Re: Swing migration Q?: problem joining new DC to temp domain

Tony,

I hate to sound harsh, but swing migrations are awesome, but unsupported by Microsoft. There is a reason that the kits are *sold* and why they offer support directly. You have reached a point, from what I've read, where you either should:

1) Scrap it and use the official Microsoft migration method, or
2) Pay for a new swing kit tailored to your current scenario (as you said, your original kit was not this exact scenario) and thus get access to direct support.

Sometimes you just have to buy the pay-for bullet...

-Cliff

"Tony Vrolyk" <eat@xxxxxx> wrote in message news:%23CTurzawIHA.4476@xxxxxxxxxxxxxxxxxxxxxxx
Also the old serve had ISA but that was recently uninstalled in favor of a hardware firewall.. Is it possible that some piece of ISA is still on there blocking some or all of AD replication?

Tony


"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:casr34lu2ush0bpm7r3t31fpthhl55dcr4@xxxxxxxxxx
On the temp dc server I do \\tempservername to see all the shares and
I drill all the way in to sysvol. If you do not see sysvol and
subfolders from \\servername then you have issues. I have pulled the
temp dc off too fast or I forgot to check global catalog or forgot to
turn of the Windows Firewall. Probably some other gotchas I have
forgotten.

On XP boxes sometimes I have to do domainname.extension to join a
computer to the domain. You may try that just for grins.

I purge just about everything out of WINS and then do an
ipconfig/flushdns. I dig all old source server names out of dns. I use
the process in the book which of course does not come with any tools
like dnspurge. I guess tools might speed things up but I didn't pay
for a kit. I have done plenty of swings the old fashion way with
triple typing. My laptop messes up in virtual server with lots of
goofy typing. If I am smart I attach a usb keyboard which types fine.

You shoudl be able to ping domainname.extension and get a good answer
if dns is working. Should work on both temp dc and new server.

On Wed, 28 May 2008 18:27:04 -0500, "Tony Vrolyk" <eat@xxxxxx> wrote:

I will do that. Thanks both of you. Do you agree that failing to cleanup
WINS could result in the situation I am in?

I am not familiar with the net share command. I probably should be. How do
you use it to verify that sysvol has replicated?

Tony


"Frank McCallister" <FrankMcCallister@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:DF55C3FF-6159-48F7-8175-B4F46C7DAEE1@xxxxxxxxxxxxxxxx
Hi Tony

I agree with Allen Go back over the Docs CAREFULLY and recheck each step.
Use the Net Share command to locate the Sysvol folder and be certain it
Replicated completely. Be Certain that the DNS on both servers points to
10.0.0.3 and that you can ping in both directions. Go to SBSMigration.com
and be sure you have a current support email address for Jeff

--
Frank McCallister [SBS-MVP]
COMPUMAC


"Tony Vrolyk" wrote:

I turned it off on both DCs. I did DNS cleanup according to the Swing
kit.
I used the DNSpurge tool to remove all references to the old DC.

Now that you mention it I am not sure I did all the WINS cleanup. That
might
make sense since when you try to join a domain and enter the domain name
without the .local that is a netbios name. Isn't that handled by WINS
then.
So if WINS has a bad entry pointing the domain name back to the old
server
then joining would fail? If so then that is probably the ticket.

