Server 2008 Standard to another Server

What is the another server? if it is 2008 then you can add a fresh installed Windows 2008 member server,

1. Promote new 2008 as a DC.
2. Install all roles on server, which are present on old DC.
3. Then transfer all FSMOs to new W2K8 DC and demote old Dc
4. Run metadata cleanup to remove remaining old DCs object in the Active Directory.

Delete Failed DCs from Active Directory: http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Yeah, 2008 standard.  When I do dcpromo, I then select DNS server and Global Catalog.  After that, it says 'A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server.  To enable reliable DNS name resolution from the outside of the domain NAME.com, you should create a delegation to this DNS server manually in the parent zone.  


So should I just continue and then once it adds this server to the current record, just add the authority?

Just click continue, do not create a delegation.

Also the new server IP and primary DNS of NEW server should be same IP address.

Note - assign static IP to new server.

Okay, so the current server is 10.1.10.57, and the new server is 10.1.10.50   Is that ok?

If new server IP is 10.1.10.50 then configure NIC of new server as below;

IP- 10.1.10.50
subnet : as per you nw
Gateway:as per you nw
primary DNS: 10.1.10.50
Secondry dns: can be blank.

I set the dns server as 10.1.10.50, then I did dcpromo.  Now I'm getting an error 'The error was: "The operation returned because the timeout period expired." (error code 0x000005B4 ERROR_TIMEOUT)

So should I change the primary dns to 10.1.10.57, then do DCPROMO, then change the primary dns to 10.1.10.50

Oh, and I forgot to tell you, I renamed the server and put it on the domain already prior to doing dcpromo.

Try the primary dns to 10.1.10.57 and and check result.

It works like that.  So should I do dcpromo with 10.1.10.57 as the primary dns, then after, change it back to 10.1.10.50?

Yes.

Okay, I'm changing the adapter back to 10.1.10.50.  So after installing the roles, you said to transfer the FSMOs, how do I do that?

Nice GUI steps : Transferring FSMO Roles in Windows Server 2008
http://www.elmajdal.net/Win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx

Using cmd: Transferring FSMO Roles
http://www.petri.co.il/transferring_fsmo_roles.htm

Now can I do the transfer while users are still using the network?

First of all run dcdiag and netdiag on both dc to confirm there are no errors on server.

If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will affect to users on network.

PLEASE IGNORE LAST COMMENTS:

First of all run dcdiag and netdiag on both dc to confirm there are no errors on server.

If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will not affect to users on network.

So does that mean that this is something that can be done while users are still logged in and working on items?

Yes, you can transfer roles while users are still logged in and working on items.

Once complete the role transfer users would be use new DC to querying.

Okay, the five roles are transferred.  Now do I need to transfer the DNS?  I transferred the DHCP already.

Also, will the group policies automatically stick with the new server once I take the old one off line or is there a transfer with them also?

Have you configured DNS at the time of dcpromo on new DC? If yes then DNS should be AD integrated.

Replication process will take care of DNS and GPO, replication process will update all records in DNS and GPO on new DC.

Well when I went to setup the DNS Server, it said

'A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server.  To enable reliable DNS name resolution from the outside of the domain NAME.com, you should create a delegation to this DNS server manually in the parent zone.'

I found this article, should I follow these steps?

http://blogs.techrepublic.com.com/datacenter/?p=415

Is the new configured with an Active Directory-integrated zone?

If the DNS is Active Directory-integrated then only follow the first step which mentioned in article.

No need to follow other two that steps are for Standard primary server and Standard secondary server.

Thats weird.  I just opened the DNS on the new server and I clicked on Forward Lookup Zones, and Reverse Lookup Zones and it says 'The Domain Name System (DNS) allows a DNS namespace to be divided into zones.  Each zone stores information about one or more contiguous DNS domains.  To add a new zone, on the Action menu, click New Zone.'

So I'm guessing the DNS didn't setup...

Ok, click new zone and configure it as Active Directory-integrated, then point itself as primary DNS in NIC.

Then run ipconfig /flushdns && ipconfig /registerdns then run dcdiag /test:dns to check errors.

