johnbelanger
asked on
DC on VMware virtual machine not working properly
I had a Windows 2000 server running AD on its own hardware. Since the server was having hardware issues I created a virtual machine on a VMware ESX 3.5 server. After shutting down the hardware server I enabled the VM. Everything seemed to be working as usual. We have two AD servers locally and two at a remote location.
However, it seems replication has not been working since the move, which was about a month ago. When trying to force replication through AD Site and Services, I get the error "The RPC server is unavailable" and "The DSA operation is unable to proceed because of a DNS lookup failure."
I have verified that the appropriate DNS entries are located on both DNS servers on both DCs. All other network connectivity is working properly. Does moving a DC to a VM cause this issue? Is it possible to run dcpromo to remove AD and reinstall? Can I recreate the roles on the working server since this one has no connectivity AD-wise?
However, it seems replication has not been working since the move, which was about a month ago. When trying to force replication through AD Site and Services, I get the error "The RPC server is unavailable" and "The DSA operation is unable to proceed because of a DNS lookup failure."
I have verified that the appropriate DNS entries are located on both DNS servers on both DCs. All other network connectivity is working properly. Does moving a DC to a VM cause this issue? Is it possible to run dcpromo to remove AD and reinstall? Can I recreate the roles on the working server since this one has no connectivity AD-wise?
I am thinking this may be a FSMO role issue. Did you virtualize the old server? Or do a new install? What process did you use to make it virtual?
Try to P2V using cold cloning method, it is much more reliable, try this first before anything else
I had P2V several DCs before, hot cloning normally gives strange errors especially due to inconsistency in AD DB
If you dont have other services/application running on the DC, you dont have to P2V if you dont want to, just create a VM then dcpromo a fresh new DC and let it replicate normally
To fx your problem, you can try the following
Stop the DC(VM) & remove from disk, power on the physical DC, dcpromo it to demote it as member server, at this point you can rename it if you want
Create a new VM, with the same name as physical server(if you've renamed the physical server earlier)
Install Windows, setup DNS & dcpromo it as additional DC for your network
I had P2V several DCs before, hot cloning normally gives strange errors especially due to inconsistency in AD DB
If you dont have other services/application running on the DC, you dont have to P2V if you dont want to, just create a VM then dcpromo a fresh new DC and let it replicate normally
To fx your problem, you can try the following
Stop the DC(VM) & remove from disk, power on the physical DC, dcpromo it to demote it as member server, at this point you can rename it if you want
Create a new VM, with the same name as physical server(if you've renamed the physical server earlier)
Install Windows, setup DNS & dcpromo it as additional DC for your network
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I created the VM using P2V from the ESX console, so it was hot cloned. The issue now is that the original hardware DC is not available due to the original hardware issue that caused me to create the VM in the first place.
I also believe this is partly an FSMO issue. I tried changing roles using the Operations Masters option in AD Users and Computers, but under Operations Master is just says ERROR. I think what I need to do at this point is pretend the VM DC doesn't exist anymore and treat it as a DC that has died. Can I use dcpromo to establish the proper roles on the remaining DC? At that point I will set up a fresh VM and promote that to a DC, but I think I need to clear up any remnants of the old one before I can do that, correct?
I also believe this is partly an FSMO issue. I tried changing roles using the Operations Masters option in AD Users and Computers, but under Operations Master is just says ERROR. I think what I need to do at this point is pretend the VM DC doesn't exist anymore and treat it as a DC that has died. Can I use dcpromo to establish the proper roles on the remaining DC? At that point I will set up a fresh VM and promote that to a DC, but I think I need to clear up any remnants of the old one before I can do that, correct?
What roles did this server hold? You probably should have stopped the netlogon service on the physical machine before doing a P2V of the machine. I've done this with a DC and mitigated the replication issues. Have you tried using the ntdsutil to transfer roles to the other DC(s)? Otherwise, you'll have to seize the roles which will forcefully transfer the roles to the remaining DC(s)?
Yes, there will be a few maintenance tasks associated with Active Directory that you will have to perform to clean things up a bit.
Yes, there will be a few maintenance tasks associated with Active Directory that you will have to perform to clean things up a bit.
ASKER
The site referenced also had information on cleaning up the metadata.