• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

Unable to add Domain controller roll after upgrading server from 2000 > 2003

I have an existing domain 2003, with 3 AD controllers, and 2 2000 servers.  I upgraded both 2000 servers to 2003 OS.  But on one of the servers I am getting authenticating errors, can't fine user accounts to add to shares, etc.  I tried to add a domain controller role to the server but am unable to due to a dns error.  I can ping and resolve all addresses formain dns name of domain, but am unable to nslookup:  domain unknown.  All other servers in domain work fine.  Is there an additional test or resolution in order to get this server onto the domain correctly?  I can view all network shares, etc.  But the underlying dns resolution is a problem that keeps creeping up.  Sometimes it is no machine account in the domain, others it is no authentication.
0
amullee44
Asked:
amullee44
1 Solution
 
NJComputerNetworksCommented:
So, I take it when you run DCPROMO on the problematic Windows 2000 server, you get a "cannot upgrade error...etc due to DNS"?

You also state that your other domain controllers are working OK.  And that other workstations are OK.  

You also state that NSLOOKUP isn't working on the Windows 2000 server.

Based on this, I would guess that the Windows 2000 servers have incorrect DNS settings.  On the Windows 2000 server, you need to make sure that the TCP/IP settings point DNS to your Windows 2003 DNS servers.

So, the Windows 2000 machine run an IPCONFIG /all command.  This will show you the IP settings:

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : Domainname.com.
        Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Controller (3C905C-TX Compatible) #3
        Physical Address. . . . . . . . . : 00-0x-xx-24-xx-xx
        Dhcp Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.10.1.73
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.10.1.1
        DHCP Server . . . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 10.10.1.10    <-- this setting must be your Windows 2003 AD DNS server
                                           
Hope this helps...

Joe Poandl MCSE
0
 
amullee44Author Commented:
Microsoft article 216498 describes how to remove the DC data fromAD and then you are able to join the domain again.  The error was not in any DNS setting but in the initial joining to AD of the server.  I had to get rid of the current information concerning the DC in AD and readd it.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now