Solved

Problems with two domain controllers on the same subnet

Posted on 2011-03-25
8
601 Views
Last Modified: 2012-05-11
We are lighting up a new domain controller in the same subnet as the existing one.  The existing one is windows 2000 and the new one is windows 2008 std.  Since there is no migration path and exchange is not involved we are doing a detach and re-attach.

DHCP is provided by domainA and the router is a sonicwall (not using DHCP).

The old server's domain is "domainA" and the new one is "domainA.local".

It's not our normal practice to use the same name in a server upgrade so we know that we should have used "domainB.local"

the problem we're having is that when we shut down DHCP on domainA and bring it up on domainB (same scope) and domainB's DHCP service has DNS for both controllers- clients still on domainA that haven't been cut-over can't login.

From what I have read, domainA is different from domainA.local.  Can anyone confirm this?  I'm trying to rule out some kind of AD name conflict and focus on DHCP/DNS issues, or is the problem actually that the names are not unique.





0
Comment
Question by:365techca
  • 4
  • 3
8 Comments
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35220049
I have not had this exact issue but I do know that the Netbios name or short name for "domain.local" is "domain".
It does sound like a dns issue in general.
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35220056
If both DHCP servers new and old have the same scope how are you dealing with the potential for duplicate leases arising from old leases being the same IP as new leases?
0
 

Author Comment

by:365techca
ID: 35220067
@austincomputerlabs: we're not. we're shutton down DNS on domainA and starting it on domainB.  There's only one DHCP in use at a given time on this subnet
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35220081
The following part of your question:
the problem we're having is that when we shut down DHCP on domainA and bring it up on domainB (same scope) and domainB's DHCP service has DNS for both controllers- clients still on domainA that haven't been cut-over can't login.

did you mean DNS instead of "we shut down DHCP on domainA"
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:365techca
ID: 35220095
Nope- I meant DHCP - but I see where you're going with this.  I'll give that a try...
0
 
LVL 3

Accepted Solution

by:
gilm0079 earned 500 total points
ID: 35223038
I would recommend this while you are doing the transition.  Use DHCP on domain B only.  Build a scope for DomainA computers and one for Domain B computers.  In the scope options for each point domain A's DNS to DNS on the domain A DNS server and in the scope options for Domain B point domain B's DNS to the domain B DNS server.  

I think would be the best way to solve your problem.  A and B computers will need to talk to the correct DCs to get authentication.  DC/auth discovery comes from SRV and other DNS records.  
0
 

Author Comment

by:365techca
ID: 35223374
@glim0079

I did something similar - but thank you.  I used DHCP on domainB only and I added domainA's IP address as a DNS entry in the scope so clients on domainA could find it.  Then I disabled DHCP on domainA and make sure clients could still login.

Then I dropped clients to workgroups and re-added them to domainB.  I know this works because I used domainB.local (where the old domainA used netbios name and not a .local on it's DNS).  I also have different admin accounts so I could be sure I was rightly connecting to the correct server.
0
 

Author Closing Comment

by:365techca
ID: 35223379
thanks!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now