We help IT Professionals succeed at work.

Server 2008R2 DNS troubles after migration from 2000 server

jglenn49
jglenn49 asked
on
Hello,

I recently migrated from a Windows 2000 server to a 2008R2. I used DC promo to make the new server a DC, but I haven't yet demoted the old server. All of the shared files are still on the old server with the exception of a few that I am using as a test before I transfer all of the data to the new server. I seem to be having a DNS problem although everything appears to be working fine from the client users perspective.

I'm getting an error when I run the best practices analyzer, "The AD integrated DNS zone -msdcs.domain.com was not found".

I can't edit GPO with the error, "failed to open the group policy object. You may not have the appropriate permissions. The system cannot find the path specified.

When I run DCDIAG I get:

Starting test: Advertising
         Warning: DsGetDcName returned information for \\server_1.keystone.com,
         when we were trying to reach KEYWEST.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... KEYWEST failed test Advertising

Basically I want to get to a point where the new server has all of the shared files and does all of the DNS, DHCP ect. and just use the old server to store some non-critical easily recoverable files.

Thanks,
Jay
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2012

Commented:
On your Windows 2003 Server DC do you have a domain.com zone? Does it have msdcs folder under it? Is the folder grayed out?

If the folder is grayed out do you have a msdcs.domain.com zone?

Post the whole dcdiag.

Make sure Servers is pointing to your existing DC for DNS until replication has fully taken place

Author

Commented:
There is a msdcs folder under domain.com and it is not greyed out.

Here is the entire dcdiag.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>dcdiag /fix

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = KEYWEST
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Connectivity
         ......................... KEYWEST passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Advertising
         Warning: DsGetDcName returned information for \\server_1.keystone.com,
         when we were trying to reach KEYWEST.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... KEYWEST failed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... KEYWEST passed test FrsEvent
      Starting test: DFSREvent
         ......................... KEYWEST passed test DFSREvent
      Starting test: SysVolCheck
         ......................... KEYWEST passed test SysVolCheck
      Starting test: KccEvent
         ......................... KEYWEST passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... KEYWEST passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... KEYWEST passed test MachineAccount
      Starting test: NCSecDesc
         ......................... KEYWEST passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\KEYWEST\netlogon)
         [KEYWEST] An net use or LsaPolicy operation failed with error 67,
         The network name cannot be found..
         ......................... KEYWEST failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... KEYWEST passed test ObjectsReplicated
      Starting test: Replications
         [SERVER_1] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... KEYWEST failed test Replications
      Starting test: RidManager
         ......................... KEYWEST passed test RidManager
      Starting test: Services
         ......................... KEYWEST passed test Services
      Starting test: SystemLog
         ......................... KEYWEST passed test SystemLog
      Starting test: VerifyReferences
         ......................... KEYWEST passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : keystone
      Starting test: CheckSDRefDom
         ......................... keystone passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... keystone passed test CrossRefValidation

   Running enterprise tests on : keystone.com
      Starting test: LocatorCheck
         Ldap search capabality attribute search failed on server SERVER_1,
         return value = 81
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
         1355
         A Good Time Server could not be located.
         ......................... keystone.com failed test LocatorCheck
      Starting test: Intersite
         ......................... keystone.com passed test Intersite

C:\Users\administrator.KEYSTONE>^A^A
CERTIFIED EXPERT
Top Expert 2012

Commented:

Author

Commented:
OK, I did that work around and it cleared up the dcdiag, but when I go into Group Policy Editor I still get the same message. Will it take some time for that to correct itself?
CERTIFIED EXPERT
Top Expert 2012

Commented:
yes could take some time

Author

Commented:
I'm still getting "The specified path not found" when I open Group Policy Management.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Run dcdiag again then post please

