Solved

Unable to add Domain controller roll after upgrading server from 2000 > 2003

Posted on 2004-10-01
2
317 Views
Last Modified: 2012-05-05
I have an existing domain 2003, with 3 AD controllers, and 2 2000 servers.  I upgraded both 2000 servers to 2003 OS.  But on one of the servers I am getting authenticating errors, can't fine user accounts to add to shares, etc.  I tried to add a domain controller role to the server but am unable to due to a dns error.  I can ping and resolve all addresses formain dns name of domain, but am unable to nslookup:  domain unknown.  All other servers in domain work fine.  Is there an additional test or resolution in order to get this server onto the domain correctly?  I can view all network shares, etc.  But the underlying dns resolution is a problem that keeps creeping up.  Sometimes it is no machine account in the domain, others it is no authentication.
0
Comment
Question by:amullee44
2 Comments
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 250 total points
Comment Utility
So, I take it when you run DCPROMO on the problematic Windows 2000 server, you get a "cannot upgrade error...etc due to DNS"?

You also state that your other domain controllers are working OK.  And that other workstations are OK.  

You also state that NSLOOKUP isn't working on the Windows 2000 server.

Based on this, I would guess that the Windows 2000 servers have incorrect DNS settings.  On the Windows 2000 server, you need to make sure that the TCP/IP settings point DNS to your Windows 2003 DNS servers.

So, the Windows 2000 machine run an IPCONFIG /all command.  This will show you the IP settings:

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : Domainname.com.
        Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Controller (3C905C-TX Compatible) #3
        Physical Address. . . . . . . . . : 00-0x-xx-24-xx-xx
        Dhcp Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.10.1.73
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.10.1.1
        DHCP Server . . . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 10.10.1.10    <-- this setting must be your Windows 2003 AD DNS server
                                           
Hope this helps...

Joe Poandl MCSE
0
 

Author Comment

by:amullee44
Comment Utility
Microsoft article 216498 describes how to remove the DC data fromAD and then you are able to join the domain again.  The error was not in any DNS setting but in the initial joining to AD of the server.  I had to get rid of the current information concerning the DC in AD and readd it.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now