[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 296
  • Last Modified:

Domain Migration

I have two Active Directory domains running on 2003 servers.

olddomain.org is on top floor of the building and the newdomain.org is on the bottom floor. I want to get rid of the olddomain and have already migrated all computers in that floor to authenticate to the new domain. Now everyone is added and authenticating to the new domain controller. However when i tried to shutdown the server that has the old AD., top floor users cannot access internet. They can logon (to the new domain) and even talk to fileservers internally. But for internet access, the old beast needs to be powered back on.  

Seems to me like a DNS issue. Any ideas?? Internet access is only through one cisco 2801 router.

0
rdvarghese
Asked:
rdvarghese
4 Solutions
 
mickeyfanCommented:
It sounds like your dhcp setting for dns are still pointing to the old server. Try ipconfig / release, ipconfig /renew then ipconfig /flushdns.
0
 
mcse2007Commented:
your client default gateway should point to your internet router.

0
 
djMundyCommented:
Hi rdvarghese,

Check the DNS config on the PCs, maybe they are configured manually (even if the IP address is being assigned by DHCP). Also check the proxy setting in IE - is the old server running ISA?

Cheers,
Daniel
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
rdvargheseAuthor Commented:
DNS on clients are automatic, so is the IP address. DHCP is good too.

still same problem !!
0
 
djMundyCommented:
Try pinging an IP address when the old server is turned off - if this works you definitely have a DNS issue.

1. Ping google.com before turning off the old server - record the IP address it displays.
2. Turn off the old server.
3. Now try pinging google.com - it should fail?
4. Now try pinging the IP address you recorded in step 1 - does it work?

Cheers,
Daniel
0
 
oxburgerCommented:
If none of the above provides a solution:  Do not just "shutdown" a domain controller...especially if it was the first one installed in a domain or forest (because the first domain controller installed with hold all the FSMO roles).  Rather, transfer FSMO roles to the new domain cotroller(s) and  demote the "old" domain controller using DCPROMO and then take it out of the domain or forest.

Does your Cisco router do any kind of filtering or does it let anyone access the internet?

HTH!
0
 
djMundyCommented:
As oxburger says when you finally do want to remove the old domain controller (after you've sorted out these issues regarding Internet access) you'll want to transfer roles and demote it properly. There's a very good guide for this here: http://www.msresource.net/content/view/61/47/

Cheers,
Daniel
0
 
rdvargheseAuthor Commented:
Question:- Isnt the DHCP Server, the one that assigns clients default gateway??
i will look at the DHCP settings (on Monday) and i am guessing most likely the DHCP server might have set the clients to point to the Old DC as the default gateway. If this doesnt work, then probably its Cisco Router.

when the OLD DC was shutdown, i could ping the new DC by name - but anything outside like yahoo or google wasnt successful. !!

Happy Thanksgiving !
0
 
djMundyCommented:
Usually the default gateway is set to the CISCO but the DNS server is set to the DC - so that you can resolve internal and external names.

You're right that the default gateway is set by DHCP, but it's the DNS server that will stop you from resolving names. Did you try pinging Google via IP address with the old server shut down? That will help determine whether it's the gateway or DNS that is having problems.

Cheers,
Daniel
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now