Author

Commented:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = KEYWEST
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Connectivity
         ......................... KEYWEST passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Advertising
         ......................... KEYWEST passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... KEYWEST passed test FrsEvent
      Starting test: DFSREvent
         ......................... KEYWEST passed test DFSREvent
      Starting test: SysVolCheck
         ......................... KEYWEST passed test SysVolCheck
      Starting test: KccEvent
         ......................... KEYWEST passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... KEYWEST passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... KEYWEST passed test MachineAccount
      Starting test: NCSecDesc
         ......................... KEYWEST passed test NCSecDesc
      Starting test: NetLogons
         ......................... KEYWEST passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... KEYWEST passed test ObjectsReplicated
      Starting test: Replications
         [SERVER_1] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... KEYWEST failed test Replications
      Starting test: RidManager
         ......................... KEYWEST passed test RidManager
      Starting test: Services
         ......................... KEYWEST passed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:01:33
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:06:33
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:11:34
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:16:35
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:21:35
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:26:36
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:31:36
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:36:37
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:41:37
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:46:38
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:51:38
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 11/14/2011   10:56:39
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\keystone.com\sysvol\keystone.com\Policies\{31B2F340-016D-11D2-945F-00C04
FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy s
ettings may not be applied until this event is resolved. This issue may be trans
ient and could be caused by one or more of the following:
         ......................... KEYWEST failed test SystemLog
      Starting test: VerifyReferences
         ......................... KEYWEST passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : keystone
      Starting test: CheckSDRefDom
         ......................... keystone passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... keystone passed test CrossRefValidation

   Running enterprise tests on : keystone.com
      Starting test: LocatorCheck
         ......................... keystone.com passed test LocatorCheck
      Starting test: Intersite
         ......................... keystone.com passed test Intersite

C:\Users\administrator.KEYSTONE>
CERTIFIED EXPERT
Top Expert 2012
Commented:
Use the burflag method to get replication working again

http://support.microsoft.com/kb/290762

Author

Commented:
Thanks, do I run that on the 2008 server? According to the article it doesn't apply. Should I also run that on the old 2000 server?

Thanks again for all your help.

Jay
CERTIFIED EXPERT
Top Expert 2012

Commented:
Does apply if you are using FRS which you are currently. You need to make the authoritive server the Windows 2000 Server  then put the other burflag in Windows 2008 Server registry.



Took backup of the policies and script folders from both the servers from c:\Windows\Sysvol\domain
Stopped NTFRS service on both DCs.
Made one of the DC authoritative server by modifying registry setting : Navigate to registry HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D4. This should be done with server which has the Updated information available or correct data.
Went to other DC and made that Non-authoritative by navigating to same registry location HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D2.
Restarted Ntfrs service on both servers and forced replication to see event 13516 in event viewer for FRS.

Author

Commented:
OK, I got event 13516. I still get the same messages when trying to edit a Group policy object, cannot find the path specified. Should I give it some time?
CERTIFIED EXPERT
Top Expert 2012

Commented:
Give it some time.

Run repadmin /syncall

Author

Commented:
here is what I get :

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>repadmin /syncall
CALLBACK MESSAGE: Error contacting server 99358cd7-5a7e-49d9-a71d-d92fa13d73e4._
msdcs.keystone.com (network error): 1722 (0x6ba):
    The RPC server is unavailable.
CALLBACK MESSAGE: SyncAll Finished.

SyncAll reported the following errors:
Error contacting server 99358cd7-5a7e-49d9-a71d-d92fa13d73e4._msdcs.keystone.com
 (network error): 1722 (0x6ba):
    The RPC server is unavailable.


C:\Users\administrator.KEYSTONE>


CERTIFIED EXPERT
Top Expert 2012

Commented:
Can you ping the server? Can you ping the server by name?

Author

Commented:
I can ping both servers by name and IP
CERTIFIED EXPERT
Top Expert 2012

Commented:
saying it is a network error

Do you have firewall enabled? AV installed?

Author

Commented:
Mcafee on the 2000 server and Trend on the 08. I disabled the firewall on the 08 and tried it again with the same results. No firewall on the 2000.

Author

Commented:
Should I leave the burflag values to what I changed them to or should I change them back to 0?
CERTIFIED EXPERT
Top Expert 2012

Commented:
They will change back to 0 automatically

Author

Commented:
Just realized that under sysvol there was a policies folder so when it replicated it named the folder Policies_something. I moved the old policies folder and renamed the new on and now I can edit group policy.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Good that is a start but you are still getting replication issues.

