Start Free Trial

asked on

Migrate 2003 PDC to 2008 PDC and AD

Hello, I am trying to migrated a 2003 PDC/AD that hosted SQL 2000 to a new 2008 R2 server that hosts PDC and AD.

I have performed the following steps but when I disconnect the 2003 server (unplug network cable) my connectiviting to the database does not work AND if I reboot a dhcp client and run ipconfig /all it points to the old DNS (2003 server).

STEP already taken:
1. ran all ADPREP /FORESTPREP and ADPREP /DOMAINPREP on 2003 server for 2008 compliance.
2. Setup 2008 server, joined domain
3. Ran dcpromo on the 2008 server and made it a PDC
4, Installed DNS on the 2008 server
5. Installed DHCP on the 2008 server and removed it on the 2003 server, works fine.
6. Made 2008 server a global catalog
7. Transfered FSMO roles via these instructions: http://support.microsoft.com/kb/324801

Again, when I disconnect the 2003 server from the network looses connectivity to SQL on the 2008 server. SQL was originally on 2003 server.

When I have 2003 server up and running and I reboot DHCP client it show 2003 server as DNS with the command ipconfig /all.

Thanks for any advice.

ASKER CERTIFIED SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

As Dariusg mentions, you'll want to make sure that your DHCP scope is handing out the appropriate DNS server. If you open DHCP on the 2008 server and check your Scope Options, Option 006 should only have the new server listed for DNS. If the old server is listed, any clients that pull DHCP will try to contact the old server for DNS lookups. You'll also want to make sure the new server is pointing to itself for DNS in the Network Adapter's configuration.

Look at the ipconfig /all see what the DHCP server IP address is. Make sure you don't have another DHCP server running on the network

ASKER

These are the ipconfig results. NOTE: If I run ipcoinfig /flushdns and ipconfig /registerdns the dns gets changed to the correct server.

Old 2003 Server: compare1 (192.168.0.6)
New 2008 Server: compcare3 (192.168.0.5)

Windows IP Configuration
Host Name . . . . . . . . . . . . : TTS002
Primary Dns Suffix . . . . . . . : compcare.ad
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : compcare.ad
compcare.ad

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : compcare.ad
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
Physical Address. . . . . . . . . : 00-23-7D-C6-73-BC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.58
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.5
DNS Servers . . . . . . . . . . . : 192.168.0.6
Primary WINS Server . . . . . . . : 192.168.0.6
Lease Obtained. . . . . . . . . . : Friday, November 19, 2010 2:48:24 PM
Lease Expires . . . . . . . . . . : Saturday, November 27, 2010 2:48:24 PM

ASKER

These are the dcdiag results:

Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = COMPCARE3
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Connectivity
......................... COMPCARE3 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Advertising
Warning: DsGetDcName returned information for \\compcare1.compcare.ad,
when we were trying to reach COMPCARE3.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... COMPCARE3 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE3 failed test FrsEvent
Starting test: DFSREvent
......................... COMPCARE3 passed test DFSREvent
Starting test: SysVolCheck
......................... COMPCARE3 passed test SysVolCheck
Starting test: KccEvent
......................... COMPCARE3 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... COMPCARE3 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... COMPCARE3 passed test MachineAccount
Starting test: NCSecDesc
......................... COMPCARE3 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\COMPCARE3\netlogon)
[COMPCARE3] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... COMPCARE3 failed test NetLogons
Starting test: ObjectsReplicated
......................... COMPCARE3 passed test ObjectsReplicated
Starting test: Replications
......................... COMPCARE3 passed test Replications
Starting test: RidManager
......................... COMPCARE3 passed test RidManager
Starting test: Services
......................... COMPCARE3 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:05:38
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:09:43
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:10:55
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:11:07
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:19:17
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:34:32
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:34:32
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:34:43
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:48:23
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/19/2010 15:48:23
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the

Conflict state.
An error event occurred. EventID: 0x00000457
Time Generated: 11/19/2010 16:01:24
Event String:
Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 11/19/2010 16:01:25
Event String:
Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 11/19/2010 16:01:26

Event String:

Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.

......................... COMPCARE3 failed test SystemLog

Starting test: VerifyReferences

......................... COMPCARE3 passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation
......................... DomainDnsZones passed test

CrossRefValidation

Running partition tests on : Schema

Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration

Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : compcare

Starting test: CheckSDRefDom
......................... compcare passed test CheckSDRefDom

Starting test: CrossRefValidation
......................... compcare passed test CrossRefValidation

Running enterprise tests on : compcare.ad

Starting test: LocatorCheck
......................... compcare.ad passed test LocatorCheck

Starting test: Intersite
......................... compcare.ad passed test Intersite

Your lease was obtained earlier in the day.

