Solved: Domain policies migration from Win Server 2003 to 2008 R2

ShareefHuddle

You have to install gpmc on 2008 http://technet.microsoft.com/en-us/library/cc725932.aspx

ShareefHuddle

If they are both in the same domain the Group policy should be on all DC's. Is your 2008 a global catalog server?

ShareefHuddle

You should also run a dcdiag, replmon, and netdiag on both servers to make sure all is good

KDingman

ASKER

Thanks for the information. I am looking into your questions - have to contact the person who set-up the new servers and have several other issues to go over with them.

Darius Ghassem

Did you create a new domain? Or did you add these servers to an existing Domain?

If you added to a existing domain then the polices should have been replicated to the new DC. Now if these were local polices on the Terminal Server you would need to recreate these polices for the Windows 2008 Server.

Go to Server Manager Add the Role for GPMC

KDingman

ASKER

After looking more deeply into this issue (using dcdiag) it seems that there are some DNS issues as well as replication issues. In process of tracking them down.
Thanks for the helpful hints.

Darius Ghassem

Post dcdiag let us help out

KDingman

ASKER

Latest dcdiag on 10.1.1.12 which is the PDC and 'old' DC.
*************************************************
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\kentD>dcdiag

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = WINDOWS-P6LALHP
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\WINDOWS-P6LALHP
Starting test: Connectivity
......................... WINDOWS-P6LALHP passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\WINDOWS-P6LALHP
Starting test: Advertising
......................... WINDOWS-P6LALHP passed test Advertising
Starting test: FrsEvent
......................... WINDOWS-P6LALHP passed test FrsEvent
Starting test: DFSREvent
......................... WINDOWS-P6LALHP passed test DFSREvent
Starting test: SysVolCheck
......................... WINDOWS-P6LALHP passed test SysVolCheck
Starting test: KccEvent
......................... WINDOWS-P6LALHP passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... WINDOWS-P6LALHP passed test
KnowsOfRoleHolders
Starting test: MachineAccount
......................... WINDOWS-P6LALHP passed test MachineAccount
Starting test: NCSecDesc
......................... WINDOWS-P6LALHP passed test NCSecDesc
Starting test: NetLogons
......................... WINDOWS-P6LALHP passed test NetLogons
Starting test: ObjectsReplicated
......................... WINDOWS-P6LALHP passed test
ObjectsReplicated
Starting test: Replications
......................... WINDOWS-P6LALHP passed test Replications
Starting test: RidManager
......................... WINDOWS-P6LALHP passed test RidManager
Starting test: Services
......................... WINDOWS-P6LALHP passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 11/10/2010 16:31:23
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:00:40
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:00:41
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:03:36
Event String:
The jobs in the print queue for printer Microsoft XPS Document Write
r (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:03:36
Event String:
Printer Microsoft XPS Document Writer (redirected 2) will be deleted
. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:03:36
Event String:
Printer Microsoft XPS Document Writer (redirected 2) was deleted, an
d users will no longer be able to print to this printer. No user action is requi
red.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:03:36
Event String:
The jobs in the print queue for printer HP Photosmart 330 Series (re
directed 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:03:36
Event String:
Printer HP Photosmart 330 Series (redirected 2) will be deleted. No
user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:03:36
Event String:
Printer HP Photosmart 330 Series (redirected 2) was deleted, and use
rs will no longer be able to print to this printer. No user action is required.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:19:12
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:19:17
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:28:45
Event String:
The jobs in the print queue for printer HP Photosmart 330 Series (re
directed 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:28:45
Event String:
Printer HP Photosmart 330 Series (redirected 2) will be deleted. No
user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:28:45
Event String:
Printer HP Photosmart 330 Series (redirected 2) was deleted, and use
rs will no longer be able to print to this printer. No user action is required.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:28:45
Event String:
The jobs in the print queue for printer Microsoft XPS Document Write
r (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:28:45
Event String:
Printer Microsoft XPS Document Writer (redirected 2) will be deleted
. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:28:45
Event String:
Printer Microsoft XPS Document Writer (redirected 2) was deleted, an
d users will no longer be able to print to this printer. No user action is requi
red.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:31:08
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:31:12
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
......................... WINDOWS-P6LALHP failed test SystemLog
Starting test: VerifyReferences
......................... WINDOWS-P6LALHP passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : crdaniels
Starting test: CheckSDRefDom
......................... crdaniels passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... crdaniels passed test CrossRefValidation

Running enterprise tests on : crdaniels.local
Starting test: LocatorCheck
......................... crdaniels.local passed test LocatorCheck
Starting test: Intersite
......................... crdaniels.local passed test Intersite
Latest dcdiag on 10.1.1.12

