[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Migrating from SBS 2003 to SBS 2011 Essentials issue

Posted on 2012-09-18
12
Medium Priority
?
694 Views
Last Modified: 2012-10-05
Hi, I am migrating from SBS 2003 to SBS 2011 Essentials, and I'm following the microsoft guide to do so.  Everything has gone fine up until now.  I am at the step to transfer the Operations master role to the new server.  The first step is to run NETDOM QUERY FSMO from an elevated command prompt.  I get "The RPC server is unavailable"  The new server has it's own IP address as the DNS server.
0
Comment
Question by:Sean Rhudy
  • 7
  • 5
12 Comments
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 38412409
Which guide are you following?!? During a normal migration, the new server would have the old server as a DNS server for discoverability and domain join purposes.
0
 

Author Comment

by:Sean Rhudy
ID: 38413522
www.microsoft.com/en-us/download/details.aspx?id=3231

Here's the guide, I tried both ways.
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 38415057
It sounds as though some steps got skipped. If you are following that guide, the server would have had the source server set up as the DNS server (this is done on page 19, which occurs *BEFORE* the transfer FSMO step.)

If you did not have the DNS setting set up properly when you joined the domain (page 19/20) then AD would not have been able to properly synchronize and transferring the FSMO roles relies on AD being healthy.

At this point, I'd backtrack. Uninstall the CA. Demote the SBS Essentials server. Unjoin the server from the domain.

Then clean up any and all references to the destination server on the source server. Run the SBS BPA, run dcdiag, make sure all is well on the source server.

Once the source server is healthy again and AD is happy, you can pick up where you left off. Change the DNS setting. dcpromo (which joins the domain in the process), install the CA, and then transfer the FSMO roles. Alternatively, since your source server is healthy, You can simply restart the migration from the beginning including re-installing the OS...but that isn't absolutely necessary, just an option.

Either way, right now I wouldn't trust the health of your AD infrastructure. There are likely replication issues/errors, and since you are early enough in the process, it'd be easier to walk it back than it would to try and clean it up.

-Cliff
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Sean Rhudy
ID: 38415998
Is there a way to check the AD health before I do all of that?
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 38416020
Dcdiag is a start.
0
 

Author Comment

by:Sean Rhudy
ID: 38416146
Rolled back using exact steps above, and refollowed exact steps in the guide...still the same error.
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 38416170
Did you clean up, check the health of the server via the BPA, and repair any and all issues that came up as I explained above?
0
 

Author Comment

by:Sean Rhudy
ID: 38416190
Yes I did, no issues came up.
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 38416193
Please run a dcdiag on the destination server and post the output.
0
 

Author Comment

by:Sean Rhudy
ID: 38416201
Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   * Verifying that the local machine FHServ, is a Directory Server.   Home Server = FHServ

   * Connecting to directory service on server FHServ.

   * Identified AD Forest.
   Collecting AD specific global data
   * Collecting site info.

   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=smallbusiness,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
   The previous call succeeded
   Iterating through the sites
   Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=smallbusiness,DC=local
   Getting ISTG and options for the site
   * Identifying all servers.

   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=smallbusiness,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
   The previous call succeeded....
   The previous call succeeded
   Iterating through the list of servers
   Getting information for the server CN=NTDS Settings,CN=SERVER-FULLHOUS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=smallbusiness,DC=local
   objectGuid obtained
   InvocationID obtained
   dnsHostname obtained
   site info obtained
   All the info for the server collected
   Getting information for the server CN=NTDS Settings,CN=FHSERV,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=smallbusiness,DC=local
   objectGuid obtained
   InvocationID obtained
   dnsHostname obtained
   site info obtained
   All the info for the server collected
   * Identifying all NC cross-refs.

   * Found 2 DC(s). Testing 2 of them.

   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\SERVER-FULLHOUS

      Starting test: Connectivity

         * Active Directory LDAP Services Check
         Determining IP4 connectivity
         * Active Directory RPC Services Check
         [SERVER-FULLHOUS] DsBindWithSpnEx() failed with error 1722,

         The RPC server is unavailable..
         Printing RPC Extended Error Info:

         Error Record 1, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:38:123

            Generating component is 2 (RPC runtime)
           
            Status is 1722 The RPC server is unavailable.