Check your DHCP scope make sure you have the correct DNS setting for DNS
DHCP Server . . . . . . . . . . . : 192.168.0.5

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Scope for dhcp is:
006 DNS Server Standard 192.168.0.5

ASKER

Where do I get nbstat?

Should be a command already there.

ASKER

Oops, I missed the first "t" in nbtstat...

Local Area Connection:
Node IpAddress: [192.168.0.4] Scope Id: []

NetBIOS Local Name Table

Name Type Status
---------------------------------------------
COMPCARE3 <00> UNIQUE Registered
COMPCARE <1C> GROUP Registered
COMPCARE <00> GROUP Registered
COMPCARE3 <20> UNIQUE Registered
COMPCARE <1B> UNIQUE Registered
COMPCARE <1E> GROUP Registered
COMPCARE <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered

Local Area Connection 2:
Node IpAddress: [192.168.0.5] Scope Id: []

NetBIOS Local Name Table

Name Type Status
---------------------------------------------
COMPCARE3 <00> UNIQUE Registered
COMPCARE <1C> GROUP Registered
COMPCARE <00> GROUP Registered
COMPCARE3 <20> UNIQUE Registered
COMPCARE <1B> UNIQUE Registered
COMPCARE <1E> GROUP Registered

ASKER

I have two NICs in the new server. 192.168.0.4 and .5. I was using .5 as the DNS, DHCP, etc..

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Thanks acbrown2010, do you recommend turning one off?

Also, is this the root of the problem I am experiencing?

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Ok, I will disable tonight during off hours.

What results should I look for? Should I run nbtstat, etc..?

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

About ths same results.....

Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = COMPCARE3
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Connectivity
......................... COMPCARE3 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Advertising
Warning: DsGetDcName returned information for \\compcare1.compcare.ad,
when we were trying to reach COMPCARE3.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... COMPCARE3 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE3 failed test FrsEvent
Starting test: DFSREvent
......................... COMPCARE3 passed test DFSREvent
Starting test: SysVolCheck
......................... COMPCARE3 passed test SysVolCheck
Starting test: KccEvent
......................... COMPCARE3 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... COMPCARE3 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... COMPCARE3 passed test MachineAccount
Starting test: NCSecDesc
......................... COMPCARE3 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\COMPCARE3\netlogon)
[COMPCARE3] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... COMPCARE3 failed test NetLogons
Starting test: ObjectsReplicated
......................... COMPCARE3 passed test ObjectsReplicated
Starting test: Replications
......................... COMPCARE3 passed test Replications
Starting test: RidManager
......................... COMPCARE3 passed test RidManager
Starting test: Services
......................... COMPCARE3 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00010DF
Time Generated: 11/22/2010 20:57:39
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

An error event occurred. EventID: 0xC00010DF
Time Generated: 11/22/2010 21:23:24
Event String:
A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
......................... COMPCARE3 failed test SystemLog
Starting test: VerifyReferences
......................... COMPCARE3 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : compcare
Starting test: CheckSDRefDom
......................... compcare passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... compcare passed test CrossRefValidation
Running enterprise tests on : compcare.ad
Starting test: LocatorCheck
......................... compcare.ad passed test LocatorCheck
Starting test: Intersite
......................... compcare.ad passed test Intersite

ASKER

I also added shares for SYSVOL and NETLOGON

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Hello Dariusg,

I went through the steps in the link. I then reran DCPROMO to make the new server (2008) a DC and it gave me the following messge:
------
A delegation for this dns server cannot be created because the authoitative parent zone cannot be found or it does not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "compcare.ad". Otherwise, no action is required.
Do you want to continue?
-----

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Hello dariusg,

I ran another diagdc and these are the results.. I see compare1 (the old server) mentioned several times. Is that a problem?
My network appears to be ok but I am concerned my DNS properties and LogonServer info is still and issue.

Tony

---------

Directory Server Diagnosis

Performing initial setup:

Trying to find home server...

Home Server = COMPCARE3

* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\COMPCARE3

Starting test: Connectivity

......................... COMPCARE3 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\COMPCARE3

Starting test: Advertising

Warning: DsGetDcName returned information for \\compcare1.compcare.ad,

when we were trying to reach COMPCARE3.

SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

......................... COMPCARE3 failed test Advertising

Starting test: FrsEvent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.
......................... COMPCARE3 passed test FrsEvent

Starting test: DFSREvent

......................... COMPCARE3 passed test DFSREvent

Starting test: SysVolCheck

......................... COMPCARE3 passed test SysVolCheck

Starting test: KccEvent

......................... COMPCARE3 passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... COMPCARE3 passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... COMPCARE3 passed test MachineAccount

Starting test: NCSecDesc

......................... COMPCARE3 passed test NCSecDesc

Starting test: NetLogons

Unable to connect to the NETLOGON share! (\\COMPCARE3\netlogon)

[COMPCARE3] An net use or LsaPolicy operation failed with error 67,

The network name cannot be found..

......................... COMPCARE3 failed test NetLogons

Starting test: ObjectsReplicated

......................... COMPCARE3 passed test ObjectsReplicated

Starting test: Replications

......................... COMPCARE3 passed test Replications

Starting test: RidManager

......................... COMPCARE3 passed test RidManager

Starting test: Services

......................... COMPCARE3 passed test Services

Starting test: SystemLog

An error event occurred. EventID: 0x00000457

Time Generated: 11/30/2010 11:21:23

Event String:

Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 11/30/2010 11:21:26

Event String:

Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 11/30/2010 11:21:28

Event String:

Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.

......................... COMPCARE3 failed test SystemLog

Starting test: VerifyReferences

......................... COMPCARE3 passed test VerifyReferences

Running partition tests on : ForestDnsZones

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... ForestDnsZones passed test

CrossRefValidation

Running partition tests on : DomainDnsZones

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation

Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation

Running partition tests on : compcare

Starting test: CheckSDRefDom

......................... compcare passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... compcare passed test CrossRefValidation

Running enterprise tests on : compcare.ad

Starting test: LocatorCheck

......................... compcare.ad passed test LocatorCheck

Starting test: Intersite

......................... compcare.ad passed test Intersite

If the old server is not working you need to run metadata cleanup to remove any objects for this failed DC

ASKER

The old server is running. In fact when I turn it down there are network issues. From the note above there are advertising issues as repeated below. What do I do to address these items?

Warning: DsGetDcName returned information for \\compcare1.compcare.ad,
when we were trying to reach COMPCARE3.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... COMPCARE3 failed test Advertising

Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE3 passed test FrsEvent

Did you disable the second NIC?

Post ipconfig /all

ASKER

OOPS, I see that my DNS is 192.168.0.6 and it should be .5. It is setup this way in the network configuration. I thought I had changed it. I will change it and reboot tonight. Any other thougths?

Windows IP Configuration

Host Name . . . . . . . . . . . . : COMPCARE3
Primary Dns Suffix . . . . . . . : compcare.ad
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : compcare.ad

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC326i PCIe Dual Port Gigabit Server Adapter #2
Physical Address. . . . . . . . . : D8-D3-85-5E-FF-75
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.6
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7AF2421B-19EC-4CC8-B10F-EC71AED3175F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Go to Network Connections click Advance Settings make sure IPv4 is listed first in the binding order

Remove 127.0.0.1 as well

ASKER

I have changed the DNS and remove the 127.0.0.1
There are more errors base don the DCDIAG. Below are the IPCONFIG /all and DCDIAG.

----------------

Directory Server Diagnosis

Performing initial setup:

Trying to find home server...

Home Server = COMPCARE3

* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\COMPCARE3

Starting test: Connectivity

......................... COMPCARE3 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\COMPCARE3

Starting test: Advertising

Warning: DsGetDcName returned information for \\compcare1.compcare.ad,

when we were trying to reach COMPCARE3.

SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

......................... COMPCARE3 failed test Advertising

Starting test: FrsEvent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.
......................... COMPCARE3 passed test FrsEvent

Starting test: DFSREvent

......................... COMPCARE3 passed test DFSREvent

Starting test: SysVolCheck

......................... COMPCARE3 passed test SysVolCheck

Starting test: KccEvent

......................... COMPCARE3 passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... COMPCARE3 passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... COMPCARE3 passed test MachineAccount

Starting test: NCSecDesc

......................... COMPCARE3 passed test NCSecDesc

Starting test: NetLogons

Unable to connect to the NETLOGON share! (\\COMPCARE3\netlogon)

[COMPCARE3] An net use or LsaPolicy operation failed with error 67,

The network name cannot be found..