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\kentD>dcdiag

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = WINDOWS-P6LALHP
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\WINDOWS-P6LALHP
Starting test: Connectivity
......................... WINDOWS-P6LALHP passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\WINDOWS-P6LALHP
Starting test: Advertising
......................... WINDOWS-P6LALHP passed test Advertising
Starting test: FrsEvent
......................... WINDOWS-P6LALHP passed test FrsEvent
Starting test: DFSREvent
......................... WINDOWS-P6LALHP passed test DFSREvent
Starting test: SysVolCheck
......................... WINDOWS-P6LALHP passed test SysVolCheck
Starting test: KccEvent
......................... WINDOWS-P6LALHP passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... WINDOWS-P6LALHP passed test
KnowsOfRoleHolders
Starting test: MachineAccount
......................... WINDOWS-P6LALHP passed test MachineAccount
Starting test: NCSecDesc
......................... WINDOWS-P6LALHP passed test NCSecDesc
Starting test: NetLogons
......................... WINDOWS-P6LALHP passed test NetLogons
Starting test: ObjectsReplicated
......................... WINDOWS-P6LALHP passed test
ObjectsReplicated
Starting test: Replications
......................... WINDOWS-P6LALHP passed test Replications
Starting test: RidManager
......................... WINDOWS-P6LALHP passed test RidManager
Starting test: Services
......................... WINDOWS-P6LALHP passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 11/10/2010 16:31:23
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:00:40
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:00:41
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:03:36
Event String:
The jobs in the print queue for printer Microsoft XPS Document Write
r (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:03:36
Event String:
Printer Microsoft XPS Document Writer (redirected 2) will be deleted
. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:03:36
Event String:
Printer Microsoft XPS Document Writer (redirected 2) was deleted, an
d users will no longer be able to print to this printer. No user action is requi
red.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:03:36
Event String:
The jobs in the print queue for printer HP Photosmart 330 Series (re
directed 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:03:36
Event String:
Printer HP Photosmart 330 Series (redirected 2) will be deleted. No
user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:03:36
Event String:
Printer HP Photosmart 330 Series (redirected 2) was deleted, and use
rs will no longer be able to print to this printer. No user action is required.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:19:12
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:19:17
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:28:45
Event String:
The jobs in the print queue for printer HP Photosmart 330 Series (re
directed 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:28:45
Event String:
Printer HP Photosmart 330 Series (redirected 2) will be deleted. No
user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:28:45
Event String:
Printer HP Photosmart 330 Series (redirected 2) was deleted, and use
rs will no longer be able to print to this printer. No user action is required.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 11/10/2010 17:28:45
Event String:
The jobs in the print queue for printer Microsoft XPS Document Write
r (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 11/10/2010 17:28:45
Event String:
Printer Microsoft XPS Document Writer (redirected 2) will be deleted
. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 11/10/2010 17:28:45
Event String:
Printer Microsoft XPS Document Writer (redirected 2) was deleted, an
d users will no longer be able to print to this printer. No user action is requi
red.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:31:08
Event String:
Driver hp LaserJet 1000 required for printer hp LaserJet 1000 is unk
nown. Contact the administrator to install the driver before you log in again.
An Error Event occurred. EventID: 0x00000457
Time Generated: 11/10/2010 17:31:12
Event String:
Driver HP Photosmart D5300 series required for printer HP Photosmart
D5300 series is unknown. Contact the administrator to install the driver before
you log in again.
......................... WINDOWS-P6LALHP failed test SystemLog
Starting test: VerifyReferences
......................... WINDOWS-P6LALHP passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : crdaniels
Starting test: CheckSDRefDom
......................... crdaniels passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... crdaniels passed test CrossRefValidation

Running enterprise tests on : crdaniels.local
Starting test: LocatorCheck
......................... crdaniels.local passed test LocatorCheck
Starting test: Intersite
......................... crdaniels.local passed test Intersite

Darius Ghassem

Everything looks good.

Run repadmin /syncall

KDingman

ASKER

Thanks - it ran with one error -
Here is the summary:
*********************************************************
C:\Users\kentD>repadmin/replsummary
Replication Summary Start Time: 2010-11-11 08:50:09

Beginning data collection for replication summary, this may take awhile:
.......

Source DSA largest delta fails/total %% error
DC-V01 45m:00s 0 / 10 0
EXCHANGE-V01 26m:46s 0 / 10 0
WIN2K3SQL 26m:47s 0 / 6 0
WINDOWS-P6LALHP 50m:42s 0 / 10 0

Destination DSA largest delta fails/total %% error
DC-V01 26m:40s 0 / 13 0
EXCHANGE-V01 50m:42s 0 / 10 0
WINDOWS-P6LALHP 03m:08s 0 / 13 0

Experienced the following operational errors trying to retrieve replication info
rmation:
58 - win2k3sql.crdaniels.local

*********************************
So replication is mostly up an running. Now to get the new terminal server to look like the old one...

KDingman

ASKER

Thanks again for all of the help. Have gotten a lot accomplished but one last important issue remains: user desktop and start menu for their TS sessions.

I need to be able to create a "default user" Start Menu and desktop for the terminal (RDP) users. This was really easy in 2003 and prior. They have changed a lot in 2008 R2 - of course.

So far it looks like I am supposed to use Windows System Image Manager and sysprep to do this now (as per MS Article ID: 973289 - Last Review: May 6, 2010 - Revision: 8.0)

Is this correct?

Once this is done, can individual users still add additional items to their desktops and still have them there when they log back in?

Darius Ghassem

You can do that with a just plan terminal server you don't need to do all the above you can just edit the default user profile

KDingman

ASKER

Ah - but the question is WHERE IS IT??
I do not see any default user folder on the server (like there was in 2003)

Darius Ghassem

Now it is called ALL USERS

KDingman

ASKER

There is no "ALL USERS" folder anywhere on the TS.
There is no "ALL USERS" folder anywhere on the DC.

BTW, if it was that easy I would have seen it a long time ago.

Darius Ghassem

http://blog.stealthpuppy.com/windows/profile-changes-in-windows-vistalonghorn-server/

KDingman

ASKER

nice try, but I already figured that out.
there simply is no all users folder.

ShareefHuddle

Users\Public is where the all users are now

Darius Ghassem

Well that would do it.

ShareefHuddle

:)

KDingman

ASKER

No one mentioned that In Windows 2008 R2 the default profile information is located in a hidden system folder.