           
            Detection location is 501

            NumberOfParameters is 4

            Unicode string: ncacn_ip_tcp

            Unicode string:

            04410eb0-3111-40d3-8b5d-8bc2995869c8._msdcs.smallbusiness.local

            Long val: -481213899

            Long val: 1722

         Error Record 2, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:38:123

            Generating component is 18 (unknown)
           
            Status is 1722 The RPC server is unavailable.

           
            Detection location is 313

         Error Record 3, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:38:123

            Generating component is 18 (unknown)
           
            Status is 10061

            No connection could be made because the target machine actively refused it.

           
            Detection location is 311

            NumberOfParameters is 3

            Long val: 135

            Pointer val: 0

            Pointer val: 0

         Error Record 4, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:38:123

            Generating component is 18 (unknown)
           
            Status is 10061

            No connection could be made because the target machine actively refused it.

           
            Detection location is 318

         Error Record 5, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:37:93

            Generating component is 18 (unknown)
           
            Status is 1237

            The operation could not be completed. A retry should be performed.

           
            Detection location is 313

         Error Record 6, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:37:93

            Generating component is 18 (unknown)
           
            Status is 10060

            A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

           
            Detection location is 311

            NumberOfParameters is 3

            Long val: 135

            Pointer val: 0

            Pointer val: 0

         Error Record 7, ProcessID is 8240
          (DcDiag)
         
            System Time is: 9/20/2012 1:37:37:93

            Generating component is 18 (unknown)
           
            Status is 10060

            A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

           
            Detection location is 318

         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... SERVER-FULLHOUS failed test Connectivity

   
   Testing server: Default-First-Site-Name\FHSERV

      Starting test: Connectivity

         * Active Directory LDAP Services Check
         Determining IP4 connectivity
         * Active Directory RPC Services Check
         ......................... FHSERV passed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\SERVER-FULLHOUS

      Test omitted by user request: Advertising

      Test omitted by user request: CheckSecurityError

      Test omitted by user request: CutoffServers

      Test omitted by user request: FrsEvent

      Test omitted by user request: DFSREvent

      Test omitted by user request: SysVolCheck

      Test omitted by user request: KccEvent

      Test omitted by user request: KnowsOfRoleHolders

      Test omitted by user request: MachineAccount

      Test omitted by user request: NCSecDesc

      Test omitted by user request: NetLogons

      Test omitted by user request: ObjectsReplicated

      Test omitted by user request: OutboundSecureChannels

      Test omitted by user request: Replications

      Test omitted by user request: RidManager

      Test omitted by user request: Services

      Test omitted by user request: SystemLog

      Test omitted by user request: Topology

      Test omitted by user request: VerifyEnterpriseReferences

      Test omitted by user request: VerifyReferences

      Test omitted by user request: VerifyReplicas

   
   Testing server: Default-First-Site-Name\FHSERV

      Test omitted by user request: Advertising

      Test omitted by user request: CheckSecurityError

      Test omitted by user request: CutoffServers

      Test omitted by user request: FrsEvent

      Test omitted by user request: DFSREvent

      Test omitted by user request: SysVolCheck

      Test omitted by user request: KccEvent

      Test omitted by user request: KnowsOfRoleHolders

      Test omitted by user request: MachineAccount

      Test omitted by user request: NCSecDesc

      Test omitted by user request: NetLogons

      Test omitted by user request: ObjectsReplicated

      Test omitted by user request: OutboundSecureChannels

      Test omitted by user request: Replications

      Test omitted by user request: RidManager

      Test omitted by user request: Services

      Test omitted by user request: SystemLog

      Test omitted by user request: Topology

      Test omitted by user request: VerifyEnterpriseReferences

      Test omitted by user request: VerifyReferences

      Test omitted by user request: VerifyReplicas

   
      Starting test: DNS

         

         DNS Tests are running and not hung. Please wait a few minutes...

