Moved AD From one 2000 server to another new one and apps have stopped working

Posted on 2005-05-09
Last Modified: 2010-04-14
Basically unplugged the old server and ran DCPROMO on the new one adding all the accounts.

Now one of our server apps that useses SQL does not work and gives access denied errors,  as vauge as this is, does anyone have any ideas?

Question by:novender
    LVL 7

    Expert Comment

    it might have been a better idea to jion the new server to the existing domain leaving the old server on line for a few weeks letting them replicate the accounts and SID's to the new server. transfer all the fsmo roles to then take the old server off line. if nothing has been done to the old server it might be easier to bring it back up and change the network in this fasion.
    LVL 35

    Expert Comment

    by:Nick Sui
    Replication is a good idea. Simply promoting new server as domain controller doesn't resolve the problem because old server contains user accounts and SIDs supplied by the Domain Naming Master FSMO role. If you simply put new server and promote it domain controller it won't work because it will create all user accounts from the starting SID. Better you replicate the new server with old and then take it out from the production environment.

    LVL 2

    Accepted Solution

    There are SQL settings that need to be updated once you create the new accounts, I agree with SystmProg.  Depending on how critical the box is I would, DCPROMO the new one remove AD, bring back up the old box, DCPROMO the new box again and join the domain, replicate the names and all of AD.  Make the new server a Global Catalog Server BEFORE you turn off the old box.  Shut down the old box, remove from network, Seize the roles (;en-us;255504 ) follow only the role seize part.  Then everything should work in your SQL, of course that assumes you were able to get it all to work again when you rejoined the domain many steps ago.  Otherwise you need to reset some security in SQL and of course check the Services for how it is starting up, pay attention to the logon user!  It may have a new SID now and that could be the issue.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now