index: AcXPLHC+s24A6tE6T9C/y7VBxPdw9Q==
| X-WBNR-Posting-Host: 24.106.234.2
| From: =?Utf-8?B?bWFrZWVs?= <makeel@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <18EC74A2-B970-4E6F-AF58-3759FD065FFB@xxxxxxxxxxxxx>
<pQ0#KnVzFHA.424@xxxxxxxxxxxxxxxxxxxxx>
| Subject: RE: How to reinstate DC on network with same server name and ID
bu
| Date: Wed, 12 Oct 2005 05:57:02 -0700
| Lines: 220
| Message-ID: <A6790873-DF0D-4BD5-9F83-A725DA4851CB@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:212267
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| To clarify the situation, I have diagramed the information previously
| provided and supplied answers to your questions:
|
| Prior to May, the network was as below and the W2K server was an active
DC
| member on the SBS domain.
| 192.168.1.x for SBS LAN
| 192.168.2.x for Win2KS LAN
| The network diagram was as follows:
| LAN-- ____ ____ -- LAN
| |--|router|===VPN===|router|--|
| SBS-- ------ (Internet) ------ --Windows 2000 Server
|
| During May, the SBS server was upgraded to Premium running ISA 2000 and
| installed with 2 NICs for inside and outside networks with following
| networks, and the W2K server remote LAN was no longer able to tunnel into
and
| participate with SBS domain. The W2K server was still a member, only
unable
| to replicate AD and stuff. All clients on LAN have been using SBS client
VPN
| into SBS external NIC to participate in both LANs.
| 192.168.1.x for SBS external
| 10.0.3.x for SBS internal
| 192.168.2.x for Win2KS LAN
| The network diagram is currently as follows:
| _____ _____
| LAN--SBS--===== ====VPN==== =====----LAN clients
| |router| (Internet) |router|
| ------- -------
| |
| --
Windows
| 2000 Server
|
| Current (for SBS) & planned (for W2K) network address range:
| 192.168.1.x for SBS external
| 10.0.3.x (10.0.3.1-128) internal
| 10.0.3.x (10.0.3.129-192) for Win2KS LAN
| A private line connection between sites now exists and the network
diagram
| is planned as follows:
| _____ _____
| |--|router|-----------------|router|--- Windows 2000 Server
| LAN--| ------- Private ------- |
| | |-- LAN clients
| SBS
| __|___
| |router| ----- (Internet)
| -------
|
| I have now changed the IP address and DNS entries on the Win2K server to
| reflect the new 10.0.3.x structure and to recognize the SBS server,
however
| there are problems getting the replication running again. The SBS server
| appears to not allow the credentials of the Win2K server and no updates
have
| been made to the DNS entries on the SBS server to recognize the
reappearance
| of the Win2K server on the domain. I am also receiving MRxSmb entries on
the
| SBS server indicating my Win2K server.
|
| Upon suggestion from the AD newsgroup, I have tried to force replication
| from Win2K server with replmon, but after over 8 hours of attempts, still
no
| success. Getting following reported:
| >>Direct Replication Partner Data<<
| Server is current through Property Update USN: 3460670
| Replication Failure: Changes have not been successfully replicated
from
| SBS for 5070 attempt(s)
| Replication Failure: The reason is: The DSA operation is unable to
| proceed because of a DNS lookup failure.
| Replication Failure: The last replication attempt was: 10/11/2005
| (This repeats 3 times)
|
| >>Direct Replication Partner Data<<
| Server is current through Property Update USN: 3460670
| Replication Failure: Changes have not been successfully replicated
from
| SBS for 5071 attempt(s)
| Replication Failure: The reason is: Access is denied.
| Replication Failure: The last replication attempt was: 10/11/2005
| (This repeats many, many times)
|
|
| Further assistance is requested ASAP.
|
|
| ""Charles Yang [MSFT]"" wrote:
|
| > Hi Makee,
| >
| > Welcome to SBS newsgroup.
| >
| > Issue description:
| > ================
| >
| > I understand that you want to make the Windows 2000 DC on another
network
| > to sync with the SBS 2003 DC in order to resolve the DNS resolution
issue.
