syssol52
asked on
Windows Server 2008 Active Directory
I have a 2003 Domain Controller and added in a 2008 Domin Controller a few months ago - everything seemed to install successfully.
When the W2003 DC is switched off, none of the clients can authenticate against the 2008 DC. DNS is also insalled on the 2008 DC.
I have transferred all the roles to the 2008 DC sucessfully. When I turn the 2003 DC off, and open Active Directory Users and Computers on the 2008DC it does not show any users. If the 2003 DC is online, the AD Users and Computers opens fine.
I need to format the 2003 Server and reinstall it as a 2008 DC but cannot do this until my issue is resolved.. any suggestions?
When the W2003 DC is switched off, none of the clients can authenticate against the 2008 DC. DNS is also insalled on the 2008 DC.
I have transferred all the roles to the 2008 DC sucessfully. When I turn the 2003 DC off, and open Active Directory Users and Computers on the 2008DC it does not show any users. If the 2003 DC is online, the AD Users and Computers opens fine.
I need to format the 2003 Server and reinstall it as a 2008 DC but cannot do this until my issue is resolved.. any suggestions?
do you have any replication errors?
when you promoted the 2008 server, did you let him finish the replication or did you tell him finish replication later?
when you promoted the 2008 server, did you let him finish the replication or did you tell him finish replication later?
First thing you need to make sure the Windows 2008 Server is a Global Catalog. Make sure this server is pointing to itself. Make sure clients are now only pointing to this server for DNS.
Run dcdiag post results
Run dcdiag post results
Actually... and all the FSMO processes... make certain you moved all the FSMO processes to the new machine too.
ASKER
I set the DNS Settings on the Clients to look at the new 2008 Server
(Still not working)
I didn;t demote the 2003 Server yet as wanted to ensure the 2008 Server would work independently before demoting i.e. all users etc were replicating across
When I open AD Users and Computers it is connected to the W2008 DC but doesn't show the users unless the 2003 DC is turned on?
When I promoted the 2008 DC I let it finish replication
The 2008 server is a GC
I have moved (transferred not seized) all FSMO Roles
DCDIAG Results:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.OLA
C:\>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OLAPSERVER2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\OL
Starting test: Connectivity
......................... OLAPSERVER2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\OL
Starting test: Advertising
Warning: DsGetDcName returned information for
\\OLAPSERVER.olap.portal, when we were trying to reach OLAPSERVER2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... OLAPSERVER2 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... OLAPSERVER2 failed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... OLAPSERVER2 failed test DFSREvent
Starting test: SysVolCheck
......................... OLAPSERVER2 passed test SysVolCheck
Starting test: KccEvent
......................... OLAPSERVER2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... OLAPSERVER2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... OLAPSERVER2 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=olap,
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=olap,
......................... OLAPSERVER2 failed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\OLAPSERVER2\netlogon)
[OLAPSERVER2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... OLAPSERVER2 failed test NetLogons
Starting test: ObjectsReplicated
......................... OLAPSERVER2 passed test ObjectsReplicated
Starting test: Replications
......................... OLAPSERVER2 passed test Replications
Starting test: RidManager
......................... OLAPSERVER2 passed test RidManager
Starting test: Services
......................... OLAPSERVER2 passed test Services
Starting test: SystemLog
......................... OLAPSERVER2 passed test SystemLog
Starting test: VerifyReferences
......................... OLAPSERVER2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : olap
Starting test: CheckSDRefDom
......................... olap passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... olap passed test CrossRefValidation
Running enterprise tests on : olap.portal
Starting test: LocatorCheck
......................... olap.portal passed test LocatorCheck
Starting test: Intersite
......................... olap.portal passed test Intersite
C:\>
Any help is much appreciated..
(Still not working)
I didn;t demote the 2003 Server yet as wanted to ensure the 2008 Server would work independently before demoting i.e. all users etc were replicating across
When I open AD Users and Computers it is connected to the W2008 DC but doesn't show the users unless the 2003 DC is turned on?
When I promoted the 2008 DC I let it finish replication
The 2008 server is a GC
I have moved (transferred not seized) all FSMO Roles
DCDIAG Results:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.OLA
C:\>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OLAPSERVER2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\OL
Starting test: Connectivity
......................... OLAPSERVER2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\OL
Starting test: Advertising
Warning: DsGetDcName returned information for
\\OLAPSERVER.olap.portal, when we were trying to reach OLAPSERVER2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... OLAPSERVER2 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... OLAPSERVER2 failed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... OLAPSERVER2 failed test DFSREvent
Starting test: SysVolCheck
......................... OLAPSERVER2 passed test SysVolCheck
Starting test: KccEvent
......................... OLAPSERVER2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... OLAPSERVER2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... OLAPSERVER2 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=olap,
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=olap,
......................... OLAPSERVER2 failed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\OLAPSERVER2\netlogon)
[OLAPSERVER2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... OLAPSERVER2 failed test NetLogons
Starting test: ObjectsReplicated
......................... OLAPSERVER2 passed test ObjectsReplicated
Starting test: Replications
......................... OLAPSERVER2 passed test Replications
Starting test: RidManager
......................... OLAPSERVER2 passed test RidManager
Starting test: Services
......................... OLAPSERVER2 passed test Services
Starting test: SystemLog
......................... OLAPSERVER2 passed test SystemLog
Starting test: VerifyReferences
......................... OLAPSERVER2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : olap
Starting test: CheckSDRefDom
......................... olap passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... olap passed test CrossRefValidation
Running enterprise tests on : olap.portal
Starting test: LocatorCheck
......................... olap.portal passed test LocatorCheck
Starting test: Intersite
......................... olap.portal passed test Intersite
C:\>
Any help is much appreciated..