Post ipconfig /all from both servers

Author

Commented:
I will. My old server just went Blue screen on me. I looked at the burflag value on it and it had changed itself back to 0. When I changed it and restarted FRS it blue screened.
CERTIFIED EXPERT
Top Expert 2012

Commented:
??

Author

Commented:
That's what I'm wondering. On the restart and login it went blue again.
CERTIFIED EXPERT
Top Expert 2012

Commented:
So, you looked at the burglag it went back to 0, right? Why did you change it again?

Author

Commented:
I don't know why. Not a good decision I guess. I guess I shouldn't have. It's back to 0 now and the server was back up for a minute and then it went blue again.

Author

Commented:
I think it is back up again. I hoping for good now. Should the problems with replication keep me from starting to move our data to the new server. Once that is done the old server get demoted and only used to store some recoverable pictures and things like that.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Replication is critical without it working then the new DC can't be consider a functioning DC.

Author

Commented:
OK. What should my next step be? Thanks aging for all your help.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Reboot the new server.

Post ipconfig /all for both servers.

Author

Commented:
2000 Server:
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator.KEYSTONE>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : server_1
        Primary DNS Suffix  . . . . . . . : keystone.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : Yes
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : keystone.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
        Physical Address. . . . . . . . . : 00-0F-20-CF-C8-8E
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 192.168.0.3
                                            192.168.0.2
        Primary WINS Server . . . . . . . : 192.168.0.3

C:\Documents and Settings\Administrator.KEYSTONE

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>ipconfig /all

2008 server:
Windows IP Configuration

   Host Name . . . . . . . . . . . . : KEYWEST
   Primary Dns Suffix  . . . . . . . : keystone.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : keystone.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
 VBD Client) #31
   Physical Address. . . . . . . . . : 78-2B-CB-5A-5C-0D
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::da1:64f0:81ed:f4ff%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 242756555
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-14-8D-70-78-2B-CB-5A-5C-0D

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.0.2
   Primary WINS Server . . . . . . . : 192.168.0.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A51C4068-D08E-4952-B7DF-447D1B631EF8}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


CERTIFIED EXPERT
Top Expert 2012

Commented:
Point Windows 2000 to itself for DNS.

Point Windows 2008 Server to Windows 2000 DNS server.

Run ipconfig /flushdns, ipconfig /registerdns, dcdiag /fix on both

Author

Commented:
2000 Server:

   Testing server: Default-First-Site-Name\SERVER_1
      Starting test: Connectivity
         SERVER_1's server GUID DNS name could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (99358cd7-5a7e-49d9-a71d-d92fa13d73e4._msdcs.keystone.com) couldn't be
         resolved, the server name (server_1.keystone.com) resolved to the IP
         address (192.168.0.2) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... SERVER_1 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER_1
      Skipping all tests, because server SERVER_1 is
      not responding to directory service requests

   Running enterprise tests on : keystone.com
      Starting test: Intersite
         ......................... keystone.com passed test Intersite
      Starting test: FsmoCheck
         ......................... keystone.com passed test FsmoCheck

