Re: SBS2003/NT4 migration - Trust issue?
- From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
- Date: Wed, 26 Apr 2006 20:41:32 +1000
SBS 2003 supports an AD Domain Functional Level _no lower_ than 2000 native,
you cannot have NT DC's in a 2000 native AD.
Well, I'm pretty sure the above is correct, but it's not something I've
tested.
Your basic process is OK, it's just missing a few steps. Unfortunately, the
tidy up is going to be a nightmare (I think), and probably costly in both
downtime and/or licensing.
You _may_ be able to upgrade the existing NT DCs to 2000 or later, then
raise the functional level, before the SBS starts shutting down (I expect
this, but can't confirm it).
This is one reason www.sbsmigration.com exists.
In your (original) situation I would have:
Installed the temp NT DC.
Taken it offline and forced it into the PDC role.
Removed all references to the original PDC/BDC pair.
Upgraded it to 2000.
Raised the AD functional level to 2000 Native.
Introduced SBS into the existing AD.
I'm also probably missing a few steps in this short summary.
Unfortunately, there's not much I can offer, other than sympathy, I'm not
sure now what is your 'best method' out of the predicament.
<BertramWilberforceWooster@xxxxxxxxx> wrote in message
news:1146046703.535982.310350@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello everyone,
I am having a problem with an SBS 2003 upgrade. Briefly, the situation
is as follows:
Our previous IT infrastructure consisted of an NT primary domain
controller, and a backup domain
controller which was also a BDC. I was asked to consolidate these tasks
on to one server running SBS
2003. For various reasons, my manager stipulated that the NT4 domain
name must not be changed. As a
result, my upgrade process was as follows:
1) Install temporary NT4 server on spare hardware, and make BDC
(tempserver)
2) Promote to PDC
3) Upgrade to 2000 and install Active Directory
4) Install SBS 2003 on new server (newserver)
5) Join 2003 server to new AD domain
This all went reasonably well, however I have now hit a brick wall. The
domain is not syncing, and
when I try and force a sync I am told "the network request is not
supported". Some googling suggests
that this is a trust issue, perhaps related to the secure channel used
by the DCs to sync. I have
tried resetting this using netdom, but to no avail. Something in the
event log which might be
pertinent is the error "The RPC server is unavailable". I have verified
that the tempserver and
newserver can both ping each other, so there is definitely a network
route between them.
My questions are:
Am I correct in thinking this is a trust issue?
If so, how can I successfully reset the trust?
And if not, does anyone know what it is?
I've got Event Logs, output from dcdiag and numerous other bits and
pieces that I can post if
necessary.
I will be extremely grateful if someone can advise me on where to go
from here, as I must confess to
being completely stumped!
Many thanks,
Mike
.
- Follow-Ups:
- Re: SBS2003/NT4 migration - Trust issue?
- From: Bertram
- Re: SBS2003/NT4 migration - Trust issue?
- References:
- SBS2003/NT4 migration - Trust issue?
- From: BertramWilberforceWooster
- SBS2003/NT4 migration - Trust issue?
- Prev by Date: Re: SBS Backup Failures after SQL2005
- Next by Date: Re: problems modifying company web
- Previous by thread: SBS2003/NT4 migration - Trust issue?
- Next by thread: Re: SBS2003/NT4 migration - Trust issue?
- Index(es):
Relevant Pages
|