So New Zone > Then Primary Zone?  Not Secondary?  Will this effect the server that is running the current DNS right now?  And the users?

Yes , primary zone.

Will this effect the server that is running the current DNS right now?  And the users? -No and no.

Okay so am I doing To all DNS servers in this forest: des.com or To all DNS servers in this domain: des.com

New Zone > Then Primary Zone and check mark to store zone Active Directory > To all domain controllers in this domain: des.com

Okay, now if I create a Forward Lookup Zone, I need a reverse lookup zone also, so would I do this again and do a reverse lookup zone after?

yes, create reverse lookup zone also.

So I made the zones.  Then I went to start up the DHCP server, and I deactivated the old servers DHCP server and it says its running on the new one.  So I went to connect my laptop and it couldn't pull an IP down.  

Nothing in the error logs either.

Also, I went start back up the old DHCP server and its not authorized in AD anymore.  I'm not sure what to do about the new one, everything says its running.

Oh, and the reverse lookup zone I made keeps pointing to the old server, not the new one.  I went to change it in the general tab on the new server and it says 'The data on the secondary zone failed to set.  The IP address is invalid.'  I'm almost positive I had set it up as a Primary Zone... Is there anyway to change it to a primary if I didn't?

Now I went to change it to a primary zone by hitting change (it was set as a secondary), then I clicked apply and it said something about the change failed because the zone is shutdown.  

So I went to my DNS error logs and it says Zone expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone.  The zone has been shut down.

Do not chage the zone from promary to secondary, revert back all chnages and open cmd> nslookup > check name to and ip to name resolution.

If DNS is totally down then delete fwd and rev zone reconfigure it and do not point any zone to the old server.

To resolve DHCP issue uninstall DHCP role, again reinstall, reconfigure and authorize it again.

Right now it says its a primary zone because I changed it from a secondary to the primary.  I did nslookup and it says the server is localhost and the address is 127.0.0.1

The DHCP server is still not working.  Should I goahead and remove it then add it again?

Do not put primary DNS server 127.0.0.1 in NIC, point itself (server IP)as primary dns.

Yes, remove DHCP then reinstall, reconfigure and authorize again.

Changed the nic to 10.1.10.50.  I reinstalled the DHCP server without WINS.  I added the DHCP scope and subnet type of wired, not wireless.  I didn't install IPv6, because I do not wish to use ip6.


I have a warning on the DNS, 'The DNS server is waiting for Active Directory Domain Services to signal that the initial synchronization of the directory has been completed.  The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller.  If events in the AD DS event log indicate that there is a problem with the DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer.    ect...'

I reinstalled the DHCP server, and it said the scope parameters were invalid.  Then I checked, and DHCP was installed though and the old settings are still there.  

DHCP server still isn't working... Is there something I'm forgetting to do?  I moved all of the AD and redid the DNS... I don't get why the clients can't pickup the DHCP server..

Is the DNS server working? Have you completely removed DHCP from add remove programs?

The DNS seems to be working fine.  The DHCP I removed from Add / Remove Roles.  Then it had me reset.  Then I went to add it again and it said the scope parameters were wrong, so I clicked Ok and it closed the role out.  I went to the server manager and DHCP was there, so I clicked on it and all of the old options and reservation were there from the last time I did this.

Have followed below steps?

To remove dhcp-> start -run appwiz.cpl - (click left pane )add/remove windows component  > open network services > uncheck DHCP >OK .

To add start -run appwiz.cpl - (click left pane )add/remove windows component  > open network services > check DHCP >OK .

Remove or uninstall DHCP : http://technet.microsoft.com/en-us/library/cc775476(WS.10).aspx

install-and-configure-dhcp:
http://www.windowsreference.com/windows-server-2003/install-and-configure-dhcp-server-in-win-server-2003-step-by-step-guide/

I'm running server 2008, not 2003.  So I have to remove it from the Roles.  I removed it from the roles and then I reinstalled it.  My subnet is the same as the nic card, so this can't be a subnet issue... I can't think of what else could be causing the dhcp server not to pickup the broadcast request by the clients..

http://www.windowsnetworking.com/articles_tutorials/How-to-Install-Configure-Windows-Server-2008-DHCP-Server.html

So I was looking at the DNS error I posted above, and the event id comes to:

Event ID      4013
Source      DNS
Type      Warning
Description      The DNS server was unable to open the Active Directory. This DNS server is configured to use directory service information and can not operate without access to the directory. The DNS server will wait for the directory to start. If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start.