C:\Documents and Settings\Administrator.KEYSTONE>

2008 Server:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>dcdiag /fix

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = KEYWEST
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Connectivity
         ......................... KEYWEST passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Advertising
         ......................... KEYWEST passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... KEYWEST passed test FrsEvent
      Starting test: DFSREvent
         ......................... KEYWEST passed test DFSREvent
      Starting test: SysVolCheck
         ......................... KEYWEST passed test SysVolCheck
      Starting test: KccEvent
         ......................... KEYWEST passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... KEYWEST passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... KEYWEST passed test MachineAccount
      Starting test: NCSecDesc
         ......................... KEYWEST passed test NCSecDesc
      Starting test: NetLogons
         ......................... KEYWEST passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... KEYWEST passed test ObjectsReplicated
      Starting test: Replications
         [SERVER_1] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... KEYWEST failed test Replications
      Starting test: RidManager
         ......................... KEYWEST passed test RidManager
      Starting test: Services
         ......................... KEYWEST passed test Services
      Starting test: SystemLog
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 11/14/2011   14:59:07
            Event String:
            The driver detected that the device \Device\Harddisk0\DR0 has its wr
ite cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 11/14/2011   14:59:07
            Event String:
            The driver detected that the device \Device\Harddisk0\DR0 has its wr
ite cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 11/14/2011   14:59:07
            Event String:
            The driver detected that the device \Device\Harddisk0\DR0 has its wr
ite cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 11/14/2011   14:59:13
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 11/14/2011   14:59:20
            Event String:
            Name resolution for the name keystone.com timed out after none of th
e configured DNS servers responded.
         A warning event occurred.  EventID: 0x00001795
            Time Generated: 11/14/2011   14:59:52
            Event String:
            The program lsass.exe, with the assigned process ID 696, could not a
uthenticate locally by using the target name ldap/DomainDnsZones.keystone.com. T
he target name used is not valid. A target name should refer to one of the local
 computer names, for example, the DNS host name.
         A warning event occurred.  EventID: 0x00000420
            Time Generated: 11/14/2011   14:59:57
            Event String:
            The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service.   This is not a recommended security configuration.  Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
 server set dnscredentials" or via the DHCP Administrative tool.
         A warning event occurred.  EventID: 0x0000168D
            Time Generated: 11/14/2011   14:59:58
            Event String:
            The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
         A warning event occurred.  EventID: 0x0000168D
            Time Generated: 11/14/2011   14:59:58
            Event String:
            The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
         A warning event occurred.  EventID: 0x00002724
            Time Generated: 11/14/2011   15:00:01
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For
 reliable DHCPv6 server operation, you should use only static IPv6 addresses.
         A warning event occurred.  EventID: 0x00000090
            Time Generated: 11/14/2011   15:00:24
            Event String:
            The time service has stopped advertising as a good time source.
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 11/14/2011   15:02:10
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/KEYWEST
.keystone.com; WSMAN/KEYWEST.
         ......................... KEYWEST passed test SystemLog
      Starting test: VerifyReferences
         ......................... KEYWEST passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : keystone
      Starting test: CheckSDRefDom
         ......................... keystone passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... keystone passed test CrossRefValidation

   Running enterprise tests on : keystone.com
      Starting test: LocatorCheck
         ......................... keystone.com passed test LocatorCheck
      Starting test: Intersite
         ......................... keystone.com passed test Intersite

C:\Users\administrator.KEYSTONE>
CERTIFIED EXPERT
Top Expert 2012

Commented:
Well looks like Windows 2008 server is healthy.

Not sure why DNS is messing up on Windows 2000 server. Do you have msdcs.domain.com zone? Is your msdcs folder grayed out under your domain.com zone?

Author

Commented:
There is a msdcs zone that is not greyed out. In that folder there is only info about the new server and nothing about the old server.

Author

Commented:
I think the DNS on the 2000 server was never really right. I guess we were luck to not have problems.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Run netdiag /fix on Windows 2000 Server

