Solved

Migration to Server 2008R2 results in major problems

Posted on 2011-09-21
16
236 Views
Last Modified: 2012-06-21
I am experiencing some serious prolems with my new 2008R2 server.

I have an existing domain with one Server 2003.

I was suppose to get rid of this and put in the new server as only server in the domain.

I have done the following tasks:

- I raised domain functional level on the 2003 server to 2003 level.
- I ran ADPREP32.EXE from the 2008 installation dvd with /forestprep and then /domainprep.
- I joined the 2008 server to the domain.
- I installed the DS role
- i install DNS + DHCP role.
- i promoted the server a DC
- I restarted server and confirm replication of SYSVOL and DNS

So far so good!

Unfortunately Im experiencing serious problems with DS and DNS.

My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary?
0
Comment
Question by:Ohmit
  • 5
  • 4
  • 4
  • +1
16 Comments
 
LVL 4

Accepted Solution

by:
dibi earned 184 total points
ID: 36573072
Hi!
What problems are you talking about in detail?
What are the dcdiag results?

If you're experiencing DNS problems, verify DNS resolution is working properly. DNS problems are most likely the reason for AD problems.

Regards!
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 184 total points
ID: 36573076
BTW: One server is too less! If you're forced to run only one server, be sure to have a working backup!
0
 

Author Comment

by:Ohmit
ID: 36573434
Please focus on my question:
"My question is, that according to Microsoft I should have used a second switch on the ADPREP32 command:

ADPREP32 /DOMAINPREP /GPPREP

I have never herd about this GPPREP switch and I have done these migrations before without major problems so can anyone tell me if this switch is really nescecary? "
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 181 total points
ID: 36573716
GPPrep is not necessarily needed in your environment.

Run dcdiag post results lets see what is happening
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 184 total points
ID: 36574241
Sorry that it seems I "ignored" GPREP. GPREP is required for migrating to W2k3 only --> this is why it's not of interest for your solution...

DCDIAG is your favourite option now...
0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 135 total points
ID: 36574577
Hi Ohmit,

The /gpprep switch adds inheritable
ACEs to the GPOs in SYSVOL. It was introduced in Windows 2003 for migrations from Windows 2000 domains. You should not need to run it as you are migrating from a Windows 2003 domain, having said that running it now "should not" (I use this term lightly) cause any issues and then you can rule it out as a possible reason for your issues.

Could you possibly be more specific on the issues you are experiencing, with more detail we may be able to better assist with finding a resolution.

Thanks
MW
0
 

Author Comment

by:Ohmit
ID: 36575066
OK Gentlemen :-) I manage to remove one of the major errors.

I have one problem left though.

The DNS fails!

I have installed the DNS Role and can confirm that apparantly this dns is replicating with the dns on the old 2003 DC.

However when i run the Best Practice Analyzer it says the following:
-------------------------------------------------------------------------------------------------------
Issue:
The Active Directory integrated DNS zone _msdcs.ok-snacks.lan was not found.
Impact:
DNS queries for the Active Directory integrated zone _msdcs.ok-snacks.lan might fail.
Resolution:
Restore the Active Directory integrated DNS zone _msdcs.ok-snacks.lan.
--------------------------------------------------------------------------------------------------------

I can confirm that I have the zone _msdcs and furthermore that it looks semilar to the zone on the old dns server.

I have done a backup and reload of the zone with the DNSCMD tool from the old 2003 server to the new 2008.
Still same result

0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 135 total points
ID: 36575298
Hi Ohmit,

Going to play stuck record here. When you say DNS fails, are you meaning that you can do no lookups at all to the new DNS server? It is a long shot and probably has no relevance to your issue but try setting the value od the following Registry key on the new server to 0;
Hklm\system\currentcontrolset\services\dns\parameters\enableglobalqueryblocklist

Tx
0
Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 181 total points
ID: 36575325
Do you have a msdcs.domain.com zone? Do you have msdcs folder under your domain.com zone? Is it grayed out?
0
 

Author Comment

by:Ohmit
ID: 36575497
Ok here you have two screenshots of the dns from both servers.
As you can see they look very much the same DNS on old server 2003 DNS on new server 2008R2
0
 

Author Comment

by:Ohmit
ID: 36575503
whoooops save on disk and open with paint.exe to enhance quality
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 181 total points
ID: 36575528
The best practices can be ignored since you don't have a delegated msdcs zone this will come up. You are good to go
0
 

Author Comment

by:Ohmit
ID: 36575576
hmm well I forgot to mention that the reson why I ran BPA in the first case was that if I change dns under NIC properties IP4 ONLY to point on the itself I get a lot of errors plus 20 min of "Applying settings" during startup.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 181 total points
ID: 36575599
What are the errors?

Run dcdiag /test:dns
0
 
LVL 3

Assisted Solution

by:mwadmin
mwadmin earned 135 total points
ID: 36575671
0
 
LVL 4

Assisted Solution

by:dibi
dibi earned 184 total points
ID: 36578781
Set the W2k8R2 as primary DNS on both servers. Make sure you have IPv6 on W2k8(R2) activated.
Then try
ipconfig /registerdns

Open in new window

and wait approx 15 min. Watch the event log for errors and post here.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Normally after a failure of Domain Controller, when promoting new DC the DC is renamed, we will discuss the options in Dcpromo to re-create the DC with the same name. Scenario: You are a small IT shop with two Domain Controllers (Domain Contr…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now