seapr
asked on
Migrated 2008 server AD/DHCP issue
Hello,
I just recently migrated a server 2003 AD and FSMO role to a new 2008 server.
All roles as been transfered. FSMO roles are on the 2008 server. @008 server is the operation master. My issue's are that if I shutdown the 2003 machine no one can log in!
Even the DHCP will not assigned an IP. The 2008 server is the only DHCP on the network.
Right now everybody works with static ip's with their DNS pointing to the 2008 server.
Thanks
I just recently migrated a server 2003 AD and FSMO role to a new 2008 server.
All roles as been transfered. FSMO roles are on the 2008 server. @008 server is the operation master. My issue's are that if I shutdown the 2003 machine no one can log in!
Even the DHCP will not assigned an IP. The 2008 server is the only DHCP on the network.
Right now everybody works with static ip's with their DNS pointing to the 2008 server.
Thanks
Is the newly installed 2008 server configured as a GC (Global Catalog)?
first of all, do you have a DNS server role installed on the new server ?
if yes, run dcdiag on the new dc. does it return errors ?
if yes, run dcdiag on the new dc. does it return errors ?
Please verify if you did all required steps during adding 2008 DC into your existing network, reading an article on my blog for that
http://kpytko.wordpress.com/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/
and when you transferred PDC Emulator role to other DC, you need to advertise new time server in your forest. Please follow below steps
[...]- after transfer of the PDCEmulator role, configure the NEW PDCEmulator to an external timesource and reconfigure the old PDCEmulator to use the domainhierarchie now. Therefore run on the NEW "w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update" where PEERS will be filled with the ip address or server(time.windows.com) and on the OLD one run "w32tm /config /syncfromflags:domhier /reliable:no /update" and stop/start the time service on the old one. All commands run in an elevated command prompt without the quotes. [...]
it's an extract from MVP blog at
http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx
In case of any further question, do not hesitate to ask
Regards,
Krzysztof
http://kpytko.wordpress.com/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/
and when you transferred PDC Emulator role to other DC, you need to advertise new time server in your forest. Please follow below steps
[...]- after transfer of the PDCEmulator role, configure the NEW PDCEmulator to an external timesource and reconfigure the old PDCEmulator to use the domainhierarchie now. Therefore run on the NEW "w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update" where PEERS will be filled with the ip address or server(time.windows.com) and on the OLD one run "w32tm /config /syncfromflags:domhier /reliable:no /update" and stop/start the time service on the old one. All commands run in an elevated command prompt without the quotes. [...]
it's an extract from MVP blog at
http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx
In case of any further question, do not hesitate to ask
Regards,
Krzysztof
1.did you authorize DHCP and DNS serivce on 2008 server.
2. did client is using 2008 dns entries.
and the most important thing the Global catalogue server.
try to run nslookup on client, dcdiag and event viewer of the DC.
please share the output, so that we can discuss this case.
2. did client is using 2008 dns entries.
and the most important thing the Global catalogue server.
try to run nslookup on client, dcdiag and event viewer of the DC.
please share the output, so that we can discuss this case.
ASKER
I will try to respond to all questions at once.
1.Yes the new 2008 server is the Global catalogue.
2.DNS is intalled and properly setup as the pc's as the 2008 server as DNS server and they have access to the internet and local access.
3. DCdiag is returning only errors about printers. The rest is all ok.
4.DHCP and DNS are installed. what do you meen by authorize?
I will go trought what you guys recommended and follow up.
Thanks and this input is really appreciated.
1.Yes the new 2008 server is the Global catalogue.
2.DNS is intalled and properly setup as the pc's as the 2008 server as DNS server and they have access to the internet and local access.
3. DCdiag is returning only errors about printers. The rest is all ok.
4.DHCP and DNS are installed. what do you meen by authorize?
I will go trought what you guys recommended and follow up.
Thanks and this input is really appreciated.
ASKER
While doing the DCdiag on the 2003 machine I get those errors
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 2
SYSVOL has been shared. Failing SYSVOL replication
Group Policy problems.
