Solved

Should I repair this missing top-level domain name issue and if so how?

Posted on 2009-07-03
4
254 Views
Last Modified: 2012-05-07
I have inherited a small NT domain with 1 forest, 1 domain, 1 dc (2003 Server Std.) and about 15 clients (XP Pro). I noticed that there is a constant DNS error of event 6702 - DNS has updated its own host record...Since there is no other DS-integrated peer, it says I can ignore it but I hate to have errors. Also, the dc( and therefore the domain) is named without a top-level. It is server.xyz, no server.xyz.local, which again I prefer. Thew clients seem to be working ok, accessing network shares, etc. The DHCP server is setup though with 015 DNS domain name option as xyz.local....why everything is working I don't know. And the DHCP address leases auotmatically include RAS leases to the dc and again they are server.xyz.local while all the clients are client.xyz. Should I be concerned here or leave as is? I was even considering running the domain rename tool. My concern now would be if in the future if all of the sudden I start having issues added clients to the domain, especially more Vista or 7 clients. What should I do to fix some of these issues?
0
Comment
Question by:xav1963
  • 2
  • 2
4 Comments
 
LVL 84

Expert Comment

by:oBdA
ID: 24773834
Start with this article to get this domain going as far as it can with the single-label domain:
Information about configuring Windows for domains with single-label DNS names
http://support.microsoft.com/kb/300684

Then with ibly 15 clients, I'd migrate that domain into a new one. Domain renaming with a single-label domain can even more easily go wrong than with a regular name.
The following article applies to most AD domains, not only SBS:
The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003
http://support.microsoft.com/kb/296250
0
 

Author Comment

by:xav1963
ID: 24776876
ok... how do i migrate it to a new domain? Do I just use dcpromo and demote the dc then run it again? will I still be able to access the old user files and folders so to change permissions?
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 24776964
If you're limited to that one server, then dcpromo down and up again.
Should you have the possibility of upgrading the hardware as well, you could use the ADMT:
Active Directory Migration Tool version 3.1
http://www.microsoft.com/downloadS/details.aspx?familyid=AE279D01-7DCA-413C-A9D2-B42DFB746059&displaylang=en
Another option if you don't have additional server hardware would be to install the first new DC as VM or on desktop hardware, migrate the users using ADMT, then dcpromo down the "old" server, join it to the new domain, dcpromo it, and move the roles from the temp machine to the "old" server.
As far as file permissions are concerned: make sure the (domain) local group Administrators(!--not (only)Domain Admins!) and the System account have Full permissions on all files. The local Administrators group has always the same SID, Domain Admins are linked to one single domain.

For the user profiles on the workstations, assuming you're doing this with the ADMT and a domain trust, do the following on each workstation:
1. Log on once with the "new" user; this will create the new profile folder.
2. Log off, log back on with an administrative accounts that's neither the old nor the new account.
Right-click "My Computer", go to "Properties". Go to the "Advanced" Tab and click on the "Settings" button in the "User Profiles" section. Highligh the "old" account, click "Copy". Browse to the "new" profile folder. *Before* you click the "OK" button, change the profile's user to the "new" user.
3. Log off, log back on with the "new" account, and you should have the "old" settings.


What you can try as well is to setup a separate virtual DC with the functions, services, and name of your current DC and a test workstation (obviously without connection to your production AD), and test the renaming. If it works there, chances are that it will work in your production domain as well.
0
 

Author Closing Comment

by:xav1963
ID: 31599615
Thanks for the info....will give it a try...
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RRAS AND DNS 15 68
Separate DNS forwarding 2 40
Master-Master-Slave BIND setup 2 25
How to properly configure _msdcs child zone? 14 28
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question