......................... COMPCARE3 failed test NetLogons

Starting test: ObjectsReplicated

......................... COMPCARE3 passed test ObjectsReplicated

Starting test: Replications

......................... COMPCARE3 passed test Replications

Starting test: RidManager

......................... COMPCARE3 passed test RidManager

Starting test: Services

......................... COMPCARE3 passed test Services

Starting test: SystemLog

An error event occurred. EventID: 0xC0001B58

Time Generated: 12/10/2010 05:24:17

Event String:

The Diagnostic Service Host service failed to start due to the following error:

A warning event occurred. EventID: 0x000003F6

Time Generated: 12/10/2010 05:32:47

Event String:

Name resolution for the name _ldap._tcp.dc._msdcs.compcare.ad timed out after none of the configured DNS servers responded.

A warning event occurred. EventID: 0x8000001D

Time Generated: 12/10/2010 05:32:53

Event String:

The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.

A warning event occurred. EventID: 0x00000C18

Time Generated: 12/10/2010 05:32:56

Event String:

The primary Domain Controller for this domain could not be located.

An error event occurred. EventID: 0x0000041F

Time Generated: 12/10/2010 05:32:58

Event String:

The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:

A warning event occurred. EventID: 0x00002724

Time Generated: 12/10/2010 05:33:26

Event String:

This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.

A warning event occurred. EventID: 0x000003F6

Time Generated: 12/10/2010 05:33:46

Event String:

Name resolution for the name compcare.ad timed out after none of the configured DNS servers responded.

An error event occurred. EventID: 0x00000423

Time Generated: 12/10/2010 05:33:53

Event String:

The DHCP service failed to see a directory server for authorization.

An error event occurred. EventID: 0xC0001B58

Time Generated: 12/10/2010 05:33:52

Event String:

The USBDLM service failed to start due to the following error:

An error event occurred. EventID: 0xC00038D6

Time Generated: 12/10/2010 05:34:06

Event String:

The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.

An error event occurred. EventID: 0x00000423

Time Generated: 12/10/2010 05:34:07

Event String:

The DHCP service failed to see a directory server for authorization.

An error event occurred. EventID: 0xC0003A9E

Time Generated: 12/10/2010 05:34:38

Event String:

Owner of the log file or directory C:\inetpub\logs\LogFiles\W3SVC4\u_ex101210.log is invalid. This could be because another user has already created the log file or the directory.

An error event occurred. EventID: 0xC0003A9E

Time Generated: 12/10/2010 05:34:58

Event String:

Owner of the log file or directory C:\inetpub\logs\LogFiles\W3SVC3\u_ex101210.log is invalid. This could be because another user has already created the log file or the directory.

An error event occurred. EventID: 0xC0003A9E

Time Generated: 12/10/2010 05:39:18

Event String:

Owner of the log file or directory C:\inetpub\logs\LogFiles\W3SVC1\u_ex101210.log is invalid. This could be because another user has already created the log file or the directory.

......................... COMPCARE3 failed test SystemLog

Starting test: VerifyReferences

......................... COMPCARE3 passed test VerifyReferences

Running partition tests on : ForestDnsZones

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... ForestDnsZones passed test

CrossRefValidation

Running partition tests on : DomainDnsZones

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation

Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation

Running partition tests on : compcare

Starting test: CheckSDRefDom

......................... compcare passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... compcare passed test CrossRefValidation

Running enterprise tests on : compcare.ad

Starting test: LocatorCheck

......................... compcare.ad passed test LocatorCheck

Starting test: Intersite

......................... compcare.ad passed test Intersite

-------------------------------

Windows IP Configuration

Host Name . . . . . . . . . . . . : COMPCARE3
Primary Dns Suffix . . . . . . . : compcare.ad
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : compcare.ad

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC326i PCIe Dual Port Gigabit Server Adapter #2
Physical Address. . . . . . . . . : D8-D3-85-5E-FF-75
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.5
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7AF2421B-19EC-4CC8-B10F-EC71AED3175F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

You should be pointing to another existing DC for DNS since this server is still not fully functioning as a DC

ASKER

Sorry for being away so long. Ok but doesn't that defeat the purpose. To recap... I am trying to replace the old server compcare1 with compcare3. I only have one server that I want to be the DNS, PDC, DHCP, etc... I have not demoted the old server. Any suggestions on what to do next?