Author

Commented:
       KB896727-IE6SP1-20050719.165959
        KB897715-OE6SP1-20050503.210336
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB905495-IE6SP1-20050805.184113
        KB905749
        KB905915-IE6SP1-20051122.175908
        KB908519
        KB908523
        KB908531
        KB911280
        KB911564
        KB911565
        KB911567-OE6SP1-20060316.165634
        KB912812-IE6SP1-20060322.182418
        KB912919
        KB913580
        KB914388
        KB914389
        KB916281-IE6SP1-20060526.162249
        KB917008
        KB917159
        KB917422
        KB917537
        KB917734_WMP9
        KB917736
        KB917953
        KB918118
        KB918899-IE6SP1-20060725.123917
        KB920213
        KB920670
        KB920683
        KB920685
        KB920958
        KB921398
        KB921503
        KB921883
        KB922582
        KB922616
        KB922760-IE6SP1-20061018.120000
        KB923191
        KB923414
        KB923561
        KB923689
        KB923694-OE6SP1-20061106.120000
        KB923810
        KB923980
        KB924191
        KB924270
        KB924667
        KB925398_WMP64
        KB925454-IE6SP1-20061116.120000
        KB925486-IE6SP1-20060918.120000
        KB925902
        KB926121
        KB926122
        KB926247
        KB926436
        KB927891
        KB928090-IE6SP1-20070125.120000
        KB928843
        KB929969-IE6SP1-20061220.120000
        KB930178
        KB931768-IE6SP1-20070219.120000
        KB931784
        KB932168
        KB933566-IE6SP1-20070417.120000
        KB933729
        KB935839
        KB935840
        KB935966
        KB936021
        KB936782_WMP9
        KB937143-IE6SP1-20070717.120000
        KB937894
        KB938127-IE6SP1-20070626.120000
        KB938464-IE6SP1-20080429.120000
        KB938827
        KB938829
        KB939653-IE6SP1-20070817.120000
        KB941202-OE6SP1-20070820.120000
        KB941568_DX9
        KB941569
        KB941644
        KB941672
        KB941693
        KB942615-IE6SP1-20071029.120000
        KB942831
        KB943055
        KB943484
        KB943485
        KB944338
        KB944533-IE6SP1-20071210.120000
        KB945553
        KB947864-IE6SP1-20080215.120000
        KB948590
        KB948881-IE6SP1-20080313.120000
        KB949014
        KB950749
        KB950759-IE6SP1-20080418.120000
        KB950760
        KB950974
        KB951066-OE6SP1-20080625.120000
        KB951698_DX9
        KB951746
        KB951748
        KB952004
        KB952069_WM71
        KB952954
        KB953155
        KB953838-IE6SP1-20080620.120000
        KB953839
        KB954155_WM9
        KB954211
        KB954600_WM41
        KB955069
        KB956391
        KB956802
        KB956844
        KB957097
        KB957280
        KB958215-IE6SP1-20081016.120000
        KB958470
        KB958644
        KB958687
        KB958690
        KB958869-IE6SP1-20090818.120000
        KB959426
        KB960225
        KB960714-IE6SP1-20081211.120000
        KB960715
        KB960803
        KB960859
        KB961063
        KB961371-V2
        KB961373_DX9
        KB961501
        KB963027-IE6SP1-20090303.120000
        KB967715
        KB968537
        KB968816_WM9
        KB969059
        KB969805
        KB970238
        KB970483
        KB971486
        KB971557
        KB971633_DX9
        KB971961
        KB972260-IE6SP1-20090722.120000
        KB973346
        KB973354-OE6SP1-20090710.120000
        KB973507
        KB973525
        KB973540_WM9L
        KB973869
        KB974112_WM41
        KB974455-IE6SP1-20090925.120000
        KB974571
        KB975254
        Q147222
        Q828026
        Update Rollup 1


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : server_1
        IP Address . . . . . . . . : 192.168.0.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.1
        Primary WINS Server. . . . : 192.168.0.3
        Dns Servers. . . . . . . . : 192.168.0.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{E5E8C348-D26A-4423-90E8-2B4E83176FC8}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS host name 'server_1.keystone.com' valid only on Windows 20
00 DNS Servers. [DNS_ERROR_NON_RFC_NAME]
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.keystone.com. re-registeration on DNS server '192.168.0.2' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.dc._msdcs.keystone.com. re-registeration on DNS server '192.168.0.2' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.b198b097-06da-4706-a979-db393
ddcaa4f.domains._msdcs.keystone.com. re-registeration on DNS server '192.168.0.2
' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry 99358cd7-5a7e-49d9-a71d-d92fa13d73e4._ms
dcs.keystone.com. re-registeration on DNS server '192.168.0.2' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Site-Name._sites.
keystone.com. re-registeration on DNS server '192.168.0.2' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._
sites.dc._msdcs.keystone.com. re-registeration on DNS server '192.168.0.2' faile
d.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._
sites.keystone.com. re-registeration on DNS server '192.168.0.2' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for th
is DC on DNS server '192.168.0.2'.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{E5E8C348-D26A-4423-90E8-2B4E83176FC8}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{E5E8C348-D26A-4423-90E8-2B4E83176FC8}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'KEYSTONE' is to '\\KEYWEST.keystone.com'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

