SBS 2003 Migration to SBS 2011 - Domain Issues

also good to note when trying to use ntdsutil

i get the following message:

C:\Users\Administrator.STORAGELOGIC>ntdsutil
ntdsutil: roles
fsmo maintenance: connections
server connections: connect to server slfp01
Binding to slfp01 ...
Connected to slfp01 using credentials of locally logged on user.
server connections: q
fsmo maintenance: netdom query fsmo
Error parsing Input - Invalid Syntax.
fsmo maintenance:

error attached.
Both firewalls are turned off. for testing i also plugged into the same switch and have made sure servers talk to eachother in terms of pings and files copy/paste

That's not a happy message.

Have you followed a migration guide? If so - which one?

Hmmm it was the microsoft one.
See attached -
A-Migrate2003.doc

Can you post the results of IPCONFIG /ALL from both servers.

Also NETDOM QUERY FSMO (not using NTDSUTIL)

Never used that one - always used Demazter's - who has now appeared, so I will leave this one to him as he is the migration king :)

SBS Essentials is a funky beast. Three things to think about:

1) did you migrate DHCP? SBS Essentials does not enable DHCP by default, so when you migrate that role, you must remove references to the source server,

2) did you update your NIC settings on the source server so DNS is handled by the destination server? AD will have issues otherwise.

3) did you I stall the SBS Essentials connector on the client machines? This handles some DNS oddities and the client backup and is unique to Essentials, so SBS standard admins my easily miss this step.

-Cliff

Sorry for the delayed reply.

IP Config: (guessing you only want the connected ethernet rather than all the other jazz)

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : 78-2B-CB-62-92-32
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b49c:ca91:182e:a97%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.23.39.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.23.39.1
   DHCPv6 IAID . . . . . . . . . . . : 242756555
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-9C-E5-2D-78-2B-CB-62-92-32

   DNS Servers . . . . . . . . . . . : 172.23.39.3
   NetBIOS over Tcpip. . . . . . . . : Enabled



NETDOM FSMO Shows:

C:\Users\Administrator.STORAGELOGIC>netdom query fsmo
Schema master               SL-SERVER.storagelogic.local
Domain naming master        SL-SERVER.storagelogic.local
PDC                         SL-SERVER.storagelogic.local
RID pool manager            SL-SERVER.storagelogic.local
Infrastructure master       SL-SERVER.storagelogic.local
The command completed successfully.

Yes DHCP was migrated across. But i had to resetup rather than it copying across to the new server. So i manually recreated a scope and there are no traces of the old server within there.

DNS is changed to point to the new server. that is the only DNS server set.

No, we have not installed SBS connector onto machines. I will have a look into this whilst i wait other replies.
Thanks

Do you have more than one NIC? Are the ones that aren't in use disabled? if not, please ensure they are.

The client connector isn't going to stop you being able to demote the old server.

When you run NETDOM QUERY FSMO on both servers do you get the same results?

We have 2 NIC's and yes 2nd is disabled.

results from old server:

C:\Documents and Settings\Administrator.SLFP01>netdom query fsmo
Schema owner                SL-SERVER.storagelogic.local

Domain role owner           SL-SERVER.storagelogic.local

PDC role                    SL-SERVER.storagelogic.local

RID pool manager            SL-SERVER.storagelogic.local

Infrastructure owner        SL-SERVER.storagelogic.local

The command completed successfully.



Exactly the same.
Thanks

And both servers are using only the new server for DNS?

Yes, I will quickly flush dns on both servers just to make sure

Nope still same error when doing dcpromo

from both servers run:

DCDIAG /TEST:DNS

Post the results please.

See attached

newserver.txt
oldserver.txt

This doesn't really make any sense.

Is the NETLOGON service started on both servers?  Are there any services that are set to automatic that are not started?

New Server:
windows server initalzation service
windows server storage service
windows upnp device service

have started the first 2 - 3rd one would start.

Old server all services on automatic are running.

Netlogon service started on both servers.

for my own sanity can you post the full output of IPCONFIG /ALL from both servers please?

you seem to be logging in as a local administrator on the old server?

See attached :)
Thanks for your help with this by the way.

oldserver.txt
newserver.txt

I did notice that - but i dont understand why - as im actualy using the domain\username when logging in (im connecting via RDP)

Let me reboot the old server and try log in a different way. I didnt think if it was a domain controller i would be able to log in as a local admin.

Same issue - I will create a new 'super' admin account and see if i am able to demote it from there.

just tried to create a new user on the new server...
and got the followign error


This is whilst the old server is rebooting.

Your. EE server is not yet acting as a DC. THS usually is an indication that replication has not yet happened. Dcdiag both servers, starting with the old server first.

-Cliff

HI,
Ok managed to resolve this,
I had to transfer roles back to 2003 server. then seize the roles and kill the old server...

Then went through the AD and other instanances and removed any traces of the old server.
There was also a group policy that was still linked to the old server, removing this seemed to help with login speed immediately.

Solution pointed me in right direction.
Thanks