Thanks, Tony

Post dcdiag from both servers

ASKER

POSTING...

COMPCARE 1 (OLD SERVER FIRST)
--------------------------------------------------------------------------------------------------------------------
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\COMPCARE1
Starting test: Connectivity
......................... COMPCARE1 passed test Connectivity
Doing primary tests

Testing server: Default-First-Site-Name\COMPCARE1
Starting test: Replications
......................... COMPCARE1 passed test Replications
Starting test: NCSecDesc
......................... COMPCARE1 passed test NCSecDesc
Starting test: NetLogons
......................... COMPCARE1 passed test NetLogons
Starting test: Advertising
......................... COMPCARE1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... COMPCARE1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... COMPCARE1 passed test RidManager
Starting test: MachineAccount
......................... COMPCARE1 passed test MachineAccount
Starting test: Services
......................... COMPCARE1 passed test Services
Starting test: ObjectsReplicated
......................... COMPCARE1 passed test ObjectsReplicated
Starting test: frssysvol
......................... COMPCARE1 passed test frssysvol
Starting test: frsevent
......................... COMPCARE1 passed test frsevent
Starting test: kccevent
......................... COMPCARE1 passed test kccevent
Starting test: systemlog
......................... COMPCARE1 passed test systemlog
Starting test: VerifyReferences
......................... COMPCARE1 passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : compcare
Starting test: CrossRefValidation
......................... compcare passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... compcare passed test CheckSDRefDom

Running enterprise tests on : compcare.ad
Starting test: Intersite
......................... compcare.ad passed test Intersite
Starting test: FsmoCheck
......................... compcare.ad passed test FsmoCheck

COMPCAR3 (NEW SERVER)
---------------------------------------------------------------------------------------------------------------------------

Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = COMPCARE3
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Connectivity
......................... COMPCARE3 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Advertising
Warning: DsGetDcName returned information for \\compcare1.compcare.ad,
when we were trying to reach COMPCARE3.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... COMPCARE3 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE3 passed test FrsEvent
Starting test: DFSREvent
......................... COMPCARE3 passed test DFSREvent
Starting test: SysVolCheck
......................... COMPCARE3 passed test SysVolCheck
Starting test: KccEvent
......................... COMPCARE3 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... COMPCARE3 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... COMPCARE3 passed test MachineAccount
Starting test: NCSecDesc
......................... COMPCARE3 passed test NCSecDesc
Starting test: NetLogons
......................... COMPCARE3 passed test NetLogons
Starting test: ObjectsReplicated
......................... COMPCARE3 passed test ObjectsReplicated
Starting test: Replications
......................... COMPCARE3 passed test Replications
Starting test: RidManager
......................... COMPCARE3 passed test RidManager
Starting test: Services
......................... COMPCARE3 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000457
Time Generated: 12/17/2010 14:45:42
Event String:
Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 12/17/2010 14:45:43
Event String:
Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 12/17/2010 14:46:03
Event String:
Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.
......................... COMPCARE3 failed test SystemLog
Starting test: VerifyReferences
......................... COMPCARE3 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : compcare
Starting test: CheckSDRefDom
......................... compcare passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... compcare passed test CrossRefValidation
Running enterprise tests on : compcare.ad
Starting test: LocatorCheck
......................... compcare.ad passed test LocatorCheck
Starting test: Intersite
......................... compcare.ad passed test Intersite

dcdiag /test:advertising DC name

Took backup of the policies and script folders from both the servers from c:\Windows\Sysvol\domain
Stopped NTFRS service on both DCs.
Made one of the DC authoritative server by modifying registry setting : Navigate to registry HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D4. This should be done with server which has the Updated information available or correct data.
Went to other DC and made that Non-authoritative by navigating to same registry location HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D2.
Restarted Ntfrs service on both servers and forced replication to see event 13516 in event viewer for FRS.

ASKER

Ok, I went to both servers and without stopping any services I looked at the registery entry defined above. Both have a decimal value of 0 (zero). In following the instructions above, to be explcit, do you mean to set the decimal value to 4 and 2 respectively, Or by setting values to "D4" and "D2"?

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Thanks dariusg for helping, I will not be able to get back to this server until during the new year. I don't want this to become inactive I just cannot get to these servers because of customer requirements. Talk to you soon.