it seems like you have problems with SYSVOL which may indicate that SYSVOL
doesn't finished to replicate and SYSVOL share doesn't exist on the server.
if it true that mean that directory services doesn't really working on this server.
SYSVOL continue to replicate after the initial AD replication when promote a server.
and only after it finished and the SYSVOL share is created the server can fully operate as DC.
make sure you have SYSVOL share.
look for the event that said that SYSVOL is created.
if there no such event so there is your problem.
doesn't finished to replicate and SYSVOL share doesn't exist on the server.
if it true that mean that directory services doesn't really working on this server.
SYSVOL continue to replicate after the initial AD replication when promote a server.
and only after it finished and the SYSVOL share is created the server can fully operate as DC.
make sure you have SYSVOL share.
look for the event that said that SYSVOL is created.
if there no such event so there is your problem.
ASKER
Thanks
I'll check this out..
If there is an issue with the SYSVOL share, can this be repaired / recreated ? Or, what do I do from here..?
I'll check this out..
If there is an issue with the SYSVOL share, can this be repaired / recreated ? Or, what do I do from here..?
It should be created automatcly once the replication work
You have separated event log for the nfs replication. Check for events there
You have separated event log for the nfs replication. Check for events there
ASKER
I've looked at the events and apart from one or two errors (which appear to have fixed themselves shortly afterwards) I cannot see anything that suggests what the issue is.
I've attached a copy of the DFS Events from event viewer but had to rename to .txt (please rename to evtx to view)
thanks
DFS-Events..txt
Here are a couple of links to check out.
http://support.microsoft.com/kb/967336
http://support.microsoft.com/kb/947022/en-us
Try the links if these don't work let me know will move to the next steps
http://support.microsoft.com/kb/967336
http://support.microsoft.com/kb/947022/en-us
Try the links if these don't work let me know will move to the next steps
ASKER
will try now and let you know..
thanks for your help
thanks for your help
ASKER
I've done what the second link suggests but on the first link that refers to an entry in the registry is not there - see picture attached.
Will I add it to the registry? - thanks
Registry-Pic.png
Will I add it to the registry? - thanks
Registry-Pic.png
can you ping the other server (2003) with short name? (netbios name)
ASKER
yes, i can ping by ip and netbios ??
???
is that mean that you can ping? :)
or you asking?
sorry.. couldn't understand...
what i'm trying to say is that DFSR need to be able to connect with the short name.
so you need WINS or add DNS suffix to your network configuration.
just to make sure it's not the problem...
is that mean that you can ping? :)
or you asking?
sorry.. couldn't understand...
what i'm trying to say is that DFSR need to be able to connect with the short name.
so you need WINS or add DNS suffix to your network configuration.
just to make sure it's not the problem...
You are not running DFSR then which is fine.
Reboot the server.
Run dcdiag post results.
Reboot the server.
Run dcdiag post results.
ASKER
i've noticed that when i browse the network to the server 2003 machine there is a netlogon and sysvol folder shared..
the sysvol folder is the only one shred on 2008 dc and there is no netlogon folder shared
the sysvol folder is the only one shred on 2008 dc and there is no netlogon folder shared
ASKER
to answer you question regarding ping - yes i can ping by ip address and netbios name.
sorry for confusing you with ?
sorry for confusing you with ?
it seems like this:
http://support.microsoft.com/kb/947022
without netlogon your DC cannot fully operate
http://support.microsoft.com/kb/947022
without netlogon your DC cannot fully operate
ohhh... you already got this... sorry... :)
did you try it?
did you try it?
ASKER
yes, i did this but should I reboot?
The server is been used at the moment and I will not be able to reboot until tonight (GMT)
I will try rebooting later and rerun dcdiag and post results..
thank you for your help so far
The server is been used at the moment and I will not be able to reboot until tonight (GMT)
I will try rebooting later and rerun dcdiag and post results..
thank you for your help so far
you welcome....
hope it will resolve you issue....
hope it will resolve you issue....