| >
| > Analyzing and suggestion:
| > =================
| >
| > Before we go any further, please clarify the issue more clearly, so
that we
| > could give you some reasonable suggestions:
| >
| > 1. Does the Windows 2000 DC still belong to SBS 2003 domain or not?
| > 2. Could you describe the Network topology of your current SBS domain
to us
| > so that we can understand it clearly?
| > 3. If the issue only occurs on the only SBS records on Windows 2000 DC,
you
| > can change the records on DNS to the correct records.
| > If you only want to Windows 2000 DC to sync DNS information with SBS
2003,
| > you can just set the Windows 2000 as the additional DNS server on SBS
| > domain temporally to use DNS dynamic update function to update the DNS
| > records automatically on Windows 2000 DC. Please note that you do not
need
| > to join the client computer to SBS domain again. You can refer to the
| > following article about how to configure DNS on Windows 2000 to be
updated
| > dynamically.
| >
| > 317590 How to configure DNS dynamic update in Windows 2000
| > http://support.microsoft.com/?id=317590
| >
| > But if you want just change SBS 2003 records on Windows 2000 DC, you do
not
| > need to configure Windows 2000 DC to sync with SBS 2003 DNS, you can
just
| > change the SBS records on Windows 2000 DNS then configure SBS 2003 as
the
| > additional DNS server when you want to resolving the SBS internal
client
| > computer from Windows 2000 DC.
| >
| > I appreciate your time to cooperate on this issue, please feel free to
post
| > back. I am glad to be of further assistance.
| >
| >
| >
| > Best regards,
| >
| > Charles Yang (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > ======================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > ======================================================
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| >
| > =====================================================
| > When responding to posts, please "Reply to Group" via your newsreader
so
| > that others may learn and benefit from your issue.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| > --------------------
| > | Thread-Topic: How to reinstate DC on network with same server name
and ID
| > but di
| > | thread-index: AcXMMJRbXaoesbb/RQOGkjt3j8rQQg==
| > | X-WBNR-Posting-Host: 24.73.232.226
| > | From: =?Utf-8?B?bWFrZWVs?= <makeel@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | Subject: How to reinstate DC on network with same server name and ID
but
| > di
| > | Date: Sat, 8 Oct 2005 10:49:06 -0700
| > | Lines: 18
| > | Message-ID: <18EC74A2-B970-4E6F-AF58-3759FD065FFB@xxxxxxxxxxxxx>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:159863
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | I have a situation where my Win2K Server DC has a "broken link" with
the
| > | Windows SBS 2003 PDC it was originally joined with. I haven't changed
| > either
| > | server name or ids, and in fact, both systems are trying to find one
| > another
| > | again by resolving names through DNS. However, the SBS 03 PDC was
| > | reconfigured with 2 NICs, thus creating a new subnet class and IP
address
| > for
| > | the LAN side that the W2K DC doesn't have information on. The W2K DC
is
| > still
| > | resolving the SBS name to an old IP address on a completely different
| > network
| > | subnet range.
| > |
| > | I would like to now get the two to sync up by placing the W2K Server
DC
| > onto
| > | the new network subnet range with a matching IP address, and
configure
| > each
| > | others DNS with proper cnames for allowing this. What are the
problems
| > with
| > | this scenario (if any), and does this sound doable? I'm trying to
| > accomplish
| > | this rejoining over a "private line" from two offices separated by
| > several
| > | states.
| > | (See earlier post, 10/7, for further details)
| > |
| > |
| > |
| >
| >
|
.
- References:
- RE: How to reinstate DC on network with same server name and ID but di
- From: "Charles Yang [MSFT]"
- RE: How to reinstate DC on network with same server name and ID but di
- Prev by Date: RE: SBS Server and changes
- Next by Date: Re: Sharepoint SP2 Update cannot be applied
- Previous by thread: RE: How to reinstate DC on network with same server name and ID but di
- Next by thread: RE: How to reinstate DC on network with same server name and ID bu
- Index(es):
Relevant Pages
|
Loading
