Solved

2000 Domain, just promoted new 2003 DC into domain, and 2003 dc will not open DNS

Posted on 2004-10-08
4
211 Views
Last Modified: 2010-04-19
Ok, I have a single forest, single tree single domain environment with one AD DC running windows 2000 SP4.  I am adding a second DC into the domain that will be running 2k3.  I ran the 2k3 forest prep with no errors, then ran the domain prep with not errors.  Ran dcpromo and joined the current 2000 domain with a 2k3 DC.  Installed DNS, and everytime I open Dns it says it cannot connect to the server.  So basically it cannot connect to its self, but i can connect to the 2000 dns server from the same 2k3 dns console window?  Uninstalled and reinstalled DNS with the same results.
I am going to install Exchange 2003 on the new 2003 DC once this is resolved.

Any help would be greatly appreciated.
0
Comment
Question by:flm270
  • 2
  • 2
4 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 125 total points
ID: 12264272
Two things...
If you have an existing Windows 2000 domain controller why are you making this new machine a DC if it is going to take Exchange 2003? Exchange 2003 doesn't have to be installed on a DC - in fact it is a LOT happier if it isn't installed on a DC. A member server is fine and you will see a much better performance from the Exchange environment. It also makes diaster recovery a lot easier.
While I am on the subject, once you have installed Exchange you cannot change your mind about the role of the server. If it was a DC when Exchange was installed it must stay a DC. Similarly if it was a member server at Exchange install point them it must stay a member server.

However if you still want it to be a DC this sounds like it hasn't setup the DNS correctly, but being a DC isn't helping.
Therefore I would DCPROMO the machine out of the domain back to a member server and reboot.
Then remove DNS server and reboot.
Reinstall DNS server and reboot. (It will not ask for a reboot, but you need to check the services start and you can access them).
DCPROMO the server in.
Configure DNS with a new AD integrated zone that matches your existing one. Add the new server to the nameservers list for the zone. If you have a reverse lookup zone don't forget to create that as well. Windows should deal with the DNS replication itself.
Wait for the replication to complete and then adjust the DNS settings so that the primary DNS is pointing at the server that you want to be the primary machine.

Simon.
0
 

Author Comment

by:flm270
ID: 12272562
Ok. Thanks for the advice on the Exchange running on a Member server.  I will take that advice.  Do I need to undo what the adprep /forestprep and /domainprep did?

Secondly,  after further investigation I discovered DNS is not correct on the 2k dc.  When I open DNS, click the Server name, then click Forward Lookup Zone, then click the Zone name, there is no _msdcs , _tcp, _udp and _sites.  All I see are the Start of Auth record, Name Server Record and the Host Records.

I already tried to run dcpromo to demote the 2k3 server and that failed so i ran dcpromo /forceremoval.  Then on the origanl 2k dc i ran metadata cleanup to remove the 2k3 server from ad.

Next I wanted to fix dns on the 2k dc so i deleted the forward zone and recreated it with out rebooting and ended up with the same results.

I am not at the server now and do not remember the error messages but i also ran dcdiag /fix but that only gave errors.

I will load exchange 2k3 on the 2k3 member server once I get DNS running correctly.

I want to uninstall DNS reboot the server and then reload DNS and recreate the zones but  I do not know if that is possible since this is the only DC and only DNS server in the domain.  Will that server log in after a reboot if there is no DNS server?

Thanks,

Lee
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12272663
You cannot undo forestprep and domainprep. It is a one time thing. It is a domainwide change - so changing servers and their roles doesn't affect anything.

The server will log in if there is no DNS server, but it will be very slow. Eventually the DNS will time out and the server will log in. You should then be able to create the zone and change it to be AD integrated zone.

Simon.
0
 

Author Comment

by:flm270
ID: 12497469
I ended up fixing the problem by running dcpromo/forceremoval, then using metadata cleanup for remove orphaned objects.  Then removing DNS.  Then went back through the dcpromo process and recreated all objects in AD.  It is up an running now.

Thanks everyone for your input.

Lee
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now