An Error Event occured. EventID: 0xC0003500
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0003502
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0003502
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
......................... MCCS failed test frsevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x40000004
Time Generated: 08/29/2012 22:55:40
Event String: The kerberos client received a
P_ERR_MODIFIED error from the server
r$. The target name used was LDAP/MCCS.
indicates that the password used to encrypt
erberos service ticket is different than
on the target server. Commonly, this is due
entically named machine accounts in the
t realm (CHAMPLAIN), and the client realm.
e contact your system administrator.
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:04
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:05
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:11
(Event String could not be retrieved)
......................... MCCS failed test systemlog
I get this on the 2008 machine.
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occurred. EventID: 0x800034FE
Time Generated: 08/29/2012 15:46:23
Event String:
File Replication Service is scanning the data in the system volume.
ter CCTSVR cannot become a domain controller until this process is complete
system volume will then be shared as SYSVOL.
To check for the SYSVOL share, at the command prompt, type:
net share
When File Replication Service completes the scanning process, the SY
share will appear.
The initialization of the system volume can take some time. The time
ependent on the amount of data in the system volume.
An Warning Event occurred. EventID: 0x800034C4
Time Generated: 08/29/2012 15:50:06
Event String:
The File Replication Service is having trouble enabling replication
MCCS.champlain to CCTSVR for c:\windows\sysvol\domain using the DNS name MC
amplain. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
[2] FRS is not running on MCCS.champlain.
[3] The topology information in the Active Directory Domain Service
this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
has been established.
An Warning Event occurred. EventID: 0x800034C4
Time Generated: 08/29/2012 15:58:05
Event String:
The File Replication Service is having trouble enabling replication
MCCS to CCTSVR for c:\windows\sysvol\domain using the DNS name MCCS.champla
RS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
[2] FRS is not running on MCCS.champlain.
[3] The topology information in the Active Directory Domain Service
this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
has been established.
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 2
SYSVOL has been shared. Failing SYSVOL replication
Group Policy problems.
An Error Event occured. EventID: 0xC0003500
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0003502
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0003502
Time Generated: 08/29/2012 15:40:55
(Event String could not be retrieved)
......................... MCCS failed test frsevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x40000004
Time Generated: 08/29/2012 22:55:40
Event String: The kerberos client received a
P_ERR_MODIFIED error from the server
r$. The target name used was LDAP/MCCS.
indicates that the password used to encrypt
erberos service ticket is different than
on the target server. Commonly, this is due
entically named machine accounts in the
t realm (CHAMPLAIN), and the client realm.
e contact your system administrator.
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:04
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:05
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 08/29/2012 23:05:11
(Event String could not be retrieved)
......................... MCCS failed test systemlog
I get this on the 2008 machine.
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occurred. EventID: 0x800034FE
Time Generated: 08/29/2012 15:46:23
Event String:
File Replication Service is scanning the data in the system volume.
ter CCTSVR cannot become a domain controller until this process is complete
system volume will then be shared as SYSVOL.
To check for the SYSVOL share, at the command prompt, type:
net share
When File Replication Service completes the scanning process, the SY
share will appear.
The initialization of the system volume can take some time. The time
ependent on the amount of data in the system volume.
An Warning Event occurred. EventID: 0x800034C4
Time Generated: 08/29/2012 15:50:06
Event String:
The File Replication Service is having trouble enabling replication
MCCS.champlain to CCTSVR for c:\windows\sysvol\domain using the DNS name MC
amplain. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
[2] FRS is not running on MCCS.champlain.
[3] The topology information in the Active Directory Domain Service
this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
has been established.
An Warning Event occurred. EventID: 0x800034C4
Time Generated: 08/29/2012 15:58:05
Event String:
The File Replication Service is having trouble enabling replication
MCCS to CCTSVR for c:\windows\sysvol\domain using the DNS name MCCS.champla
RS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
[2] FRS is not running on MCCS.champlain.
[3] The topology information in the Active Directory Domain Service
this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
has been established.
ASKER
Also I need to point out that this migration was done by somebody else and I was contacted to try to help.
Also I just saw that DNS server is not running on the 2003 machine. Is this an issue?
Thanks
Also I just saw that DNS server is not running on the 2003 machine. Is this an issue?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please additionally provide output from
and attach this file for analyze here, please
Krzysztof
repadmin /showrepl /verbose /all >>c:\repadmin1.log
repadmin /replsummary >>c:\repadmin2.log
and attach this file for analyze here, please
Krzysztof