So now I'm wondering if there is an issue with AD on the new server which is causing the DHCP server not to work or the DNS properly...

http://www.windowsreference.com/windows-server-2008/how-to-setup-dhcp-server-in-windows-server-2008-step-by-step-guide/

I know how to install a DHCP server, I think this is something between AD and the DHCP and the DNS... The DHCP server has to be authorized in AD... and with that error above with the DNS saying it can't open AD... whats saying that the DHCP can't open AD so therefore its not authorized...

Run "Dcdiag" for DS error and run "dcdiag /test:dns" for DNS error  

post the report of above.

DCDIAG:

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DES-DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Connectivity
         ......................... DES-DC1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Advertising
         ......................... DES-DC1 passed test Advertising
      Starting test: FrsEvent
         ......................... DES-DC1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... DES-DC1 failed test DFSREvent
      Starting test: SysVolCheck
         ......................... DES-DC1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... DES-DC1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DES-DC1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DES-DC1 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... DES-DC1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... DES-DC1 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DES-DC1 passed test ObjectsReplicated
      Starting test: Replications
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications
      Starting test: RidManager
         ......................... DES-DC1 passed test RidManager
      Starting test: Services
         ......................... DES-DC1 passed test Services
      Starting test: SystemLog
         An Warning Event occurred.  EventID: 0x8000001D
            Time Generated: 07/16/2010   18:17:55
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:23
            Event String:
            The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:24
            Event String:
            The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x825A000C
            Time Generated: 07/16/2010   18:18:33
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:37
            Event String:
            The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:18:46
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:18:46
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:19:33
            Event String:
            The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
         An Error Event occurred.  EventID: 0x00000469
            Time Generated: 07/16/2010   18:23:46
            Event String:
            The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
         An Warning Event occurred.  EventID: 0x00001695
            Time Generated: 07/16/2010   18:23:50
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed.  These records are used by other computers
 to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
         An Warning Event occurred.  EventID: 0x0000168D
            Time Generated: 07/16/2010   18:24:02
            Event String:
            The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 07/16/2010   18:24:13
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\des.com\SysVol\des.com\Policies\{5F9D92D4-DADC-47BA-B13D-8DB1BBC31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Error Event occurred.  EventID: 0x000003FA
            Time Generated: 07/16/2010   18:48:38
            Event String:
            The DHCP service failed to restore the database. The following error
 occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:48:42
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:48:50
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:48:50
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Error Event occurred.  EventID: 0x000003FB
            Time Generated: 07/16/2010   18:49:18
            Event String:
            The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:49:20
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:49:28
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:49:28
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:51:41
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:51:49
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:51:49
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         ......................... DES-DC1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DES-DC1 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : des
      Starting test: CheckSDRefDom
         ......................... des passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... des passed test CrossRefValidation

   Running enterprise tests on : des.com
      Starting test: LocatorCheck
         ......................... des.com passed test LocatorCheck
      Starting test: Intersite
         ......................... des.com passed test Intersite

C:\Users\administrator.DES>





DCDIAG:

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DES-DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Connectivity
         ......................... DES-DC1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Advertising
         ......................... DES-DC1 passed test Advertising
      Starting test: FrsEvent
         ......................... DES-DC1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... DES-DC1 failed test DFSREvent
      Starting test: SysVolCheck
         ......................... DES-DC1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... DES-DC1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DES-DC1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DES-DC1 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... DES-DC1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... DES-DC1 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DES-DC1 passed test ObjectsReplicated
      Starting test: Replications
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications
      Starting test: RidManager
         ......................... DES-DC1 passed test RidManager
      Starting test: Services
         ......................... DES-DC1 passed test Services
      Starting test: SystemLog
         An Warning Event occurred.  EventID: 0x8000001D
            Time Generated: 07/16/2010   18:17:55
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:23
            Event String:
            The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:24
            Event String:
            The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x825A000C
            Time Generated: 07/16/2010   18:18:33
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:37
            Event String:
            The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:18:46
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:18:46
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:19:33
            Event String:
            The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
         An Error Event occurred.  EventID: 0x00000469
            Time Generated: 07/16/2010   18:23:46
            Event String:
            The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
         An Warning Event occurred.  EventID: 0x00001695
            Time Generated: 07/16/2010   18:23:50
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed.  These records are used by other computers
 to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
         An Warning Event occurred.  EventID: 0x0000168D
            Time Generated: 07/16/2010   18:24:02
            Event String:
            The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 07/16/2010   18:24:13
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\des.com\SysVol\des.com\Policies\{5F9D92D4-DADC-47BA-B13D-8DB1BBC31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Error Event occurred.  EventID: 0x000003FA
            Time Generated: 07/16/2010   18:48:38
            Event String:
            The DHCP service failed to restore the database. The following error
 occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:48:42
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:48:50
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:48:50
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Error Event occurred.  EventID: 0x000003FB
            Time Generated: 07/16/2010   18:49:18
            Event String:
            The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:49:20
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:49:28
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:49:28
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:51:41
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:51:49
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:51:49
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         ......................... DES-DC1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DES-DC1 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : des
      Starting test: CheckSDRefDom
         ......................... des passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... des passed test CrossRefValidation

   Running enterprise tests on : des.com
      Starting test: LocatorCheck
         ......................... des.com passed test LocatorCheck
      Starting test: Intersite
         ......................... des.com passed test Intersite

C:\Users\administrator.DES>

Run "dcdiag /q" instead of "dcdiag".

Could it be possible that the DNS is pointing to the old AD server (the old server is still online for the time being until the new one is completed)?

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DES-DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Connectivity
         ......................... DES-DC1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Advertising
         ......................... DES-DC1 passed test Advertising
      Starting test: FrsEvent
         ......................... DES-DC1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... DES-DC1 failed test DFSREvent
      Starting test: SysVolCheck
         ......................... DES-DC1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... DES-DC1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DES-DC1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DES-DC1 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... DES-DC1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... DES-DC1 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DES-DC1 passed test ObjectsReplicated
      Starting test: Replications
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications
      Starting test: RidManager
         ......................... DES-DC1 passed test RidManager
      Starting test: Services
         ......................... DES-DC1 passed test Services
      Starting test: SystemLog
         An Warning Event occurred.  EventID: 0x8000001D
            Time Generated: 07/16/2010   18:17:55
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:23
            Event String:
            The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:24
            Event String:
            The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x825A000C
            Time Generated: 07/16/2010   18:18:33
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:18:37
            Event String:
            The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
 "There are currently no logon servers available to service the logon request.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:18:46
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:18:46
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x8000A000
            Time Generated: 07/16/2010   18:19:33
            Event String:
            The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
         An Error Event occurred.  EventID: 0x00000469
            Time Generated: 07/16/2010   18:23:46
            Event String:
            The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
         An Warning Event occurred.  EventID: 0x00001695
            Time Generated: 07/16/2010   18:23:50
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed.  These records are used by other computers
 to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
         An Warning Event occurred.  EventID: 0x0000168D
            Time Generated: 07/16/2010   18:24:02
            Event String:
            The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 07/16/2010   18:24:13
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\des.com\SysVol\des.com\Policies\{5F9D92D4-DADC-47BA-B13D-8DB1BBC31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Warning Event occurred.  EventID: 0x80001116
            Time Generated: 07/16/2010   18:27:01
            Event String:
            Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
         An Error Event occurred.  EventID: 0x000003FA
            Time Generated: 07/16/2010   18:48:38
            Event String:
            The DHCP service failed to restore the database. The following error
 occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:48:42
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:48:50
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:48:50
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Error Event occurred.  EventID: 0x000003FB
            Time Generated: 07/16/2010   18:49:18
            Event String:
            The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:49:20
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:49:28
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:49:28
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         An Warning Event occurred.  EventID: 0x00000420
            Time Generated: 07/16/2010   18:51:41
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         An Warning Event occurred.  EventID: 0x00002724
            Time Generated: 07/16/2010   18:51:49
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         An Error Event occurred.  EventID: 0x00000411
            Time Generated: 07/16/2010   18:51:49
            Event String:
            The DHCP service is not servicing any DHCPv4 clients because none of
 the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
         ......................... DES-DC1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DES-DC1 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : des
      Starting test: CheckSDRefDom
         ......................... des passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... des passed test CrossRefValidation