Sounds good

ASKER

Hello dariusg, I think I may have some time tomorrow afternoon to work on the system as the office is leaving early. In reviewing the old server that I want to shutdown (compcare1) I noticed in eventvwr the following errors:

Event ID: 40960 Source LSASRV The Security System detected an authentication error for the server DNS/compcare3.compcare.ad. The failure codde from authentication protocol Kerberos was "There are currently no logon servers availalbe to service the logon request"

Event ID: 40960 Source: LSASRV The security system detected and authentication error for the server ldapt/Compcare1. The failure code from authentication protocol Kerberos was " There are currently no logon servers availbable to servicethe logon request"

Event ID: 490960 Source LSASRV The security system detected and authentication error for the server cifs/compcare.ad. The failure code from authentication protocol Kerberos was " There are currently no logon servers availbable to servicethe logon request"

Event ID: 20 Source KDC The curently selected KDC certificate was once valid but now is invalid and no suitable replacement was found. Smartcard logon may not function correctly if the problem is not remedied. Have the system administrator check on the state of the domain's public key infrastructure. The chain status is in the error data.

Is this useful info?

Well saying that there are no logon servers could be a couple of reasons

ASKER

Should I retreat and start over? At the beggining of this problem you had steps....

your comments on 11/23
-----------
There is still a system with the same name. You are going to have to demote the repromote the server
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

If you have other working DCs then I would just demote

ASKER

If I had to, I could always restore from an image prior to these changes. Ultimately I just want the new server... any way to short cut this?

Well you don't want to restore a image of a DC if there are more then one DC

ASKER

Ok, should I start at setting registery settings to D2 and D4 as stated in the 12/17 notes?

Yes you can proceed with that option

ASKER

I have access to servers now and can update...

ok, I did this and on compcare1, the old server, which had the correct information has good readings with DCDIAG, except for the frsevent, that it has had problems within the last 24 hours. The error is replicating sysvol.

I also check compcare3, the new server that I want to move to..., it still has the problems with advertising, frsevents and netlogon.

Compcare1's event log shows replciation successful except this error in the event log:
Event Type:      Warning
Event Source:      NtFrs
Event Category:      None
Event ID:      13508
Date:            12/31/2010
Time:            12:42:47 PM
User:            N/A
Computer:      COMPCARE1
Description:
The File Replication Service is having trouble enabling replication from COMPCARE3 to COMPCARE1 for c:\windows\sysvol\domain using the DNS name COMPCARE3.compcare.ad. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name COMPCARE3.compcare.ad from this computer.
[2] FRS is not running on COMPCARE3.compcare.ad.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: ba 06 00 00 º...

ASKER

Interesting, sysvol directory on compcare3 does not have all the contents that compare1 has, should I manually copy?

No go through the burflag method

ASKER

ok, kept trying and it would not work. See Warning in Event log 13508. Tried to resolve each server from the other server and found that when I try to ping compcare3 from compcare1 with the full name, compcare3.compcare.ad, it returns the IP address of the 2nd NIC card we disabled.... AHH HA.

How do I change he resolution on this name to resolve to the proper ip address?

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Ok, did all of the above tasks and this is what dcdiag provides now.. only the FAILURES and test with messages are included.
===============================================
COMPCARE3 (NEW DC)
Doing primary tests
Testing server: Default-First-Site-Name\COMPCARE3
Starting test: Advertising
Warning: DsGetDcName returned information for \\compcare1.compcare.ad,
when we were trying to reach COMPCARE3.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... COMPCARE3 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE3 passed test FrsEvent
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\COMPCARE3\netlogon)
[COMPCARE3] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... COMPCARE3 failed test NetLogons------------------------------------------

==========================================================
COMPCARE1 (OLD DC)
Starting test: frssysvol
......................... COMPCARE1 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... COMPCARE1 failed test frsevent
Starting test: kccevent

Still have issues with DNS it seems

http://support.microsoft.com/kb/947022

ASKER

still having issues, will be in on Friday 1/7/11 to address issue further.

ASKER

In sum, having two NICs when making the system a domain controller makes configurations and problems solving confusing. I had to enable the second nic to work through the problems. Once I did that and removed all bindings and disabled the NIC I started over.

Remove the NIC after I already had it binded and within configrations it causes havoc when I disabled it.

I believe it would be a best practice to get all the DC, DNS, etc.. setup prior to rolling the applications on it so that you can manage the migration better. Putting the apps on it first prohibits you from troubleshooting during normal business hours.