bringing Windows 2008 DC back into my Windows 2003 Domain

I have a small home lab and a year or so ago I decommisioned one of my DCs that was running Windows 2008. Yesterday I tried to bring it back. I booted the old server back up and logged it in locally. I tried to rejoin the domain, but I kept getting a DNS error and the server could not even PING the FQDN of my Windows 2003 DC. I mapped the IP to the FQDN of the active DC using the HOSTS file and finally got it on the domain. I was ready to run DCPROMO, but hit a snag. I start out selecting existing domain and the next screen I tell it to use my current login credentials. This is when the problem starts. I get an error "An Active direcotry domain controller could not be reached" I select details and get the following error;

he following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain Jim.Fatima.home:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.Jim.Fatima.home

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

10.0.0.2
10.0.0.12

Is there some kind of DNS entry I need to remove? Any suggestions are welcome,,,thanks
LVL 1
Thor2923Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

wantabe2Commented:
It sounds like this server used to hold a FSMO role. If it was the first DC you had on your LAN & you didn't transfer the roles before demoting it, then this is the case.
Mike KlineCommented:
run dcpromo /forceremoval on your 2008 box that has been offline

 from your current "good" DC do a metadata cleanup for that box that has been offline for over a year

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Did that 2008 box hold any FSMO roles; run

netdom query fsmo > to find your FSMOs

If it held FSMO roles you would seize the roles

Once the metadata cleanup is done you can join the 2008 back to the domain and you can promote it again.

...by the way this is an excellent thing to do and learn in the lab.

Thanks

Mike

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnC_abcCommented:
I am assuming the the 2k3 was the first domain controller installed:

On the 2008 box, for DNS, you should be pointing to IP address of the 2k3 box for DNS resolution.  Also, the 2k3 box should be pointing to itself for DNS, so

IP on 2k3:
IP:10.0.0.2
DNS: 10.0.0.2 (sometimes set to 127.0.0.1 but prefered to be 10.0.0.2)

IP on 2k8:
IP: 10.0.0.10 (or something in the correct range)
DNS 10.0.0.2 (should match IP on 2k3 box)

More info:
AD must be able to write DNS records on a DNS usually the first DC (the 2k3 box); the 2k8 box cannot find those records and therefore can't find the domain.  You may also want to verify on the DNS entries on the 2k3 box that you have these records populating:

Open DNS, expand Forward Lookup Zones, expand your Domain name, you should see at least four folders:_msdcs,_sites,_tcp,_udp.  If you don't see these (and more) I suspect that the above IP info is not right!   If not, set 2k3 dns to point to itself, reboot and verify.  Then attempt dcpromo!
wantabe2Commented:
if u do what mkline says it should fix your issue
Thor2923Author Commented:
Ok this all makes sense now, thanks...I was working on something a year ago and you jarred my memory. I had been hip deep in VMware for the past year, but just got a new job and need to get my basic AD and Windows Server skills back up there....thanks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.