• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

Migration to Server 2008R2 results in major problems

I am experiencing some serious prolems with my new 2008R2 server.

I have an existing domain with one Server 2003.

I was suppose to get rid of this and put in the new server as only server in the domain.

I have done the following tasks:

- I raised domain functional level on the 2003 server to 2003 level.
- I ran ADPREP32.EXE from the 2008 installation dvd with /forestprep and then /domainprep.
- I joined the 2008 server to the domain.
- I installed the DS role
- i install DNS + DHCP role.
- i promoted the server a DC
- I restarted server and confirm replication of SYSVOL and DNS

So far so good!

Unfortunately Im experiencing serious problems with DS and DNS.

My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary?
0
Ohmit
Asked:
Ohmit
  • 5
  • 4
  • 4
  • +1
11 Solutions
 
dibiCommented:
Hi!
What problems are you talking about in detail?
What are the dcdiag results?

If you're experiencing DNS problems, verify DNS resolution is working properly. DNS problems are most likely the reason for AD problems.

Regards!
0
 
dibiCommented:
BTW: One server is too less! If you're forced to run only one server, be sure to have a working backup!
0
 
OhmitAuthor Commented:
Please focus on my question:
"My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary? "
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Darius GhassemCommented:
GPPrep is not necessarily needed in your environment.

Run dcdiag post results lets see what is happening
0
 
dibiCommented:
Sorry that it seems I "ignored" GPREP. GPREP is required for migrating to W2k3 only --> this is why it's not of interest for your solution...

DCDIAG is your favourite option now...
0
 
mwadminCommented:
Hi Ohmit,

The /gpprep switch adds inheritable
ACEs to the GPOs in SYSVOL. It was introduced in Windows 2003 for migrations from Windows 2000 domains. You should not need to run it as you are migrating from a Windows 2003 domain, having said that running it now "should not" (I use this term lightly) cause any issues and then you can rule it out as a possible reason for your issues.

Could you possibly be more specific on the issues you are experiencing, with more detail we may be able to better assist with finding a resolution.

Thanks
MW
0
 
OhmitAuthor Commented:
OK Gentlemen :-) I manage to remove one of the major errors.

I have one problem left though.

The DNS fails!

I have installed the DNS Role and can confirm that apparantly this dns is replicating with the dns on the old 2003 DC.

However when i run the Best Practice Analyzer it says the following:
-------------------------------------------------------------------------------------------------------
Issue:
The Active Directory integrated DNS zone _msdcs.ok-snacks.lan was not found.
Impact:
DNS queries for the Active Directory integrated zone _msdcs.ok-snacks.lan might fail.
Resolution:
Restore the Active Directory integrated DNS zone _msdcs.ok-snacks.lan.
--------------------------------------------------------------------------------------------------------

I can confirm that I have the zone _msdcs and furthermore that it looks semilar to the zone on the old dns server.

I have done a backup and reload of the zone with the DNSCMD tool from the old 2003 server to the new 2008.
Still same result

0
 
mwadminCommented:
Hi Ohmit,

Going to play stuck record here. When you say DNS fails, are you meaning that you can do no lookups at all to the new DNS server? It is a long shot and probably has no relevance to your issue but try setting the value od the following Registry key on the new server to 0;
Hklm\system\currentcontrolset\services\dns\parameters\enableglobalqueryblocklist

Tx
0
 
Darius GhassemCommented:
Do you have a msdcs.domain.com zone? Do you have msdcs folder under your domain.com zone? Is it grayed out?
0
 
OhmitAuthor Commented:
Ok here you have two screenshots of the dns from both servers.
As you can see they look very much the same DNS on old server 2003 DNS on new server 2008R2
0
 
OhmitAuthor Commented:
whoooops save on disk and open with paint.exe to enhance quality
0
 
Darius GhassemCommented:
The best practices can be ignored since you don't have a delegated msdcs zone this will come up. You are good to go
0
 
OhmitAuthor Commented:
hmm well I forgot to mention that the reson why I ran BPA in the first case was that if I change dns under NIC properties IP4 ONLY to point on the itself I get a lot of errors plus 20 min of "Applying settings" during startup.
0
 
Darius GhassemCommented:
What are the errors?

Run dcdiag /test:dns
0
 
dibiCommented:
Set the W2k8R2 as primary DNS on both servers. Make sure you have IPv6 on W2k8(R2) activated.
Then try
ipconfig /registerdns

Open in new window

and wait approx 15 min. Watch the event log for errors and post here.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 5
  • 4
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now