[Last Call] Learn how to a build a cloud-first strategyRegister Now


New Domain Controller will not controll domain.

Posted on 2007-08-07
Medium Priority
Last Modified: 2008-05-31
I am really struggling with a new Windows 2003 Server domain controller. I want to demote the current DC and have the new one replace it. This is what I have done so far:

1) Installed Windows 2003 Server and promoted it to additional DC to transfer all the active directory information.
2) Set up DNS and DHCP and again copied everything from the old server (also Windows 2003 Server) all the DNS entries are identical.
3) Transferred all the 5 FSMO roles first using the GUI then using ntdsutil.exe. For all 5 roles the output was that the role has been successfully transfered to the new server.
4) The Global Catalog setting is checked on the new server and not checked on the old server.
5) I then attempted to demote the old server but it didn't complete as the old server believed it was the last DC of the domain.
6) I then tried turning off the old server. rebooting the new one in a hope that the new one would then simply take over as all the roles were in place.

The new server has not taken over control of the domain. I cannot add new users and I cannot access Group Policy. I have checked that my new server is the master for the 5 fsmo roles and it is. I have even gone on to seize the roles in ntdsutils.exe but I still get the message that it "Completed Successfully".

I have now gone on to running dcdiag,exe and I have some interesting error messages:

Fsmo check:
WARNING: DcGetDcName (GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
WARNING: DcGetDcName (TIME_SERVER) call failed, error 1355
A Time Server could be located.
The server holding the PDC role is down.
WARNING: DcGetDcName (GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
WARNING: DcGetDcName (KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All KDCs are down.


Any help would be greatly appreciated....
Question by:Count_Cloppy
  • 3
  • 3
LVL 17

Accepted Solution

Tony Massa earned 1500 total points
ID: 19645781
Make sure that your new DC is also a Global Catalog Server.  Use AD Sites and Services to configure this option.  You must have one in the domain.  After you check the option to make the server a GC, wait at least 15 mins, then reboot.


LVL 17

Expert Comment

by:Tony Massa
ID: 19645790
Sorry..They both should be checked....there is no harm in doing so.
LVL 17

Expert Comment

by:Tony Massa
ID: 19645808
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.


Author Comment

ID: 19645821
The Global Catalog is checked on the new server and not checked on the old one. When I first checked the GC box on the new server I left it 45mins before rebooting.

Author Comment

ID: 19646031
I think this may be a problem with DNS. Is there anyway of restarting DNS to clear any corrupt records?
I'm very green when it comes to DNS

Author Comment

ID: 20091856
I have sorted this issue myself. I had to transfer all roles back to the old server, re-install the new server then start the transfer all over again....what fun!!

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question