Solved

Server 2000 to 2008 AD won't replicate - likely DNS issue, dcdiag fails

Posted on 2010-09-09
19
641 Views
Last Modified: 2013-12-05
Good afternoon all,
This is my first time attempting an attach/promotion of a DC to a Server 2000 environment to Server 2008.  Ultimately the goal is to decomission the old server and leave the 2008 box as the primary and only DC.

I added the 2008 box to the domain, attempted to run DCPromo and discovered I had to do all the necessary AD prepwork from the DVD.  Thanks to EE, I was able to run the necessary adprep, forestprep, domainprep, etc, per the article at http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_24003240.html?sfQueryTermInfo=1+10+2000+2008+30+domain+join+server

I got as far as the KB article for transferring FSMO roles per http://support.microsoft.com/kb/324801 and get the error inin MMC while trying to transfer the Schema Master Role: "list of Domain Controllers for DOMAIN.LOCAL is unavailable because: the server is not operational."  Odd, to say the least.  I am not about to start seizing roles yet.
Per a few other troubleshooting techniques I've been reading about, I attempted running DCDiag and in the initial test it tells me "the host 2f89260c-dbb8-4173-a839-3ebc4eaaab3a._msdcs.domain.local could not be resolved to an IP address.  Check DNS server, DHCP, etc."  Under the Enterprise tests, it tells me the DCGetDcName call failed, error 1355, GC could not be located, and continues with a few similar errors.
Trying to hit any of the AD snap ins (ADUC, ADDT, etc) yields an error that Active Directory is not running.  Interestingly, I can ping the short server name of the existing server (server), but when I try to ping the FQDN (server.domain.local) it tells me it could not find the host.
Fundamentally, it appears I have a DNS issue on my hands, though I'm not a hundred percent sure how to move forward troubleshooting it?  A lot of articles refer me to dcdiag /fix, but that does me no good.

Thanks!

Edited to correct article link
0
Comment
Question by:billyorr
  • 8
  • 6
  • 5
19 Comments
 
LVL 3

Expert Comment

by:JasonTracy
ID: 33637194
Do you get the same errors on both the 2k and 2k8 server when running your diags?  Does the 2k8 server point to the 2k server for DNS?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33637391
Post the dcdiag.

Make sure you only have one NIC enabled on both servers.

Check to make sure your new DC is pointing to the existing DC for DNS for primary in TCP\IP settings run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33637396
Do NOT sieze the roles
0
 

Author Comment

by:billyorr
ID: 33639590

Directory Server Diagnosis
Performing initial setup:   Trying to find home server...   Home Server = BCCSERVER   * Identified AD Forest.
   Done gathering initial info.
Doing initial required tests  
   Testing server: Default-First-Site-Name\BCCSERVER      Starting test: Connectivity         The host 2f89260c-dbb8-4173-a839-3ebc4eaaab3a._msdcs.DOMAIN.LOCAL         could not be resolved to an IP address. Check the DNS server, DHCP,         server name, etc.         ......................... BCCSERVER failed test ConnectivityDoing primary tests  
   Testing server: Default-First-Site-Name\BCCSERVER      Skipping all tests, because server BCCSERVER is not responding to      directory service requests.  
   
   Running partition tests on : Schema      Starting test: CheckSDRefDom         ......................... Schema passed test CheckSDRefDom      Starting test: CrossRefValidation         ......................... Schema passed test CrossRefValidation  
   Running partition tests on : Configuration      Starting test: CheckSDRefDom         ......................... Configuration passed test CheckSDRefDom      Starting test: CrossRefValidation         ......................... Configuration passed test CrossRefValidation  
   Running partition tests on : DOMAIN      Starting test: CheckSDRefDom         ......................... DOMAIN passed test CheckSDRefDom      Starting test: CrossRefValidation         ......................... DOMAIN passed test CrossRefValidation  
   Running enterprise tests on : DOMAIN.LOCAL      Starting test: LocatorCheck         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355         A Global Catalog Server could not be located - All GC's are down.         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355         A Primary Domain Controller could not be located.         The server holding the PDC role is down.         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355         A Time Server could not be located.         The server holding the PDC role is down.         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355         A KDC could not be located - All the KDCs are down.         ......................... DOMAIN.LOCAL failed test LocatorCheck      Starting test: Intersite         ......................... DOMAIN.LOCAL passed test Intersite

Each server has only one NIC, and the 2008 server currently uses 1.3 (the old server) for its primary DNS server.  I had entered 1.1 (the router) as a secondary DNS, should I remove that then?
BCCserver is the new server, the old server is just called server, and this particular dcdiag log was run from bccserver.