   Running enterprise tests on : des.com
      Starting test: LocatorCheck
         ......................... des.com passed test LocatorCheck
      Starting test: Intersite
         ......................... des.com passed test Intersite

C:\Users\administrator.DES>

I love how its saying that I don't have a static ip assigned.... I do have one assigned...

I don't have a static assigned on the Local Area Connection, only the Local Area Connection 3.  Hyper-V is installed btw.  So LAC3 is a replication.  LAC only has Microsoft Virtual Network Switch Protocol.  

There are lot of issue like time, sysvol replication, kdc, no static ip to server,at least one dynamically assigned IPv6 address.

Okay so what does this mean I should do... also, I just noticed, windows is saying there are no more updates available... but its still at service pack 1... So I'm going to install service pack 2 manually.  

Ok, Is the sysvol and netlogon shares are available on new server.

File Services > Share and Storage Manager > Disk Management >  Netlogon and Syvol are there.  There both shared.  Netlogon points to C:\Windows\SYSVOL\sysvol\des.com\SCRIPTS                Sysvol points to C:\Windows\SYSVOL\sysvol

Weird... So I just got into work, turned on my laptop and it was able to pull an IP from the DHCP server... the new DHCP server.  So I'm guessing it just needed time to switch over?  The only weird thing is that when I load up the DHCP service on the 2008 server, it only shows some of the ips as active.  The rest show up as inactive, but I know that those machines are on.


I would still like help fixing those errors you found if you don't mind.

Any update?

My health was not good, nice to hear that your laptop was able to pull an IP from the new DHCP server.

Have you configured correct DHCP Server Address Pool ?

How you come to know the some of the ips are active and the rest show up as inactive?

Always use "Address Leases" in DHCP console to check used and unused IP on network.

I saw the Active and Inactive in the DHCP lease.  If I add ips to the reservation, they show up as inactive.  In theory, if the computer is connected, they should show up as active... but they don't lol.

inactive means that the address has not been given out.  Did you set the devices for DHCP and reboot it so that it tries to obtain an address from your server?

...if you have the static IP set, then this will have no effect on DHCP...  You need to clear the IP settings on the device and then set the it for DHCP.  then reboot.

Okay, I'll give that a shot.

It seems I am still having problems with the DNS side.  I have the old server set as a secondary now and the new one set as the primary.   When I went to the secondary server and right clicked on the domain.com, then clicked reload, it says 'Failed to reload zone.  The zone is locked for zone transfer or update.'  I compared both of the Forward Lookup Zones on both servers and the secondary server doesn't have the newer computers listed in the zone, but the primary does.  I don't think they are working together...

please post the result - "dcdiag /test:dns" and "dcdiag /q"

Should I do this on both servers or just one?

DC1:

dcdiag /test:dns

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DES-DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Connectivity
         ......................... DES-DC1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DES-DC1

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... DES-DC1 passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : des

   Running enterprise tests on : des.com
      Starting test: DNS
         Test results for domain controllers:

            DC: DES-DC1.des.com
            Domain: des.com


               TEST: Basic (Basc)
                  Warning: The AAAA record for this DC was not found

               TEST: Dynamic update (Dyn)
                  Warning: Failed to add the test record _dcdiag_test_record in
zone des.com

               TEST: Records registration (RReg)
                  Network Adapter
                  [00000007] Microsoft Virtual Network Switch Adapter:
                     Warning:
                     Missing AAAA record at DNS server 10.1.10.50:
                     DES-DC1.des.com

                     Warning:
                     Missing AAAA record at DNS server 10.1.10.50:
                     gc._msdcs.des.com

               Warning: Record Registrations not found in some network adapters

               DES-DC1                      PASS WARN PASS PASS WARN WARN n/a
         ......................... des.com passed test DNS

