Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Migration to Server 2008R2 results in major problems

Posted on 2011-09-21
16
Medium Priority
?
245 Views
Last Modified: 2012-06-21
I am experiencing some serious prolems with my new 2008R2 server.

I have an existing domain with one Server 2003.

I was suppose to get rid of this and put in the new server as only server in the domain.

I have done the following tasks:

- I raised domain functional level on the 2003 server to 2003 level.
- I ran ADPREP32.EXE from the 2008 installation dvd with /forestprep and then /domainprep.
- I joined the 2008 server to the domain.
- I installed the DS role
- i install DNS + DHCP role.
- i promoted the server a DC
- I restarted server and confirm replication of SYSVOL and DNS

So far so good!

Unfortunately Im experiencing serious problems with DS and DNS.

My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary?
0
Comment
Question by:Ohmit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 4
  • +1
16 Comments
 
LVL 4

Accepted Solution

by:
dibi earned 736 total points
ID: 36573072
Hi!
What problems are you talking about in detail?
What are the dcdiag results?

If you're experiencing DNS problems, verify DNS resolution is working properly. DNS problems are most likely the reason for AD problems.

Regards!
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 736 total points
ID: 36573076
BTW: One server is too less! If you're forced to run only one server, be sure to have a working backup!
0
 

Author Comment

by:Ohmit
ID: 36573434
Please focus on my question:
"My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary? "
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 724 total points
ID: 36573716
GPPrep is not necessarily needed in your environment.

Run dcdiag post results lets see what is happening
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 736 total points
ID: 36574241
Sorry that it seems I "ignored" GPREP. GPREP is required for migrating to W2k3 only --> this is why it's not of interest for your solution...

DCDIAG is your favourite option now...
0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 540 total points
ID: 36574577
Hi Ohmit,

The /gpprep switch adds inheritable
ACEs to the GPOs in SYSVOL. It was introduced in Windows 2003 for migrations from Windows 2000 domains. You should not need to run it as you are migrating from a Windows 2003 domain, having said that running it now "should not" (I use this term lightly) cause any issues and then you can rule it out as a possible reason for your issues.

Could you possibly be more specific on the issues you are experiencing, with more detail we may be able to better assist with finding a resolution.

Thanks
MW
0
 

Author Comment

by:Ohmit
ID: 36575066
OK Gentlemen :-) I manage to remove one of the major errors.

I have one problem left though.

The DNS fails!

I have installed the DNS Role and can confirm that apparantly this dns is replicating with the dns on the old 2003 DC.

However when i run the Best Practice Analyzer it says the following:
-------------------------------------------------------------------------------------------------------
Issue:
The Active Directory integrated DNS zone _msdcs.ok-snacks.lan was not found.
Impact:
DNS queries for the Active Directory integrated zone _msdcs.ok-snacks.lan might fail.
Resolution:
Restore the Active Directory integrated DNS zone _msdcs.ok-snacks.lan.
--------------------------------------------------------------------------------------------------------

I can confirm that I have the zone _msdcs and furthermore that it looks semilar to the zone on the old dns server.

I have done a backup and reload of the zone with the DNSCMD tool from the old 2003 server to the new 2008.
Still same result

0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 540 total points
ID: 36575298
Hi Ohmit,

Going to play stuck record here. When you say DNS fails, are you meaning that you can do no lookups at all to the new DNS server? It is a long shot and probably has no relevance to your issue but try setting the value od the following Registry key on the new server to 0;
Hklm\system\currentcontrolset\services\dns\parameters\enableglobalqueryblocklist

Tx
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 724 total points
ID: 36575325
Do you have a msdcs.domain.com zone? Do you have msdcs folder under your domain.com zone? Is it grayed out?
0
 

Author Comment

by:Ohmit
ID: 36575497
Ok here you have two screenshots of the dns from both servers.
As you can see they look very much the same DNS on old server 2003 DNS on new server 2008R2
0
 

Author Comment

by:Ohmit
ID: 36575503
whoooops save on disk and open with paint.exe to enhance quality
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 724 total points
ID: 36575528
The best practices can be ignored since you don't have a delegated msdcs zone this will come up. You are good to go
0
 

Author Comment

by:Ohmit
ID: 36575576
hmm well I forgot to mention that the reson why I ran BPA in the first case was that if I change dns under NIC properties IP4 ONLY to point on the itself I get a lot of errors plus 20 min of "Applying settings" during startup.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 724 total points
ID: 36575599
What are the errors?

Run dcdiag /test:dns
0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 540 total points
ID: 36575671
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 736 total points
ID: 36578781
Set the W2k8R2 as primary DNS on both servers. Make sure you have IPv6 on W2k8(R2) activated.
Then try
ipconfig /registerdns

Open in new window

and wait approx 15 min. Watch the event log for errors and post here.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question