• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 828
  • Last Modified:

SBS2011 migration going badly

This could be getting ugly.  I am migrating a SBS 2003 to SBS 2011, which appears to be going through the motions fairly well, and is now at the point where it is time to start turning off the old server.  BUT...  When I add a new user to the network using the SBS console, the user does not appear in active directory users and computers, nor does it create a malbox for the user.  Still looking for the log file for more info on that, but the user can log in!  I have looked for the new user on both the old and new server thinking it might be a replication thing, and in every folder visible in ADUC. I am unable to add a mailbox to the new user manually as wizard is unable to see the user to attach the mailbox to.  I also discovered that when the old server is turned off, nobody can log in at all.  Verified that DNS points to new server primary and old server secondary.  
0
billherde
Asked:
billherde
  • 8
  • 4
  • 2
  • +1
4 Solutions
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Did the Migration Mode OS install come up with the green check after it completed?

Was the Source Prep tool used on the source before the MM OS SBS 2011 install?

Philip
0
 
AustinComputerLabsCommented:
Did you do a migration install using an answer file created on the old server?
0
 
billherdeAuthor Commented:
Migration checks came up green across the board, and yes the answer file was created on the old server.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
billherdeAuthor Commented:
Yes prep tool was completed also.
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Did you run the SBS BPA on the source?

Is AD in Journal Wrap (in logs).

Philip
0
 
AustinComputerLabsCommented:
Did the migration put the users into the SBS Users OU?
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
While SBS 2008 this gives you the OU structure:

http://blog.mpecsinc.ca/2009/03/sbs-2008-mpecs-default-group-policy.html

Philip
0
 
billherdeAuthor Commented:
SBS BPA ran OK, and migration went through as I would have expected.  Email moved, FSMO moved, and current users moved into the SBS users folder.  It actually appeared to be all good until I started doing those just in case checks.
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Did you give the new admin account a real name (created before running the Migration Wizard) and a long pass phrase?

Philip
0
 
billherdeAuthor Commented:
Admin account had been renamed long ago with complex password.  Going offsite now, back in an hour.
0
 
ccnsCommented:
sounds like you need to manually move the FSMO roles to the new server. As if when you turn off the old machine that would suggest this, im on my phone right now so cant post a link.
Will try from memory,
moving ridmaster,pdc and inf master. Goto ad users and computers, right click domain and select operation masters role, to move to other server you will need to do this on the new pdc.
For the other two roles: schema and domain naming... Ad domains and trusts.... Same process.
Hope it helps
0
 
billherdeAuthor Commented:
So far it seems my first hunch is where it is leading.  User is not appearing in ADUC on either server, AND replication is failing between them, with a warning instead of an error. (why would something of this much importance only flag a warning???)  So far, have found one extra DNS entry for the new server pointing to the wrong place, Server IP had been changed to accommodate remote users that have hard coded host files for use across VPN, and new server was claiming invalid time zone. Rebooting both servers now and then lets look at FRS event log again.
0
 
billherdeAuthor Commented:
Still no replication happening.  Both DCs think FSMO are where they should be.  DS event log has a new error "the server is the owner of the FSMO role but does not consider it valid."  Proceeding with FSMO seize.  All 5 roles reported status of role could not be determined.  Seize completed OK.  Still no DS repl.  Attempt manual repl returns error "server is currently rejecting replication requests"  DCdiag reports "Replication has been explicitly disabled through server options" This looks like default SBS configuration, perhaps prep tool didn't do something?  repadmin /replicate /force suceeded, and the new user has appeared in ADUC!  Yay!  Still looking for how to enable repl as it is still not working and repadmin /options -disable_outbound_repl is not fixing it.
0
 
billherdeAuthor Commented:
Found it.  Syntax error,  should be 'repadmin /options {DC} -disable_outbound_repl' then repadmin /options {DC} -disable_inbound_repl'.  Moral of the story, Not all warnings can be ignored when checking event logs.
0
 
billherdeAuthor Commented:
CCNS was on the right track, but it was much deeper than expected.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 8
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now