C:\Users\administrator.DES>





dcdiag /q

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag /q
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications
         An Error Event occurred.  EventID: 0xC0002719
            Time Generated: 07/27/2010   14:38:00
            Event String:
            DCOM was unable to communicate with the computer 10.1.10.1 using any
 of the configured protocols.
         ......................... DES-DC1 failed test SystemLog

C:\Users\administrator.DES>

DC2:

dcdiag /test:dns

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = Server
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         The host a9306495-14d1-41c9-9cab-92453cd93aa3._msdcs.des.com could not
         be resolved to an IP address. Check the DNS server, DHCP, server name,
         etc.
         ......................... SERVER failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... SERVER passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : des

   Running enterprise tests on : des.com
      Starting test: DNS
         Test results for domain controllers:

            DC: Server.des.com
            Domain: des.com


               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                  No host records (A or AAAA) were found for this DC

               TEST: Dynamic update (Dyn)
                  Warning: Failed to add the test record _dcdiag_test_record in
zone des.com

            TEST: Records registration (RReg)
               Error: Record registrations cannot be found for all the network
               adapters

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: des.com
               Server                       PASS FAIL PASS PASS WARN FAIL n/a

         ......................... des.com failed test DNS

C:\Users\Administrator.DESSERVER>





dcdiag /q

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>dcdiag /q
         The host a9306495-14d1-41c9-9cab-92453cd93aa3._msdcs.des.com could not
         be resolved to an IP address. Check the DNS server, DHCP, server name,
         etc.
         ......................... SERVER failed test Connectivity

C:\Users\Administrator.DESSERVER>\

DC1 is the primary, its the operation master for AD and everything.  DC2 is the old DC, which is going to be demoted soon, but I still have about another month before that.

Post ipconfig /all of both server.

DES-DC1:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DES-DC1
   Primary Dns Suffix  . . . . . . . : des.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : des.com

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
   Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.10.1
   DNS Servers . . . . . . . . . . . : 10.1.10.50
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{91C03EC4-D749-44A1-B414-8AE7590C0
951}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\administrator.DES>

DC2:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Server
   Primary Dns Suffix  . . . . . . . : des.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : des.com

Ethernet adapter Local Area Connection 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
   Physical Address. . . . . . . . . : 00-30-48-9D-20-34
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.10.1
   DNS Servers . . . . . . . . . . . : 10.1.10.50
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
   Physical Address. . . . . . . . . : 00-30-48-9D-20-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC-A51A-2BD2C44DB
589}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB-9C94-55B04F643
F2D}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Administrator.DESSERVER>

Here is a problem!!!

1> DC1 ipconfig is perfect but need to remove/disable Tunnel adapter Local Area Connection* 8: on dc1.

2> DC2- install DNS server role on DC2 create zones then point itsself as primary DNS ie. 10.1.10.57 (current primary  DNS Servers pointintg to DC1 ie. 10.1.10.50)

3> remove/disable all unneccessary NIC adapters on DC2 then run "repadmin /syncall" on DC1 it will replicate data to DC2.

DC1 - In network connections, I only have LAC 1 and LAC 3, not 8.

DC2 - DNS serve role is already installed.  The zones are also on there already... should I just point itself to 10.1.10.57 and run repadmin /syncall?

Okay, so I did what I asked about above.  SyncAll terminated with no errors.

DC1:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DES-DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DES-DC1
      Starting test: Connectivity
         ......................... DES-DC1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DES-DC1

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... DES-DC1 passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : des

   Running enterprise tests on : des.com
      Starting test: DNS
         Test results for domain controllers:

            DC: DES-DC1.des.com
            Domain: des.com


               TEST: Dynamic update (Dyn)
                  Warning: Failed to add the test record _dcdiag_test_record in
zone des.com

               DES-DC1                      PASS PASS PASS PASS WARN PASS n/a
         ......................... des.com passed test DNS






C:\Users\administrator.DES>dcdiag /q
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications
         An Error Event occurred.  EventID: 0xC0002719
            Time Generated: 07/29/2010   00:35:17
            Event String:
            DCOM was unable to communicate with the computer 10.1.10.1 using any
 of the configured protocols.
         ......................... DES-DC1 failed test SystemLog

