Solved

replicated domain controller problem

Posted on 2007-11-30
19
206 Views
Last Modified: 2013-12-05
I am replacing my windows 2000 server (domain controller) with a windows 2003 server, i have setup the new server as an additional domain controller to replicate active directory, the replication seems to have gone fine, as i can make changes on either server and they are propogated to the other domain controller, but when i tried to remove the windows 2000 server from the network to make sure everything was working with the new server i was unable to logon to the new server.  it appears that my domain is completely dependent on the old server, i have replicated, and transferred all the roles to the new server.  I am also unable to browse the new server by Name on any computer that is not a current member of the domain. i am able to access it by using it's IP Address..Any Help would be greatly appreciated..
0
Comment
Question by:bdsstep
  • 9
  • 5
  • 2
  • +2
19 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20384794
[1] Have you configured the new DC as a Global Catalog server?

[2] Open a command prompt and type 'nslookup <domain name>', replacing <domain name> with the FQDN of your AD domain. DNS should return the IP addresses of both domain controllers; if they do not, you have an issue with the new DC's DNS records not being registered in the appropriate DNS server(s) on your network.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20384876
Just to make sure the basics are covered - is the new DC pointing to itself as primary DNS server in its TCP/IP properties?
0
 

Author Comment

by:bdsstep
ID: 20385216
I did set the New Server as a global Catalog Server. Here is the error i was receiving when trying to log on with the old server shut off.  "logon message: unable to log you on because the netlogon service is not running on this machine"    I have checked the tcp/ip properties, both servers point to themselsves as primary DNS Servers.
0
 

Author Comment

by:bdsstep
ID: 20385249
Doing the NSlookup i get the error "can't find the server name for address *.*.*.*: Non existent domain server: unknown  
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20385281
Sounds like you'd better check your DNS zone to see if it has replicated properly - assuming you are using AD-integrated DNS.  If the Netlogon service isn't starting up automatically, can you start it manually?
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20385297
Install the Windows Support Tools on each machine and see if a netdiag and dcdiag reveal any illustrative errors, particularly surrounding DNS.
0
 

Author Comment

by:bdsstep
ID: 20385350
the DNS Zone was replicating properly, thinking i had a DNS Problem i deleted the DNS FOrward look up zone and recreated it. now replication has quit working.   netlogon is started automatically on both servers, and is currently running, i have restarted the service along with DNS Services.
0
 

Author Comment

by:bdsstep
ID: 20385412
Ran both dcdiag and netdiag on both servers, no problems found.
0
 

Author Comment

by:bdsstep
ID: 20385414
replication is working again now too..
0
 

Author Comment

by:bdsstep
ID: 20385462
Doing NSlookup again here are my results..
Old (win2k) server (ip is 10.16.0.12)
server -  unknown
address - 10.16.0.12

server: - (domain)
address - 10.16.0.12

New (win2k3) Server (ip is 10.16.0.20)
server  - Unknown
address - 10.16.0.20

name - (domain)
address - 10.16.0.12

thanks
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20385484
Are you sure you transferred all of the FSMO roles to your new server?  Can you do a NSlookup focussed on the Win2K3 server (i.e., type nslookup - 10.16.0.20) from a workstation? From the Win2K3 server itself, if you type "nslookup win2k3srvr" does it respond with the proper IP address?  Also, do you have a reverse lookup zone in DNS?
0
 

Author Comment

by:bdsstep
ID: 20385498
also on old server it says unknown can't find (domain) : Server Failed
0
 

Author Comment

by:bdsstep
ID: 20385566
I have double checked all the FSMO Roles, all are transferred to the new server. I did a nslookup from a workstaion, and it did resolve the correct IP.. I have not created a Reverse DNS Zone, Guess i am not sure what it needs to be. thanks.
0
 
LVL 3

Expert Comment

by:l84work
ID: 20387508
Are you using AD-integrated DNS?  Dynamic update alowed? Why don't you try pointing the TCP/IP on both boxes to the same DNS server (the new server).  Check if the DCs are updating their DNS records with the proper GUID.  If they are, then your DNS is fine.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20395787
To create a reverse DNS zone, in the DNS mgmt. console, right-click Reverse Lookup Zones, click New and create your zone.  The wizard will walk you through create the correct zone address to match your forward lookup zone.  I'm not saying that this is your problem; it may be unrelated.  However, you should have one anyway.
0
 

Accepted Solution

by:
bdsstep earned 0 total points
ID: 20399555
After Further Testing i found that the server was unable to browse to any pc's by name, so i checked the Network Settings, the enable netbios over tcp/ip was disabled, i enabled that now everything is working..
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20403163
Once again proving that if we forget the basic things they can come back and bite us in the behind.  Cheers!
0
 
LVL 1

Expert Comment

by:modus_operandi
ID: 20814433
Closed, 125 points refunded.
modus_operandi
EE Moderator
0

Join & Write a Comment

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Know what services you can and cannot, should and should not combine on your server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now