Solved

Domain Migration

Posted on 2007-11-21
9
277 Views
Last Modified: 2012-05-05
I have two Active Directory domains running on 2003 servers.

olddomain.org is on top floor of the building and the newdomain.org is on the bottom floor. I want to get rid of the olddomain and have already migrated all computers in that floor to authenticate to the new domain. Now everyone is added and authenticating to the new domain controller. However when i tried to shutdown the server that has the old AD., top floor users cannot access internet. They can logon (to the new domain) and even talk to fileservers internally. But for internet access, the old beast needs to be powered back on.  

Seems to me like a DNS issue. Any ideas?? Internet access is only through one cisco 2801 router.

0
Comment
Question by:rdvarghese
9 Comments
 
LVL 6

Assisted Solution

by:mickeyfan
mickeyfan earned 100 total points
Comment Utility
It sounds like your dhcp setting for dns are still pointing to the old server. Try ipconfig / release, ipconfig /renew then ipconfig /flushdns.
0
 
LVL 7

Assisted Solution

by:mcse2007
mcse2007 earned 100 total points
Comment Utility
your client default gateway should point to your internet router.

0
 
LVL 7

Accepted Solution

by:
djMundy earned 200 total points
Comment Utility
Hi rdvarghese,

Check the DNS config on the PCs, maybe they are configured manually (even if the IP address is being assigned by DHCP). Also check the proxy setting in IE - is the old server running ISA?

Cheers,
Daniel
0
 

Author Comment

by:rdvarghese
Comment Utility
DNS on clients are automatic, so is the IP address. DHCP is good too.

still same problem !!
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 7

Expert Comment

by:djMundy
Comment Utility
Try pinging an IP address when the old server is turned off - if this works you definitely have a DNS issue.

1. Ping google.com before turning off the old server - record the IP address it displays.
2. Turn off the old server.
3. Now try pinging google.com - it should fail?
4. Now try pinging the IP address you recorded in step 1 - does it work?

Cheers,
Daniel
0
 

Assisted Solution

by:oxburger
oxburger earned 100 total points
Comment Utility
If none of the above provides a solution:  Do not just "shutdown" a domain controller...especially if it was the first one installed in a domain or forest (because the first domain controller installed with hold all the FSMO roles).  Rather, transfer FSMO roles to the new domain cotroller(s) and  demote the "old" domain controller using DCPROMO and then take it out of the domain or forest.

Does your Cisco router do any kind of filtering or does it let anyone access the internet?

HTH!
0
 
LVL 7

Expert Comment

by:djMundy
Comment Utility
As oxburger says when you finally do want to remove the old domain controller (after you've sorted out these issues regarding Internet access) you'll want to transfer roles and demote it properly. There's a very good guide for this here: http://www.msresource.net/content/view/61/47/

Cheers,
Daniel
0
 

Author Comment

by:rdvarghese
Comment Utility
Question:- Isnt the DHCP Server, the one that assigns clients default gateway??
i will look at the DHCP settings (on Monday) and i am guessing most likely the DHCP server might have set the clients to point to the Old DC as the default gateway. If this doesnt work, then probably its Cisco Router.

when the OLD DC was shutdown, i could ping the new DC by name - but anything outside like yahoo or google wasnt successful. !!

Happy Thanksgiving !
0
 
LVL 7

Expert Comment

by:djMundy
Comment Utility
Usually the default gateway is set to the CISCO but the DNS server is set to the DC - so that you can resolve internal and external names.

You're right that the default gateway is set by DHCP, but it's the DNS server that will stop you from resolving names. Did you try pinging Google via IP address with the old server shut down? That will help determine whether it's the gateway or DNS that is having problems.

Cheers,
Daniel
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now