Link to home
Create AccountLog in
Avatar of stefan1968
stefan1968Flag for Germany

asked on

Not able to logon AD in SBS 2003

I have removed with dcpromo /forceremoval an Windows 2000 Server from an AD, because the where problems between this server and an nwe SBS 2003 Server.
After successful removing, I am not able to logon to the domain, only at the DC or with dameware.
So I think the AD ist bad. Which possibility have I to repair the AD.
Do you need logs?
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image

Do you have a backup of the Windows 2000 server? Is the SBS server a global catalog? Have you moved the FSMO roles over to the SBS server? The best option if I were you is to a restore of the 2000 Server then follow the correct procedures on adding a SBS server to a domain that currently is holding a non SBS server as a domain controller
Avatar of stefan1968

ASKER

Hi dariusg. Thanks for reply. I am remote on the systems. Backup of the server - may be - but I cannot start Backup EXEC because I cannot login on the "old" server W2K.
Restore ok. But I cannot look for this until monday. Perhaps another solution, because I had a look on metadata cleanup. The old server wasn´t not there.
I think I did the right procedures how MS says.
When I make now a netdom query fsmo, this is the right result: Alle 5 roles are rightly on the new Server SBS 2003.
When I make a netdiag, this is the result:
WARNING: Cannot find DC in domain "xyz". ERROR_NO-SUCH-DOMAIN ???
Does the DNS in TCP\IP settings for the SBS server point to itself for DNS? Run a netdiag /fix on the system after you check the DNS.
SOLUTION
Avatar of SysExpert
SysExpert
Flag of Israel image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
@ sysexpert: SBS had/has all roles.
@ dariusg: YES, the First DNS Server points to itself. The second is empty.
netdiag /fix brings some errors, which follows soon ...
netdiag /fix:


....................................

    Computer Name: EXCHANGESERVER
    DNS Host Name: exchangeserver.domain.local
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
    List of installed hotfixes :
        KB924667-v2
        KB925398_WMP64
        KB925902
        KB927891
        KB929123
        KB930178
        KB931784
        KB932168
        KB933714
        KB933729
        KB933854
        KB935839
        KB935840
        KB936021
        KB936357
        KB936782
        KB938127
        KB941202
        KB941569
        KB941693
        KB942763
        KB942830
        KB942831
        KB943055
        KB943460
        KB943485
        KB944338
        KB944653
        KB945553
        KB946026
        KB948496
        KB948590
        KB948745
        KB949014
        KB950759
        KB950760
        KB950762
        KB951698
        KB951746
        KB951748
        Q147222


Netcard queries test . . . . . . . : Passed
    GetStats failed for 'Parallelanschluss (direkt)'. [ERROR_NOT_SUPPORTED]
    [WARNING] The net card 'WAN-Miniport (PPTP)' may not be working because it has not received any packets.
    [WARNING] The net card 'WAN-Miniport (PPPOE)' may not be working because it has not received any packets.
    [WARNING] The net card 'WAN-Miniport (IP)' may not be working because it has not received any packets.
    GetStats failed for 'WAN-Miniport (L2TP)'. [ERROR_NOT_SUPPORTED]



Per interface results:

    Adapter : LAN-Verbindung des Servers

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : exchangeserver
        IP Address . . . . . . . . : 192.168.0.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.254
        Primary WINS Server. . . . : 192.168.0.2
        Dns Servers. . . . . . . . : 192.168.0.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Failed
    [WARNING] Ths system volume has not been completely replicated to the local machine. This machine is not working properly as a DC.


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{D9ACDD54-DE8B-4C8C-AB35-ADBCCF649652}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '192.168.0.2'.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{D9ACDD54-DE8B-4C8C-AB35-ADBCCF649652}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{D9ACDD54-DE8B-4C8C-AB35-ADBCCF649652}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Failed
        [FATAL] Cannot find DC in domain 'domain'. [ERROR_NO_SUCH_DOMAIN]


DC list test . . . . . . . . . . . : Failed
        'domain': Cannot find DC to get DC list from [test skipped].


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Skipped
        'domain': Cannot find DC to get DC list from [test skipped].


LDAP test. . . . . . . . . . . . . : Failed
    Cannot find DC to run LDAP tests on. The error occurred was: Die angegebene Domäne ist nicht vorhanden, oder es konnte keine Verbindung hergestellt werden.

 
        [WARNING] Cannot find DC in domain 'domain'. [ERROR_NO_SUCH_DOMAIN]


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully


ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
OK, so, when the backup is not useful, I have to install both server new (withou all datas). There are only about 20 Users. I see the users in the AD User an Computers.
So the  last questions:
Can I save the name and passwords of the users - export and import?
Is it possible to use the old local profiles on the workstations?
Even if the backup is a little old I would still use it to restore AD because it would be eaiser to back track instead of totally rebuilding.

Yes, you should be able to save the users and passwords then import them if you totally restore.

Yes, it is possible to use the old profiles but you must move them over to the new profile created when you rejoin the new domain.