Solved

2000 Domain, just promoted new 2003 DC into domain, and 2003 dc will not open DNS

Posted on 2004-10-08
4
221 Views
Last Modified: 2010-04-19
Ok, I have a single forest, single tree single domain environment with one AD DC running windows 2000 SP4.  I am adding a second DC into the domain that will be running 2k3.  I ran the 2k3 forest prep with no errors, then ran the domain prep with not errors.  Ran dcpromo and joined the current 2000 domain with a 2k3 DC.  Installed DNS, and everytime I open Dns it says it cannot connect to the server.  So basically it cannot connect to its self, but i can connect to the 2000 dns server from the same 2k3 dns console window?  Uninstalled and reinstalled DNS with the same results.
I am going to install Exchange 2003 on the new 2003 DC once this is resolved.

Any help would be greatly appreciated.
0
Comment
Question by:flm270
  • 2
  • 2
4 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 125 total points
ID: 12264272
Two things...
If you have an existing Windows 2000 domain controller why are you making this new machine a DC if it is going to take Exchange 2003? Exchange 2003 doesn't have to be installed on a DC - in fact it is a LOT happier if it isn't installed on a DC. A member server is fine and you will see a much better performance from the Exchange environment. It also makes diaster recovery a lot easier.
While I am on the subject, once you have installed Exchange you cannot change your mind about the role of the server. If it was a DC when Exchange was installed it must stay a DC. Similarly if it was a member server at Exchange install point them it must stay a member server.

However if you still want it to be a DC this sounds like it hasn't setup the DNS correctly, but being a DC isn't helping.
Therefore I would DCPROMO the machine out of the domain back to a member server and reboot.
Then remove DNS server and reboot.
Reinstall DNS server and reboot. (It will not ask for a reboot, but you need to check the services start and you can access them).
DCPROMO the server in.
Configure DNS with a new AD integrated zone that matches your existing one. Add the new server to the nameservers list for the zone. If you have a reverse lookup zone don't forget to create that as well. Windows should deal with the DNS replication itself.
Wait for the replication to complete and then adjust the DNS settings so that the primary DNS is pointing at the server that you want to be the primary machine.

Simon.
0
 

Author Comment

by:flm270
ID: 12272562
Ok. Thanks for the advice on the Exchange running on a Member server.  I will take that advice.  Do I need to undo what the adprep /forestprep and /domainprep did?

Secondly,  after further investigation I discovered DNS is not correct on the 2k dc.  When I open DNS, click the Server name, then click Forward Lookup Zone, then click the Zone name, there is no _msdcs , _tcp, _udp and _sites.  All I see are the Start of Auth record, Name Server Record and the Host Records.

I already tried to run dcpromo to demote the 2k3 server and that failed so i ran dcpromo /forceremoval.  Then on the origanl 2k dc i ran metadata cleanup to remove the 2k3 server from ad.

Next I wanted to fix dns on the 2k dc so i deleted the forward zone and recreated it with out rebooting and ended up with the same results.

I am not at the server now and do not remember the error messages but i also ran dcdiag /fix but that only gave errors.

I will load exchange 2k3 on the 2k3 member server once I get DNS running correctly.

I want to uninstall DNS reboot the server and then reload DNS and recreate the zones but  I do not know if that is possible since this is the only DC and only DNS server in the domain.  Will that server log in after a reboot if there is no DNS server?

Thanks,

Lee
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12272663
You cannot undo forestprep and domainprep. It is a one time thing. It is a domainwide change - so changing servers and their roles doesn't affect anything.

The server will log in if there is no DNS server, but it will be very slow. Eventually the DNS will time out and the server will log in. You should then be able to create the zone and change it to be AD integrated zone.

Simon.
0
 

Author Comment

by:flm270
ID: 12497469
I ended up fixing the problem by running dcpromo/forceremoval, then using metadata cleanup for remove orphaned objects.  Then removing DNS.  Then went back through the dcpromo process and recreated all objects in AD.  It is up an running now.

Thanks everyone for your input.

Lee
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now