Restart the netlogon service
ASKER
thanks for all your help..
the problem is that currently the server is in use by customers for running reports and we have to schedule downtime (even to reboot)
I will be spending time on thurs morning to troubleshoot and will post results then
the problem is that currently the server is in use by customers for running reports and we have to schedule downtime (even to reboot)
I will be spending time on thurs morning to troubleshoot and will post results then
Restart the netlogon service will not cause downtime
ASKER
yes, i restarted this morning but if i put 2003 domain controller offline to check if users and computers show up in active directory on 2008 dc, any users trying to connect in the meantime will not be able to {providing that the issue was not resolved by restarting netlogon)
thanks
thanks
Run dcdiag post results now after restart the services
ASKER
my 2008 dc is called olapserver2 and the 2003 dc is called olapserver
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.OLA
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OLAPSERVER2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\OL
Starting test: Connectivity
......................... OLAPSERVER2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\OL
Starting test: Advertising
......................... OLAPSERVER2 passed test Advertising
Starting test: FrsEvent
......................... OLAPSERVER2 passed test FrsEvent
Starting test: DFSREvent
......................... OLAPSERVER2 passed test DFSREvent
Starting test: SysVolCheck
......................... OLAPSERVER2 passed test SysVolCheck
Starting test: KccEvent
......................... OLAPSERVER2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... OLAPSERVER2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... OLAPSERVER2 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=olap,
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=olap,
......................... OLAPSERVER2 failed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\OLAPSERVER2\netlogon)
[OLAPSERVER2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... OLAPSERVER2 failed test NetLogons
Starting test: ObjectsReplicated
......................... OLAPSERVER2 passed test ObjectsReplicated
Starting test: Replications
......................... OLAPSERVER2 passed test Replications
Starting test: RidManager
......................... OLAPSERVER2 passed test RidManager
Starting test: Services
......................... OLAPSERVER2 passed test Services
Starting test: SystemLog
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 16:55:34
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:00:36
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:05:38
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:10:41
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:11:21
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:15:43
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:20:45
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:25:47
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:30:50
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:35:52
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:40:54
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:45:56
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:50:58
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
......................... OLAPSERVER2 failed test SystemLog
Starting test: VerifyReferences
......................... OLAPSERVER2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : olap
Starting test: CheckSDRefDom
......................... olap passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... olap passed test CrossRefValidation
Running enterprise tests on : olap.portal
Starting test: LocatorCheck
......................... olap.portal passed test LocatorCheck
Starting test: Intersite
......................... olap.portal passed test Intersite
C:\Users\administrator.OLA
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.OLA
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OLAPSERVER2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\OL
Starting test: Connectivity
......................... OLAPSERVER2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\OL
Starting test: Advertising
......................... OLAPSERVER2 passed test Advertising
Starting test: FrsEvent
......................... OLAPSERVER2 passed test FrsEvent
Starting test: DFSREvent
......................... OLAPSERVER2 passed test DFSREvent
Starting test: SysVolCheck
......................... OLAPSERVER2 passed test SysVolCheck
Starting test: KccEvent
......................... OLAPSERVER2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... OLAPSERVER2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... OLAPSERVER2 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=olap,
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=olap,
......................... OLAPSERVER2 failed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\OLAPSERVER2\netlogon)
[OLAPSERVER2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... OLAPSERVER2 failed test NetLogons
Starting test: ObjectsReplicated
......................... OLAPSERVER2 passed test ObjectsReplicated
Starting test: Replications
......................... OLAPSERVER2 passed test Replications
Starting test: RidManager
......................... OLAPSERVER2 passed test RidManager
Starting test: Services
......................... OLAPSERVER2 passed test Services
Starting test: SystemLog
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 16:55:34
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:00:36
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:05:38
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:10:41
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:11:21
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:15:43
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:20:45
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:25:47
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:30:50
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:35:52
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:40:54
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:45:56
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
An Error Event occurred. EventID: 0x00000422
Time Generated: 11/17/2010 17:50:58
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\olap.portal\sysvol\olap.
984F9}\gpt.ini from a domain controller and was not successful. Group Policy set
tings may not be applied until this event is resolved. This issue may be transie
nt and could be caused by one or more of the following:
......................... OLAPSERVER2 failed test SystemLog
Starting test: VerifyReferences
......................... OLAPSERVER2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : olap
Starting test: CheckSDRefDom
......................... olap passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... olap passed test CrossRefValidation
Running enterprise tests on : olap.portal
Starting test: LocatorCheck
......................... olap.portal passed test LocatorCheck
Starting test: Intersite
......................... olap.portal passed test Intersite
C:\Users\administrator.OLA
Still failing NETLOGON but your server is at leaste advertising as a DC now. Go through the link about the missing netlogon folder one more time
ASKER
thanks for your help..
i think i have it working now so will leave the 2003dc offline for a day or so and kep an eye on it..
who do i award the points to.. - as both dariusq and haim96 have been very helpful..??
i think i have it working now so will leave the 2003dc offline for a day or so and kep an eye on it..
who do i award the points to.. - as both dariusq and haim96 have been very helpful..??
go for split... :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry if mistake was made..
not too sure about awarding points
not too sure about awarding points
(1) DNS is installed on the 2008 server, but what is everything configured to use for DNS? (If DNS of the workstations is still pointed at the server that is now off... well... that won't work.)
(2) When you turned the the 2003 DC server, did you remove demote the server to a member server first?
(3) When you open Active Directory Users and Computers, in the pane, where it says "Active Directory Users and Computers", it should tell you what it is connected to... what does it say it's connected to? If you right click, and specify the 2008 server, do you see your users/computers?