Does that sound correct to you?
Tony



"Jim Behning SBS MVP" <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:e1lr341vddb0r5915grvuu9fm8iqpknkdc@xxxxxxxxxx
> Grabbing at a straw. Have you tunred off the Windows Firewall on > both
> servers, temp dc and new server? You already did the DNS cleanup and
> maybe WINS cleanup?
>
> On Wed, 28 May 2008 15:58:59 -0500, "Tony Vrolyk" <eat@xxxxxx> > wrote:
>
>>I my first attempt the problem occured at Phase 3, step A, number 7.
>>"Join
>>the domain with the DNS requests pointing at the opposite server".
>>Yes I had seized the roles as directed in Phase 2 Step C
>>
>>In my current attempt I have stopped at Phase 2 having completed all >>of
>>step
>>B. I presume once you have completed Phase 2 Step C, D and E you can
>>not
>>reconnect the TempDC to the production LAN so my hope is to resolve
>>this
>>so
>>I don't have to start over again.
>>
>>As I stated in my first post, in my current state, if I disconnect >>from
>>the
>>production domain, connect to a temp switch and try to join the >>domain
>>with
>>an unrelated PC it will not see the DC and I will not get the
>>credentials
>>prompt to join the domain.
>>
>>Here is some diag info
>>
>>First attempt dcdiag text
>>------------------------------------
>>The domain name DOMAIN might be a NetBIOS domain name. If this is >>the
>>case,
>>verify that the domain name is properly registered with WINS.
>>
>>If you are certain that the name is not a NetBIOS domain name, then >>the
>>following information can help you troubleshoot your DNS >>configuration.
>>
>>The following error occurred when DNS was queried for the service
>>location
>>(SRV) resource record used to locate a domain controller for domain
>>ARCDESIGN:
>>
>>The error was: "This operation returned because the timeout period
>>expired."
>>
>>(error code 0x000005B4 ERROR_TIMEOUT)
>>
>>The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN
>>
>>The DNS servers used by this computer for name resolution are not
>>responding. This computer is configured to use DNS servers with the
>>following IP addresses:
>>
>>10.0.0.3 (then current IP of TEMP PC)
>>
>>Verify that this computer is connected to the network, that these >>are
>>the
>>correct DNS server IP addresses, and that at least one of the DNS
>>servers
>>is
>>running.
>>
>>For more information on how to correct this problem, click Help.
>>------------------------------------
>>
>>
>>
>>Current testing dcdiag.txt (after fiddling with DNS some)
>>---------------------------------------------
>>DNS was successfully queried for the service location (SRV) resource
>>record
>>used to locate a domain controller for domain domain.local:
>>
>>The query was for the SRV record for >>_ldap._tcp.dc._msdcs.domain.local
>>
>>The following domain controllers were identified by the query:
>>
>>TempDC.domain.local
>>ProductionDC.domain.local
>>
>>Common causes of this error include:
>>
>>- Host (A) records that map the name of the domain controller to its >>IP
>>addresses are missing or contain incorrect addresses.
>>
>>- Domain controllers registered in DNS are not connected to the >>network
>>or
>>are not running.
>>
>>For information about correcting this problem, click Help.
>>--------------------------
>>
>>
>>Thanks again for your help
>>Tony V
>>
>>
>>"AllenM" <noreply@xxxxxxxxxxx> wrote in message
>>news:exAibJQwIHA.3780@xxxxxxxxxxxxxxxxxxxxxxx
>>> Were the FSMO roles transferred to the TEMP DC? also if you could
>>> give
>>> the
>>> "Phase" and "Step" you are currently at and having this failure >>> will
>>> certainlyhelp for tohse of us who have done the swing migration
>>> before.
>>>
>>
>>
>>
> See what SBS support is working on
> http://blogs.technet.com/sbs/default.aspx
> Check your SBS with the SBS Best Practices Analyzer
> http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx




See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx



.

Relevant Pages

  • Re: SBS2003 - Cannot restore GPO following Article 888943
    ... As to the second DNS setting, the system worked quite well prior to ... forwarders on the SBS server DNS. ... >another installation of SBS 2003? ... >This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... Go back to pointing the external NIC DNS Servers to the SBS server IP ... make sure the DHCP Client Service is running on the server. ... Next I Select a local router device with an ip address. ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet Speed
    ... I think what we are trying to say is to use the DHCP from the SBS and NOT ... DNS and WINS point to the SBS. ... as the server IP address. ... it is recommend to configure all SBS client computers' IP and DNS ...
    (microsoft.public.windows.server.sbs)
  • Re: Help! w/ Upgrade-Installation problems with OMA/ActiveSync and
    ... Am I misinterpreting the summary doc from CEICW re: dhcp and dns settings ... under the SBS DNS forwarder tab. ... DNS server addresses I assume from the DSL modem. ...
    (microsoft.public.windows.server.sbs)
  • RE: ICW Problem Error 0x80072581 Deleting the DNS record external NIC
    ... Make sure your SBS internal and external network interface DNS is ... Do you have any site hosted in the SBS server other than the four ... Check if the PUBLISHING record in DNS is an A record. ... check to see if there is a name record 'publishing'. ...
    (microsoft.public.windows.server.sbs)