C:\Users\administrator.DES>

DC2:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = Server
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         ......................... SERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
 ERROR: NO DNS servers for IPV6 stack was found
         ......................... SERVER passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : des

   Running enterprise tests on : des.com
      Starting test: DNS
         Test results for domain controllers:

            DC: Server.des.com
            Domain: des.com


               TEST: Basic (Basc)
                  Warning: The AAAA record for this DC was not found

               TEST: Dynamic update (Dyn)
                  Warning: Failed to add the test record _dcdiag_test_record in
zone des.com

               TEST: Records registration (RReg)
                  Network Adapter
                  [00000015] Microsoft Virtual Network Switch Adapter:
                     Warning:
                     Missing AAAA record at DNS server 10.1.10.57:
                     Server.des.com

                     Warning:
                     Missing AAAA record at DNS server 10.1.10.57:
                     gc._msdcs.des.com

               Warning: Record Registrations not found in some network adapters

               Server                       PASS WARN PASS PASS WARN WARN n/a
         ......................... des.com passed test DNS








C:\Users\Administrator.DESSERVER>dcdiag /q
         An Error Event occurred.  EventID: 0xC0002719
            Time Generated: 07/29/2010   00:39:46
            Event String:
            DCOM was unable to communicate with the computer 10.1.10.1 using any
 of the configured protocols.
         ......................... SERVER failed test SystemLog

C:\Users\Administrator.DESSERVER>

DC2:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Server
   Primary Dns Suffix  . . . . . . . : des.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : des.com

Ethernet adapter Local Area Connection 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
   Physical Address. . . . . . . . . : 00-30-48-9D-20-34
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.10.1
   DNS Servers . . . . . . . . . . . : 10.1.10.57
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
   Physical Address. . . . . . . . . : 00-30-48-9D-20-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC-A51A-2BD2C44DB
589}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB-9C94-55B04F643
F2D}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Administrator.DESSERVER>

DC1:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DES-DC1
   Primary Dns Suffix  . . . . . . . : des.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : des.com

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
   Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.10.1
   DNS Servers . . . . . . . . . . . : 10.1.10.50
   NetBIOS over Tcpip. . . . . . . . : Enabled

C:\Users\administrator.DES>

dcdiag /q UPDATE

I change from 10.1.10.1 to 10.1.11.1.

DC1:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.DES>dcdiag /q
         [SERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... DES-DC1 failed test Replications

C:\Users\administrator.DES>

DC2:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator.DESSERVER>dcdiag /q

C:\Users\Administrator.DESSERVER>




Nothing happens when I run this... I did repadmin /syncall   again and it worked...

Ipconfig is fine now.

Everything seems good, nothing happens when you run dcdiag /q means dcdiag is clean. also repadmin is fine.

for safer side please disable all unwanted NICs.

So this means when I do demote the old domain controller, everything should remove smooth, even the DNS?

Okay, I demoted the DC and the old server still shows up in the DNS logs as a name server, ect.  So I will just manually remove those entries.  Thanks!

Yes, manually remove old server entries form DNS, AD user-computers and DSsites.

> To remove the failed server object from the sites
In Active Directory Sites and Services, expand the appropriate site.
Delete the server object associated with the failed domain controller.

> To remove the failed server object from the domain controllers container
In Active Directory Users and Computers, expand the domain controllers container.
Delete the computer object associated with the failed domain controller.

Windows Server 2003 AD might display a new type of question window, asking you if you want to delete the server object without performing a DCPROMO operation (which, of course, you cannot perform, otherwise you wouldn't be reading this article, would you...) Select "This DC is permanently offline..." and click on the Delete button.
 
AD will display another confirmation window. If you're sure that you want to delete the failed object, click Yes.

> To remove the failed server object from DNS
In the DNS snap-in, expand the zone that is related to the domain from where the server has been removed.
Remove the CNAME record in the _msdcs.root domain of forest zone in DNS. You should also delete the HOSTNAME and other DNS records.
 

If you have reverse lookup zones, also remove the server from these zones.

Ok, thanks!