Thanks!
0
 
LVL 3

Expert Comment

by:JasonTracy
ID: 33639645
Yes, remove 1.1 from the 2008 server.  The only DNS any of your computers use should be the ones on the domain controllers.

Once you're done, you can put the DNS for both servers in there.
0
 

Author Comment

by:billyorr
ID: 33639698
Jason - thanks.  I removed 1.1 from the DNS so the 2008 box is only pointing at 1.3.  Unfortunately, the dcdiags remain the same, as does the inability to ping the FQDN.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33639699
Post ipconfig /all
0
 
LVL 3

Expert Comment

by:JasonTracy
ID: 33639862
Did you do the step that dariusg suggested?

"Check to make sure your new DC is pointing to the existing DC for DNS for primary in TCP\IP settings run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix. "

0
 

Author Comment

by:billyorr
ID: 33640274
Windows 2000 IP Configuration
      Host Name . . . . . . . . . . . . : server
      Primary DNS Suffix  . . . . . . . : DOMAIN.LOCAL
      Node Type . . . . . . . . . . . . : Hybrid
      IP Routing Enabled. . . . . . . . : No
      WINS Proxy Enabled. . . . . . . . : No
      DNS Suffix Search List. . . . . . : DOMAIN.LOCAL
Ethernet adapter Local Area Connection:
      Connection-specific DNS Suffix  . :
      Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
      Physical Address. . . . . . . . . : 00-09-6B-37-B3-76
      DHCP Enabled. . . . . . . . . . . : No
      IP Address. . . . . . . . . . . . : 192.168.1.3
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Default Gateway . . . . . . . . . : 192.168.1.1
      DNS Servers . . . . . . . . . . . : 192.168.1.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Windows IP Configuration
   Host Name . . . . . . . . . . . . : BCCSERVER
   Primary Dns Suffix  . . . . . . . : DOMAIN.LOCAL
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : DOMAIN.LOCAL

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client)
   Physical Address. . . . . . . . . : 84-2B-2B-1A-09-BA
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1db6:efd0:860:1374%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 260320043
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-08-BA-38-84-2B-2B-1A-09-BA
   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.1.3
   NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{C322BFF1-5E0B-4B51-96CA-7922716DF9B4}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ipconfigs for both machines above.  Jason - I'd tried that before in some of my troubleshooting from before I had posted, and again when it was recommended.  Unfortunately doesn't seem to do much for me, but it appeared to have worked for a lot of other people from what I was reading.
0
 
LVL 3

Accepted Solution

by:
JasonTracy earned 200 total points
ID: 33640685
Your 2000 box is using your default gateway for DNS, that might be the issue.  It should point at itself.
0
 

Author Comment

by:billyorr
ID: 33640809
I had thought that was weird.  Previous company had set it up, as you can tell by the highly descriptive server and domain names.  I'll try cutting that over after hours tonight.
0
 

