Re: Swing migration Q?: problem joining new DC to temp domain

Do not disconnect the temp DC from the old domain until you see a good
populated sysvol from the temp dc. What you see on the old Dc you
should see on the new server at \\servername. I have taken stuff away
(disconnected from old domain) too quickly not allowing proper GC and
all that stuff to replicate.

On Thu, 29 May 2008 14:19:31 -0700, "AllenM" <noreply@xxxxxxxxxxx>
wrote:

I agree with Frank. At this point you are probably doing more damage and
perhaps issues that will affect the rest of the installation. I would chalk
this one up as installation try #1 and start from scratch. Guaranteed but
hopefully by the time you get to installation #3 you would have it all
figured out.


"Frank McCallister" <FrankMcCallister@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:74472F54-3D0E-42B6-9EE0-903EF50CC03A@xxxxxxxxxxxxxxxx
I am leaving town and won't see this thread for awhile but you DEFINITELY
did
NOT get replication and need to start over by rejoining the TEMPDC to the
old
server. Follow the checklist carefully!!
--
Frank McCallister [SBS-MVP]
COMPUMAC


"Tony Vrolyk" wrote:

Also the old serve had ISA but that was recently uninstalled in favor of
a
hardware firewall.. Is it possible that some piece of ISA is still on
there
blocking some or all of AD replication?

Tony


"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:casr34lu2ush0bpm7r3t31fpthhl55dcr4@xxxxxxxxxx
On the temp dc server I do \\tempservername to see all the shares and
I drill all the way in to sysvol. If you do not see sysvol and
subfolders from \\servername then you have issues. I have pulled the
temp dc off too fast or I forgot to check global catalog or forgot to
turn of the Windows Firewall. Probably some other gotchas I have
forgotten.

On XP boxes sometimes I have to do domainname.extension to join a
computer to the domain. You may try that just for grins.

I purge just about everything out of WINS and then do an
ipconfig/flushdns. I dig all old source server names out of dns. I use
the process in the book which of course does not come with any tools
like dnspurge. I guess tools might speed things up but I didn't pay
for a kit. I have done plenty of swings the old fashion way with
triple typing. My laptop messes up in virtual server with lots of
goofy typing. If I am smart I attach a usb keyboard which types fine.

You shoudl be able to ping domainname.extension and get a good answer
if dns is working. Should work on both temp dc and new server.

On Wed, 28 May 2008 18:27:04 -0500, "Tony Vrolyk" <eat@xxxxxx> wrote:

I will do that. Thanks both of you. Do you agree that failing to
cleanup
WINS could result in the situation I am in?

I am not familiar with the net share command. I probably should be. How
do
you use it to verify that sysvol has replicated?

Tony


"Frank McCallister" <FrankMcCallister@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:DF55C3FF-6159-48F7-8175-B4F46C7DAEE1@xxxxxxxxxxxxxxxx
Hi Tony

I agree with Allen Go back over the Docs CAREFULLY and recheck each
step.
Use the Net Share command to locate the Sysvol folder and be certain
it
Replicated completely. Be Certain that the DNS on both servers points
to
10.0.0.3 and that you can ping in both directions. Go to
SBSMigration.com
and be sure you have a current support email address for Jeff

--
Frank McCallister [SBS-MVP]
COMPUMAC


"Tony Vrolyk" wrote:

I turned it off on both DCs. I did DNS cleanup according to the
Swing
kit.
I used the DNSpurge tool to remove all references to the old DC.

Now that you mention it I am not sure I did all the WINS cleanup.
That
might
make sense since when you try to join a domain and enter the domain
name
without the .local that is a netbios name. Isn't that handled by
WINS
then.
So if WINS has a bad entry pointing the domain name back to the old
server
then joining would fail? If so then that is probably the ticket.

Does that sound correct to you?
Tony



"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message news:e1lr341vddb0r5915grvuu9fm8iqpknkdc@xxxxxxxxxx
Grabbing at a straw. Have you tunred off the Windows Firewall on
both
servers, temp dc and new server? You already did the DNS cleanup
and
maybe WINS cleanup?

