2008 Domain controller in 2003 environment. Renamed. Issues with replication, netlogons and services

After standing up a domain controller for an external site here at out headquarters, I deliverd it to a remote site and bound it to the new IPs there.  There were network access issues, which I belive have been resolved, but they were in place during a critical point in the setup:  I had to rename the domain controller to conform to our naming convention.  Now we are experiencing issues with the DC.  When I run a DCDiag it throw these 3 errors


=================================================
Starting test: NetLogons
         [NEWDCNAME] User credentials does not have permission to perform this operation. The account used for this test must have network logon privileges for this machine's domain.
         ......................... NEWDCNAME failed test NetLogons
====================================================================
Starting test: Replications
         [Replications Check,NEWDCNAME] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105 "Replication access was denied."
         ......................... NEWDCNAME failed test Replications
====================================================================
Starting test: Services
         Could not open NTDS Service on NEWDCNAME, error 0x5
            "Access is denied."
         ......................... NEWDCNAME failed test Services
====================================================================

I have found one piece of info that is critical to the problem: inside ADSI under the Domain Controllers OU in the Domain Controller's CN=NEWDCNAME\CN=NTFRS\CN=Domain System Volume (classis  nTFRSSubscriber) the following value is present:

fRSMemberReference  CN=OLDDCNAME ,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=medassurant,DC=local
 

And I cannot edit the value. . . .well I can edit it, but when I try to save it the following error pops

 
 Error
Anyone have a good handle on how I can gracefully fix this situation?  I'd rather not DCpromo remove and re-add it, if there is a cleaner way to do this.

LVL 2
MedassurantAsked:
Who is Participating?
 
Darius GhassemCommented:
Did you go through these steps to rename the Domain Controller?

http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm

If you didn't then what I recommend is demoting this server. Run metadata cleanup to make sure all lingering objects from failed DC are removed. Once you have done this you can proceed with the repromotion
0
 
MedassurantAuthor Commented:
We actually found adding an IPv6 Binding again to the nic spurred replication. Strange but true.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.