Author Comment

by:billyorr
ID: 33641089
Might have gotten impatient and done it already!  I did the same flush & regsiter dns as above, and ran dcdiag to ouptut to a text file, listed below.  I cleaned the empty spaces so it's a little less obnoxious.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Directory Server Diagnosis
Performing initial setup:
   Trying to find home server...
   Home Server = BCCSERVER
   * Identified AD Forest.
   Done gathering initial info.
Doing initial required tests
   Testing server: Default-First-Site-Name\BCCSERVER
      Starting test: Connectivity
         ......................... BCCSERVER passed test Connectivity
Doing primary tests
   Testing server: Default-First-Site-Name\BCCSERVER
      Starting test: Advertising
         Fatal Error:DsGetDcName (BCCSERVER) call failed, error 1355
         The Locator could not find the server.
         ......................... BCCSERVER failed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... BCCSERVER passed test FrsEvent
      Starting test: DFSREvent
         ......................... BCCSERVER passed test DFSREvent
      Starting test: SysVolCheck
         ......................... BCCSERVER passed test SysVolCheck
      Starting test: KccEvent
         ......................... BCCSERVER passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... BCCSERVER passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... BCCSERVER passed test MachineAccount
      Starting test: NCSecDesc
         ......................... BCCSERVER passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\BCCSERVER\netlogon)
         [BCCSERVER] An net use or LsaPolicy operation failed with error 67,
         The network name cannot be found..
         ......................... BCCSERVER failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... BCCSERVER passed test ObjectsReplicated
      Starting test: Replications
         ......................... BCCSERVER passed test Replications
      Starting test: RidManager
         ......................... BCCSERVER passed test RidManager
      Starting test: Services
         ......................... BCCSERVER passed test Services
      Starting test: SystemLog
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:16:27
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:21:31
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:26:33
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:31:38
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:36:42
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:41:44
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Warning Event occurred.  EventID: 0x00001695
            Time Generated: 09/09/2010   15:44:59
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DOMAIN.LOCAL.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:46:49
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:51:53
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   15:56:55
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   16:02:00
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   16:07:04
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/09/2010   16:11:44
            Event String:
            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name Sysytem (DNS) is configured and working correctly.
         ......................... BCCSERVER failed test SystemLog
      Starting test: VerifyReferences
         ......................... BCCSERVER passed test VerifyReferences
   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
   Running partition tests on : DOMAIN
      Starting test: CheckSDRefDom
         ......................... DOMAIN passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DOMAIN passed test CrossRefValidation
   Running enterprise tests on : DOMAIN.LOCAL
      Starting test: LocatorCheck
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
         A Primary Domain Controller could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... DOMAIN.LOCAL failed test LocatorCheck
      Starting test: Intersite
         ......................... DOMAIN.LOCAL passed test Intersite
0
 
LVL 3

Expert Comment

by:JasonTracy
ID: 33641156
Once you change that, doing the ipconfig /flushdns and /registerdns should rebuild the missing entries that the check is complaining about above.
0
 

Author Comment

by:billyorr
ID: 33641295
Yep, that's the idea.  When I ran dcdiag above, it was only dcdiag.  Should I now try dcdiag /fix?
0
 
LVL 3

Expert Comment

by:JasonTracy
ID: 33641662
Only after you change where DNS is pointing.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 300 total points
ID: 33641839
During promotion since you had the wrong IP address for DNS you are most likely going to have to demote then repromote the server.
0
 

Author Comment

by:billyorr
ID: 33646167
Ok, now that I've reread this I think I see where I missed something yesterday.  Jason, I misread your comment about the DNS on the 2000 box to mean the 2008 box; and as you can see all I had done was to remove the secondary DNS of 1.1 from the 2008 box; where I think you meant me to change the primary DNS of the 2000 box from 1.1 to 1.3, correct?

From here, I'll cut over the DNS on the 2000 box to be 1.3, and that will mean both servers have only a primary DNS of 1.3 assigned to them.  I will then do a flush and register dns on both servers, followed by a demotion and promotion of the 2008 box.

Sound about right?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 300 total points
ID: 33646196
Sounds right. But run dcdiag /fix on the 2000 box after changing the IP address for DNS.

Run metadata cleanup after demoting the 2008 DC to make sure you remove any lingering objects in AD.
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:billyorr
ID: 33649160
Thank you gentlemen.  Jason I flagged your comment as a solution being that it is something we should have checked for before the install, and darius your two comments were the specific solution to resolving the issue created by moving ahead with a server install on a network with prior DNS issues.
0

Join & Write a Comment

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now