C:\Documents and Settings\Administrator.KEYSTONE>
CERTIFIED EXPERT
Top Expert 2012

Commented:
Point the server to Windows 2008 Server run Dcdiag /fix post results

Author

Commented:
Point the DNS to the 2008 Server and run it again on the 2000 server? Just verifying.  
CERTIFIED EXPERT
Top Expert 2012

Commented:
yes

Author

Commented:
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator.KEYSTONE>dcdiag /fix

DC Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial non skippeable tests

   Testing server: Default-First-Site-Name\SERVER_1
      Starting test: Connectivity
         SERVER_1's server GUID DNS name could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (99358cd7-5a7e-49d9-a71d-d92fa13d73e4._msdcs.keystone.com) couldn't be
         resolved, the server name (server_1.keystone.com) resolved to the IP
         address (192.168.0.2) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... SERVER_1 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER_1
      Skipping all tests, because server SERVER_1 is
      not responding to directory service requests

   Running enterprise tests on : keystone.com
      Starting test: Intersite
         ......................... keystone.com passed test Intersite
      Starting test: FsmoCheck
CERTIFIED EXPERT
Top Expert 2012

Commented:
I think the problem is the underscore in the host name

Disallowed characters
DNS host names cannot contain the following characters:
comma (,)
tilde (~)
colon (:)
exclamation point (!)
at sign (@)
number sign (#)
dollar sign ($)
percent (%)
caret (^)
ampersand (&)
apostrophe (')
period (.)
parentheses (())
braces ({})
underscore (_)

http://support.microsoft.com/kb/909264

Author

Commented:
Any ideas on a good workaround? The 2000 computer will not be a DNS server at the end of this migration.
CERTIFIED EXPERT
Top Expert 2012

Commented:
You can do a domain controller rename. Or you can demote the server.

The Windows 2008 Server seems healthy and working but I would take a backup  if Windows 2000 server just in case if you demote you can restore or something goes wrong with domain controller rename
CERTIFIED EXPERT
Top Expert 2012

Commented:
Let me correct that Windows 2000 DCs can not be renamed I forgot this came in Windows 2003 Server

http://support.microsoft.com/kb/296592

Author

Commented:
So I shouldn't rename it? Not sure what my next step should be.

Author

Commented:
This is the error message I'm getting on the 2008 server regarding DNS:

Issue:
The Active Directory integrated DNS zone _msdcs.keystone.com was not found.

Impact:
DNS queries for the Active Directory integrated zone _msdcs.keystone.com might fail.

Resolution:
Restore the Active Directory integrated DNS zone _msdcs.keystone.com.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Look in DNS do you have a domain.com zone? Is the msdcs folder under domain.com grayed out? If it is grayed out do you have a msdcs.domain.com zone?

Author

Commented:
on the 08 server?
CERTIFIED EXPERT
Top Expert 2012

Commented:
On both

Author

Commented:
Here is a screen shot from the 08 server. I see the same info on the 08 as the 00 Document.docx
CERTIFIED EXPERT
Top Expert 2012

Commented:
Well looks good. When was that Event from?

Author

Commented:
About the time I posted it, but I still get this DNS error:

Issue:
The Active Directory integrated DNS zone _msdcs.keystone.com was not found.

Impact:
DNS queries for the Active Directory integrated zone _msdcs.keystone.com might fail.

Resolution:
Restore the Active Directory integrated DNS zone _msdcs.keystone.com.