On Wed, 28 May 2008 15:58:59 -0500, "Tony Vrolyk" <eat@xxxxxx>
wrote:

I my first attempt the problem occured at Phase 3, step A, number
7.
"Join
the domain with the DNS requests pointing at the opposite server".
Yes I had seized the roles as directed in Phase 2 Step C

In my current attempt I have stopped at Phase 2 having completed
all
of
step
B. I presume once you have completed Phase 2 Step C, D and E you
can
not
reconnect the TempDC to the production LAN so my hope is to
resolve
this
so
I don't have to start over again.

As I stated in my first post, in my current state, if I disconnect
from
the
production domain, connect to a temp switch and try to join the
domain
with
an unrelated PC it will not see the DC and I will not get the
credentials
prompt to join the domain.

Here is some diag info

First attempt dcdiag text
------------------------------------
The domain name DOMAIN might be a NetBIOS domain name. If this is
the
case,
verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name,
then
the
following information can help you troubleshoot your DNS
configuration.

The following error occurred when DNS was queried for the service
location
(SRV) resource record used to locate a domain controller for
domain
ARCDESIGN:

The error was: "This operation returned because the timeout period
expired."

(error code 0x000005B4 ERROR_TIMEOUT)

The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN

The DNS servers used by this computer for name resolution are not
responding. This computer is configured to use DNS servers with
the
following IP addresses:

10.0.0.3 (then current IP of TEMP PC)

Verify that this computer is connected to the network, that these
are
the
correct DNS server IP addresses, and that at least one of the DNS
servers
is
running.

For more information on how to correct this problem, click Help.
------------------------------------



Current testing dcdiag.txt (after fiddling with DNS some)
---------------------------------------------
DNS was successfully queried for the service location (SRV)
resource
record
used to locate a domain controller for domain domain.local:

The query was for the SRV record for
_ldap._tcp.dc._msdcs.domain.local

The following domain controllers were identified by the query:

TempDC.domain.local
ProductionDC.domain.local

Common causes of this error include:

- Host (A) records that map the name of the domain controller to
its
IP
addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the
network
or
are not running.

For information about correcting this problem, click Help.
--------------------------


Thanks again for your help
Tony V


"AllenM" <noreply@xxxxxxxxxxx> wrote in message
news:exAibJQwIHA.3780@xxxxxxxxxxxxxxxxxxxxxxx
Were the FSMO roles transferred to the TEMP DC? also if you
could
give
the
"Phase" and "Step" you are currently at and having this failure
will
certainlyhelp for tohse of us who have done the swing migration
before.




See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx




See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx




See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
.

Relevant Pages

  • Re: SBS2003 - Cannot restore GPO following Article 888943
    ... As to the second DNS setting, the system worked quite well prior to ... forwarders on the SBS server DNS. ... >another installation of SBS 2003? ... >This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... Go back to pointing the external NIC DNS Servers to the SBS server IP ... make sure the DHCP Client Service is running on the server. ... Next I Select a local router device with an ip address. ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet Speed
    ... I think what we are trying to say is to use the DHCP from the SBS and NOT ... DNS and WINS point to the SBS. ... as the server IP address. ... it is recommend to configure all SBS client computers' IP and DNS ...
    (microsoft.public.windows.server.sbs)
  • Re: Help! w/ Upgrade-Installation problems with OMA/ActiveSync and
    ... Am I misinterpreting the summary doc from CEICW re: dhcp and dns settings ... under the SBS DNS forwarder tab. ... DNS server addresses I assume from the DSL modem. ...
    (microsoft.public.windows.server.sbs)
  • RE: ICW Problem Error 0x80072581 Deleting the DNS record external NIC
    ... Make sure your SBS internal and external network interface DNS is ... Do you have any site hosted in the SBS server other than the four ... Check if the PUBLISHING record in DNS is an A record. ... check to see if there is a name record 'publishing'. ...
    (microsoft.public.windows.server.sbs)