Re: Swing migration Q?: problem joining new DC to temp domain
- From: "Tony Vrolyk" <eat@xxxxxx>
- Date: Thu, 29 May 2008 11:56:21 -0500
Also the old serve had ISA but that was recently uninstalled in favor of a
hardware firewall.. Is it possible that some piece of ISA is still on there
blocking some or all of AD replication?
Tony
"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:casr34lu2ush0bpm7r3t31fpthhl55dcr4@xxxxxxxxxx
On the temp dc server I do \\tempservername to see all the shares and
I drill all the way in to sysvol. If you do not see sysvol and
subfolders from \\servername then you have issues. I have pulled the
temp dc off too fast or I forgot to check global catalog or forgot to
turn of the Windows Firewall. Probably some other gotchas I have
forgotten.
On XP boxes sometimes I have to do domainname.extension to join a
computer to the domain. You may try that just for grins.
I purge just about everything out of WINS and then do an
ipconfig/flushdns. I dig all old source server names out of dns. I use
the process in the book which of course does not come with any tools
like dnspurge. I guess tools might speed things up but I didn't pay
for a kit. I have done plenty of swings the old fashion way with
triple typing. My laptop messes up in virtual server with lots of
goofy typing. If I am smart I attach a usb keyboard which types fine.
You shoudl be able to ping domainname.extension and get a good answer
if dns is working. Should work on both temp dc and new server.
On Wed, 28 May 2008 18:27:04 -0500, "Tony Vrolyk" <eat@xxxxxx> wrote:
I will do that. Thanks both of you. Do you agree that failing to cleanupSee what SBS support is working on
WINS could result in the situation I am in?
I am not familiar with the net share command. I probably should be. How do
you use it to verify that sysvol has replicated?
Tony
"Frank McCallister" <FrankMcCallister@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:DF55C3FF-6159-48F7-8175-B4F46C7DAEE1@xxxxxxxxxxxxxxxx
Hi Tony
I agree with Allen Go back over the Docs CAREFULLY and recheck each
step.
Use the Net Share command to locate the Sysvol folder and be certain it
Replicated completely. Be Certain that the DNS on both servers points to
10.0.0.3 and that you can ping in both directions. Go to
SBSMigration.com
and be sure you have a current support email address for Jeff
--
Frank McCallister [SBS-MVP]
COMPUMAC
"Tony Vrolyk" wrote:
I turned it off on both DCs. I did DNS cleanup according to the Swing
kit.
I used the DNSpurge tool to remove all references to the old DC.
Now that you mention it I am not sure I did all the WINS cleanup. That
might
make sense since when you try to join a domain and enter the domain
name
without the .local that is a netbios name. Isn't that handled by WINS
then.
So if WINS has a bad entry pointing the domain name back to the old
server
then joining would fail? If so then that is probably the ticket.
Does that sound correct to you?
Tony
"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message news:e1lr341vddb0r5915grvuu9fm8iqpknkdc@xxxxxxxxxx
Grabbing at a straw. Have you tunred off the Windows Firewall on both
servers, temp dc and new server? You already did the DNS cleanup and
maybe WINS cleanup?
On Wed, 28 May 2008 15:58:59 -0500, "Tony Vrolyk" <eat@xxxxxx> wrote:
I my first attempt the problem occured at Phase 3, step A, number 7.See what SBS support is working on
"Join
the domain with the DNS requests pointing at the opposite server".
Yes I had seized the roles as directed in Phase 2 Step C
In my current attempt I have stopped at Phase 2 having completed all
of
step
B. I presume once you have completed Phase 2 Step C, D and E you can
not
reconnect the TempDC to the production LAN so my hope is to resolve
this
so
I don't have to start over again.
As I stated in my first post, in my current state, if I disconnect
from
the
production domain, connect to a temp switch and try to join the
domain
with
an unrelated PC it will not see the DC and I will not get the
credentials
prompt to join the domain.
Here is some diag info
First attempt dcdiag text
------------------------------------
The domain name DOMAIN might be a NetBIOS domain name. If this is
the
case,
verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then
the
following information can help you troubleshoot your DNS
configuration.
The following error occurred when DNS was queried for the service
location
(SRV) resource record used to locate a domain controller for domain
ARCDESIGN:
The error was: "This operation returned because the timeout period
expired."
(error code 0x000005B4 ERROR_TIMEOUT)
The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN
The DNS servers used by this computer for name resolution are not
responding. This computer is configured to use DNS servers with the
following IP addresses:
10.0.0.3 (then current IP of TEMP PC)
Verify that this computer is connected to the network, that these are
the
correct DNS server IP addresses, and that at least one of the DNS
servers
is
running.
For more information on how to correct this problem, click Help.
------------------------------------
Current testing dcdiag.txt (after fiddling with DNS some)
---------------------------------------------
DNS was successfully queried for the service location (SRV) resource
record
used to locate a domain controller for domain domain.local:
The query was for the SRV record for
_ldap._tcp.dc._msdcs.domain.local
The following domain controllers were identified by the query:
TempDC.domain.local
ProductionDC.domain.local
Common causes of this error include:
- Host (A) records that map the name of the domain controller to its
IP
addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the
network
or
are not running.
For information about correcting this problem, click Help.
--------------------------
Thanks again for your help
Tony V
"AllenM" <noreply@xxxxxxxxxxx> wrote in message
news:exAibJQwIHA.3780@xxxxxxxxxxxxxxxxxxxxxxx
Were the FSMO roles transferred to the TEMP DC? also if you could
give
the
"Phase" and "Step" you are currently at and having this failure
will
certainlyhelp for tohse of us who have done the swing migration
before.
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
.
- Follow-Ups:
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Cliff Galiher
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Frank McCallister
- Re: Swing migration Q?: problem joining new DC to temp domain
- References:
- Swing migration Q?: problem joining new DC to temp domain
- From: Tony Vrolyk
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: AllenM
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Tony Vrolyk
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Jim Behning SBS MVP
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Tony Vrolyk
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Frank McCallister
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Tony Vrolyk
- Re: Swing migration Q?: problem joining new DC to temp domain
- From: Jim Behning SBS MVP
- Swing migration Q?: problem joining new DC to temp domain
- Prev by Date: Re: Swing migration Q?: problem joining new DC to temp domain
- Next by Date: Re: Swing migration Q?: problem joining new DC to temp domain
- Previous by thread: Re: Swing migration Q?: problem joining new DC to temp domain
- Next by thread: Re: Swing migration Q?: problem joining new DC to temp domain
- Index(es):
Relevant Pages
|
Loading