I did go through the steps listed to fix it a few days ago with no luck.
CERTIFIED EXPERT
Top Expert 2012

Commented:
I think the problem is that Windows 2008 Server is looking for the msdcs.domain.com zone but you don't have that zone since your msdcs folder is not delegated.

http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/96033806-a8a2-4e0c-b592-d58b312d4065/

Author

Commented:
So it looks like I should create a _mcdcs.domain.com

Is there anything I should be aware of before doing that?
CERTIFIED EXPERT
Top Expert 2012

Commented:
Nope that will work fine

Author

Commented:
I was looking at it and I guess I'm not sure exactly how to do it. Do I create a new sub domain name _msdcs.domain.com? One created that's it  or I need to do something else?

Once again thanks for all of the help.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Create a domain call it _msdcs.domain.com

Author

Commented:
I created a new Domain under Forward lookup zones and mydomain.com and name in _msdcs.domain.com. After I created it there was an Entry under mydomain called "com" and I still got the same error when I ran the BPA. I'm sure I did something wrong.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Don't worry about BPA if that is where you are getting the error only.

Take a screen show of DNS and post

Author

Commented:
That is the only place I'm getting errors at this point. There are no DNS errors in the event viewer.
CERTIFIED EXPERT
Top Expert 2012

Commented:
Don't worry about that error in BPA you are good

Author

Commented:
Great! So at this point it's safe to start moving my files to the new server and then demote the old server? Thanks again for all your help. I would have been lost without it.
CERTIFIED EXPERT
Top Expert 2012

Commented:
One more dcdiag please then I will feel save saying all is good

Author

Commented:
Only see that one failed test.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.KEYSTONE>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = KEYWEST
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Connectivity
         ......................... KEYWEST passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\KEYWEST
      Starting test: Advertising
         ......................... KEYWEST passed test Advertising
      Starting test: FrsEvent
         ......................... KEYWEST passed test FrsEvent
      Starting test: DFSREvent
         ......................... KEYWEST passed test DFSREvent
      Starting test: SysVolCheck
         ......................... KEYWEST passed test SysVolCheck
      Starting test: KccEvent
         ......................... KEYWEST passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... KEYWEST passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... KEYWEST passed test MachineAccount
      Starting test: NCSecDesc
         ......................... KEYWEST passed test NCSecDesc
      Starting test: NetLogons
         ......................... KEYWEST passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... KEYWEST passed test ObjectsReplicated
      Starting test: Replications
         [SERVER_1] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         ......................... KEYWEST failed test Replications

      Starting test: RidManager
         ......................... KEYWEST passed test RidManager
      Starting test: Services
         ......................... KEYWEST passed test Services
      Starting test: SystemLog
         ......................... KEYWEST passed test SystemLog
      Starting test: VerifyReferences
         ......................... KEYWEST passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : keystone
      Starting test: CheckSDRefDom
         ......................... keystone passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... keystone passed test CrossRefValidation

   Running enterprise tests on : keystone.com
      Starting test: LocatorCheck
         ......................... keystone.com passed test LocatorCheck
      Starting test: Intersite
         ......................... keystone.com passed test Intersite

C:\Users\administrator.KEYSTONE>
CERTIFIED EXPERT
Top Expert 2012

Commented:
Still having replication errors to  the old server. You can choose to ignore the demote the old Windows 2000 Server see if that causes any issues you have no way to fix the problem unless you restore.

You have moved all roles over to new server right? FSMO, GC, DHCP, etc? All clients point to new server for DNS now in their TCP\IP properties?

If all the above is true you could shutdown the Windows 2000 Server to see what the reaction is going to be.

Author

Commented:
Yes all roles have been switched to the new server. I will shut down and see after hours since everyone is still accessing files on the old server. Thanks again for all your help with this.
CERTIFIED EXPERT
Top Expert 2012

Commented:
No problem. Just let me know

Author

Commented:
Shutting down the old server tonight at 5. I guess I'll know pretty quickly if there are problems? Assuming it goes well I am going to start transferring some files to the new server. Any thoughts on the best way to move the files? Copy and Paste or is there a better way?

Thanks again,
Jay
CERTIFIED EXPERT
Top Expert 2012

Commented:
You can use Robocopy or Richcopy to copy

Author

Commented:
Thanks for all the help. I started moving files to the new server and so far everything appears to be working fine.