Link to home
Start Free TrialLog in
Avatar of seapr
seaprFlag for Canada

asked on

Migrated 2008 server AD/DHCP issue

Hello,

I just recently migrated a server 2003 AD and FSMO role to a new 2008 server.
All roles as been transfered.  FSMO roles are on the 2008 server.  @008 server is the operation master.  My issue's are that if I shutdown the 2003 machine no one can log in!
Even the DHCP will not assigned an IP.  The 2008 server is the only DHCP on the network.
Right now everybody works with static ip's with their DNS pointing to the 2008 server.

Thanks
Avatar of Mark Damen
Mark Damen
Flag of United Kingdom of Great Britain and Northern Ireland image

Is the newly installed 2008 server configured as a GC (Global Catalog)?
first of all, do you have a DNS server role installed on the new server ?

if yes, run dcdiag on the new dc. does it return errors ?
Please verify if you did all required steps during adding 2008 DC into your existing network, reading an article on my blog for that

http://kpytko.wordpress.com/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/

and when you transferred PDC Emulator role to other DC, you need to advertise new time server in your forest. Please follow below steps

[...]- after transfer of the PDCEmulator role, configure the NEW PDCEmulator to an external timesource and reconfigure the old PDCEmulator to use the domainhierarchie now. Therefore run on the NEW "w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update" where PEERS will be filled with the ip address or server(time.windows.com) and on the OLD one run "w32tm /config /syncfromflags:domhier /reliable:no /update" and stop/start the time service on the old one. All commands run in an elevated command prompt without the quotes. [...]

it's an extract from MVP blog at
http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx

In case of any further question, do not hesitate to ask

Regards,
Krzysztof
1.did you authorize DHCP and DNS serivce on 2008 server.
2. did client is using 2008 dns entries.
and the most important thing the Global catalogue server.

try to run nslookup on client, dcdiag and event viewer of the DC.
please share the output, so that we can discuss this case.
Avatar of seapr

ASKER

I will try to respond to all questions at once.

1.Yes the new 2008 server is the Global catalogue.
2.DNS is intalled and properly setup as the pc's as the 2008 server as DNS server and they have access to the internet and local access.
3.  DCdiag is returning only errors about printers.  The rest is all ok.
4.DHCP and DNS are installed.  what do you meen by authorize?

I will go trought what you guys recommended and follow up.

Thanks and this input is really appreciated.
Avatar of seapr

ASKER

While doing the DCdiag on the 2003 machine I get those errors

Starting test: frsevent
   * The File Replication Service Event log test
   There are warning or error events within the last 2
   SYSVOL has been shared.  Failing SYSVOL replication
   Group Policy problems.
   An Error Event occured.  EventID: 0xC0003500
      Time Generated: 08/29/2012   15:40:55
      (Event String could not be retrieved)
   An Error Event occured.  EventID: 0xC0003502
      Time Generated: 08/29/2012   15:40:55
      (Event String could not be retrieved)
   An Error Event occured.  EventID: 0xC0003502
      Time Generated: 08/29/2012   15:40:55
      (Event String could not be retrieved)
   ......................... MCCS failed test frsevent


 Starting test: systemlog
    * The System Event log test
    An Error Event occured.  EventID: 0x40000004
       Time Generated: 08/29/2012   22:55:40
       Event String: The kerberos client received a
P_ERR_MODIFIED error from the server
r$.  The target name used was LDAP/MCCS.
indicates that the password used to encrypt
erberos service ticket is different than
on the target server. Commonly, this is due
entically named  machine accounts in the
t realm (CHAMPLAIN), and the client realm.
e contact your system administrator.
    An Error Event occured.  EventID: 0x00000457
       Time Generated: 08/29/2012   23:05:04
       (Event String could not be retrieved)
    An Error Event occured.  EventID: 0x00000457
       Time Generated: 08/29/2012   23:05:05
       (Event String could not be retrieved)
    An Error Event occured.  EventID: 0x00000457
       Time Generated: 08/29/2012   23:05:08
       (Event String could not be retrieved)
    An Error Event occured.  EventID: 0x00000457
       Time Generated: 08/29/2012   23:05:10
       (Event String could not be retrieved)
    An Error Event occured.  EventID: 0x00000457
       Time Generated: 08/29/2012   23:05:11
       (Event String could not be retrieved)
    ......................... MCCS failed test systemlog


I get this on the 2008 machine.  

 Starting test: FrsEvent
    * The File Replication Service Event log test
    There are warning or error events within the last 24 hours after the
    SYSVOL has been shared.  Failing SYSVOL replication problems may cause
    Group Policy problems.
    An Warning Event occurred.  EventID: 0x800034FE
       Time Generated: 08/29/2012   15:46:23
       Event String:
       File Replication Service is scanning the data in the system volume.
ter CCTSVR cannot become a domain controller until this process is complete
 system volume will then be shared as SYSVOL.

       To check for the SYSVOL share, at the command prompt, type:
       net share

       When File Replication Service completes the scanning process, the SY
share will appear.

       The initialization of the system volume can take some time. The time
ependent on the amount of data in the system volume.
    An Warning Event occurred.  EventID: 0x800034C4
       Time Generated: 08/29/2012   15:50:06
       Event String:
       The File Replication Service is having trouble enabling replication
MCCS.champlain to CCTSVR for c:\windows\sysvol\domain using the DNS name MC
amplain. FRS will keep retrying.
        Following are some of the reasons you would see this warning.

        [1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
        [2] FRS is not running on MCCS.champlain.
        [3] The topology information in the Active Directory Domain Service
 this replica has not yet replicated to all the Domain Controllers.

        This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
 has been established.
    An Warning Event occurred.  EventID: 0x800034C4
       Time Generated: 08/29/2012   15:58:05
       Event String:
       The File Replication Service is having trouble enabling replication
MCCS to CCTSVR for c:\windows\sysvol\domain using the DNS name MCCS.champla
RS will keep retrying.
        Following are some of the reasons you would see this warning.

        [1] FRS can not correctly resolve the DNS name MCCS.champlain from
computer.
        [2] FRS is not running on MCCS.champlain.
        [3] The topology information in the Active Directory Domain Service
 this replica has not yet replicated to all the Domain Controllers.

        This event log message will appear once per connection, After the p
m is fixed you will see another event log message indicating that the conne
 has been established.
Avatar of seapr

ASKER

Also I need to point out that this migration was done by somebody else and I was contacted to try to help.

Also I just saw that DNS server is not running on the 2003 machine.  Is this an issue?

Thanks
ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Please additionally provide output from

repadmin /showrepl /verbose /all >>c:\repadmin1.log
repadmin /replsummary >>c:\repadmin2.log

Open in new window


and attach this file for analyze here, please

Krzysztof