Link to home
Start Free TrialLog in
Avatar of HSCLLS
HSCLLS

asked on

Windows 2003 New Server Not Seen As Domain Controller

We have replaced our old server (10 years old) with a new one. The operating system on both is Windows 2003 Small Business. We performed a DCPROMO and the AD information carried over to the new server just fine. We also set the new server as GC, but for some reason it still will not authenticate users. The old server has been taken offline (I should add it will not allow us to DEMOTE it), so it has just been unplugged.

Any AD tools (sites and services, users,etc) we click on result in a domain controller not found error. However, I can tell it to CONNECT TO A DOMAIN CONTROLLER and voila! All of my users,etc appear.

This server is for a small office and to be honest, I would not have gone with a domain setting in this environment but it's what has been in place and what we have to work with. All that the users need to be able to do is authenticate so they can access their mapped drives. That's it.

I am new to Windows 2003 so I am at a bit of a loss with this whole thing. I guess what I would like help with is how can I configure it so it will be seen as a domain controller that will allow users to authenticate and access their network shares?

Thank you in advance for the help.

SOLUTION
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of junior15
junior15

The fact that your AD tools can not find the DC and your workstations can't find the DC lead me to believe the problem lies with DNS. You need to make sure you have a DNS server that knows where your DC is and that your PCs are using that DNS server. The simple solution is to install DNS on your DC and point all you clients to that (including the DC). I ran into this same problem when I first tried to setup Windows Server in a small office because I was using the DNS servers provided by the ISP. Since the clients couldn't find the DC via DNS, they couldn't authenticate.

Hope this helps.
If Lee says you cant demote then you can't. I am not an SBS admin, but the steps should be similar.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi
This is an recovery guide for SBS2k, but the path is the same for SBS2k3.
http://www.microsoft.com/downloads/details.aspx?FamilyID=6d6199b5-2f7a-4cd3-bf12-4d6f5208282c&DisplayLang=en

Good luck

Dan
Avatar of HSCLLS

ASKER

Wow. Quick reponse. Thank you very much guys. I am headed to work right now and will try these suggestions. I'll award points after I get this thing up and running. Thanks again.
Avatar of HSCLLS

ASKER

All roles have been transferred. But still nothing. As for the DNS, the server is not setup as a DNS server, it's just a basic file server. And the original server had the DNS pointing back to the router.

The old server won't demote because it says it cannot find another domain controller on the network, yet I have the new server with all roles and GC transferred. Am I screwed?

SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
You must be using DNS that recognizes AD and stores the pointers for the DCs. The reason the old server can't find another DC is because it is looking in DNS and can't find one. The same applies to your clients. The simplest solution is to make your DC a DNS server as well and point all your clients there. You can configure it to handle your local domain and then foward all other requests to an exteral DNS server if that is the way you have things configured.
Avatar of HSCLLS

ASKER

I appreciate everyone's help, especially Mr. Husy and BMPeterson for the step by step instructions.This was a pretty stressful situation. And because we were in a serious time crunch (law firm had been down for 2 days) I had to resort to a different solution.

We ended up doing the following:

1)  Demoted the new server and then setting it up as a new domain controller
    (basically starting over)

2) We then logged into each workstation under a local account with administrative rights and changed each workstation from a domain to a workgroup

3) Once we had all of the workstations off the domain and switched to a workgroup we removed the old dying piece of crap server from the network.

4) We then plugged in the new server and made sure all settings were in place before putting it on the network

5) From each workstation we used a program called PROFWIZ. It's a program that will migrate profile settings from one profile to a new one.

6) We ran the program, it asks for the domain name we want to join after the profile migration and then it has a drop down menu to select which profile we wish to migrate over and what the new profile name will be.

7) After making the necessary selections and clicking next it located the original domain profile and transferred it over to our new account and then auto joined the domain.

8) We restarted the workstations, logged in using the newly created user account and selected the domain and all was there. Everything was there - desktop settings, favorites, outlook,docs,printers, mapped drives,etc.   The ONLY thing it didn't carry over in our situation was the stored Outlook password. No big deal.


Maybe not the right way to do it, but it worked. Of course had to setup user accounts on the new server before logging back into the domain, but that wasn't a big deal.

I don
t know about this whole DCPROMO thing. The server was in bad, bad shape - maybe that's why it didn't fully make it through the whole transferring process. I don't know.
Sad to hear that you had to challenge so much, but happy to hear that you sorted things out. I wish you ve posted this migration project and collected opinions about it. Next time if you are going to face such kind of issues, send a little post here. I will be around ;)

Good Luck
Avatar of HSCLLS

ASKER

LOL! No kidding eh?

I'll be honest, I have a pretty strong background in computers on a variety of matters, but I know pretty much zero about Windows Server 2003 just because I never have to really deal with it in my work environment. It was a much larger project than I could have imagined. The sad thing about it is that for my client's setup, they really don't need to be running in a domain setting and SBS. There are only 6 computers on the network and everyone has access to all of the files. The new server is nice (of course, I built it! hahaha) but all it does is share Word docs and Excel files. That's it. I kept the domain setting because that's what they were already configured for and SBS was the software they had on hand for the OS.

Thanks again for your help and like I said earlier, the step by step was great. That's how I usually instruct people and I appreciate the fact that others out there take the time to lay things out clearly.

:)