Solved

A Global catalog server cannot be found

Posted on 2011-02-24
12
2,031 Views
Last Modified: 2012-05-11
I am just getting ready to finalize the promotion of a Windows 2008 R2 server and demotion/removal of an SBS 2003 server. The 2008 server has been promoted to DC with GC, has had all 5 FSMO roles transferred to it, and has had all files and programs transferred to it. The SBS 2003 server is ready to be demoted and moved, but when I run dcpromo, it tells me that there is not another domain controller in the domain. I used server 2003 support tools to run dcdiag, the FSMO check fails and it tells me that all GCs are down, and that the PDC holder is down. The error looks like this:

 Starting test: FsmoCheck
    Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
    A Global Catalog Server could not be located - All GC's are down.
    Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
    A Time Server could not be located.
    The server holding the PDC role is down.
    Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 135

    A Good Time Server could not be located.
    ......................... mydomain.local failed test FsmoCheck

DNS is all pointing to the new 2008 server and appears to be working fine. Here is the ipconfig/all output:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : NEWSERVER
   Primary Dns Suffix  . . . . . . . : mydomain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : mydomain.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : 84-2B-2B-70-99-82
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4c11:fdef:3b0f:ec08%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.16.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.16.254
   DHCPv6 IAID . . . . . . . . . . . : 243542827
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-AE-23-8E-84-2B-2B-70-99-82

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.16.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2A69DE0D-FB1C-4424-B247-0445486A6418}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


Replication between the two servers also appears to be fine according to replmon.

 I'm not sure what to do here. Should I just proceed with the SBS 2003 demotion and hope that I can fix it? Is there some way to fix the global catalog issue?
0
Comment
Question by:Armet
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 34972091
Hi,

check from Windows Server 2008 side, if you run dcdiag do you get the same message.

this could also be due to replication issue

check with the following switch
repadmin /replsummary

if issues found force replication using repadmin /syncall

if no issues then use active directory sites and services, uncheck GC check from ntds settings reboot reapply reboot .... take a coffee brk...make a prayer... check again :)

0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34972275
Is the SYSVOL shared on the 2008 DC?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34972363
Your SBS server will complain about this if you are moving to Windows 2008 Server since SBS wants to be the FSMO role holder this is a common error you can move forward
0
 

Author Comment

by:Armet
ID: 34972967
I checked the replsummary and all was well. I'll redo the global catalog settings and restart in a little bit and see if that helps. The SYSVOL folder is NOT shared on the 2008 DC. Should it be?
0
 

Author Comment

by:Armet
ID: 34972995
I was considering just moving forward as snusgubben suggested, but I wanted to check and see if it was fixable first. I'm afraid that will cause some problems for me in the future. One thing that did seem weird to me- when I moved the Schema Master role, I had to do it from the 2008 DC. The SBS server did not have the active directory schema available as a snap-in on MMC. Might not be related at all, just seemed weird to me.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 34973107
SYSVOL should be shared

Go through burflag if your sysvol is not shared.

Take backup of the policies and script folders from both the servers from c:\Windows\Sysvol\domain
Stopped NTFRS service on both DCs.
make one of the DC authoritative server by modifying registry setting : Navigate to registry HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D4. This should be done with server which has the Updated information available or correct data.
G to other DC and made that Non-authoritative by navigating to same registry location HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D2.
Restarted Ntfrs service on both servers and forced replication to see event 13516 in event viewer
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 34973528
Before doing sysvol rebuild. Manually give the permissions by comparing the other DC sysvol  permission.
Then test.
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34973531
I would try an non-authoritative approach first. Set the Burflags to D2 on the DC missing the SYSVOL share and restart the ntfrs service.

This will only work if the other DC is sharing its SYSVOL.

0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 34973748
I see this all the time when the new server was not added to the SBS server as a second DNS. Part of the dcpromo process is checking for other servers (since DNS is AD integrated) and it falls over. Make sure SBS is using the new server for all DNS queries (and *only* the new server) and you will probably see this issue go away.

-Cliff
0
 

Author Comment

by:Armet
ID: 34981431
Replicated the sysvol permissions and changed the burflags registry settings. Still had the same issues. The old server is and has been set to use the new server and only the new server for DNS queries. The weird thing is that when the old SBS server was rebooting, everything seemed to work ok. Exchange was not working, then the old server was rebooted and it came back up.  The old server got stuck while restarting and is now in a vegetative state, and things are working. I think I'm going to try and get the old server back up for long enough to dcpromo it, and get rid of it forcibly if need be.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34981442
Sounds good
0
 

Author Closing Comment

by:Armet
ID: 34997344
FRS wasn't able to replicate sysvol because it wasn't shared.  After creating the shares manually and reseting the burflags it replicated fine and lots of strange errors disappeared.

Thanks for all the diagnostic help everyone (and especially dariusg)
0

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now