           
               Starting test: DNS

                  See DNS test in enterprise tests section for results
                  ......................... SERVER-FULLHOUS failed test DNS

         See DNS test in enterprise tests section for results
         ......................... FHSERV passed test DNS

   
   Running partition tests on : ForestDnsZones

      Test omitted by user request: CheckSDRefDom

      Test omitted by user request: CrossRefValidation

   
   Running partition tests on : DomainDnsZones

      Test omitted by user request: CheckSDRefDom

      Test omitted by user request: CrossRefValidation

   
   Running partition tests on : Schema

      Test omitted by user request: CheckSDRefDom

      Test omitted by user request: CrossRefValidation

   
   Running partition tests on : Configuration

      Test omitted by user request: CheckSDRefDom

      Test omitted by user request: CrossRefValidation

   
   Running partition tests on : smallbusiness

      Test omitted by user request: CheckSDRefDom

      Test omitted by user request: CrossRefValidation

   
   Running enterprise tests on : smallbusiness.local

      Starting test: DNS

         Test results for domain controllers:

           
            DC: FHServ.smallbusiness.local

            Domain: smallbusiness.local

           

                 
               TEST: Authentication (Auth)
                  Authentication test: Successfully completed
                 
               TEST: Basic (Basc)
                  The OS

                  Microsoft Windows Small Business Server 2011 Essentials  (Service Pack level: 1.0)

                  is supported.

                  NETLOGON service is running

                  kdc service is running

                  DNSCACHE service is running

                  DNS service is running

                  DC is a DNS server

                  Network adapters information:

                  Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet:

                     MAC address is D4:AE:52:BE:02:96
                     IP Address is static
                     IP address: 10.0.0.6, fe80::ccf4:5025:505f:ec69
                     DNS servers:

                        10.0.0.5 (SERVER-FULLHOUS) [Valid]
                        127.0.0.1 (FHSERV) [Valid]
                  The A host record(s) for this DC was found
                  The SOA record for the Active Directory zone was found
                  The Active Directory zone on this DC/DNS server was found primary
                  Root zone on this DC/DNS server was not found
                 
               TEST: Forwarders/Root hints (Forw)
                  Recursion is enabled
                  Forwarders Information:
                     10.0.0.1 (<name unavailable>) [Valid]
                     69.85.1.12 (<name unavailable>) [Valid]
                     69.85.1.13 (<name unavailable>) [Valid]
                     71.242.0.12 (<name unavailable>) [Invalid (unreachable)]
                     71.252.0.12 (<name unavailable>) [Invalid (unreachable)]
                 
               TEST: Delegations (Del)
                  No delegations were found in this zone on this DNS server
                 
               TEST: Dynamic update (Dyn)
                  Test record dcdiag-test-record added successfully in zone smallbusiness.local
                  Test record dcdiag-test-record deleted successfully in zone smallbusiness.local
                 
               TEST: Records registration (RReg)
                  Network Adapter

                  [00000007] Broadcom NetXtreme Gigabit Ethernet:

                     Matching CNAME record found at DNS server 10.0.0.5:
                     521cfc28-b70d-4026-afb8-12edcda1dd89._msdcs.smallbusiness.local

                     Matching A record found at DNS server 10.0.0.5:
                     FHServ.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.3ea83284-ebf6-4cbe-b5e4-f816d5215969.domains._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kerberos._tcp.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kerberos._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kerberos._udp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kpasswd._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _kerberos._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.gc._msdcs.smallbusiness.local

                     Matching A record found at DNS server 10.0.0.5:
                     gc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _gc._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.5:
                     _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.smallbusiness.local

                     Matching CNAME record found at DNS server 10.0.0.6:
                     521cfc28-b70d-4026-afb8-12edcda1dd89._msdcs.smallbusiness.local

                     Matching A record found at DNS server 10.0.0.6:
                     FHServ.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.3ea83284-ebf6-4cbe-b5e4-f816d5215969.domains._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kerberos._tcp.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kerberos._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kerberos._udp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kpasswd._tcp.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _kerberos._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.gc._msdcs.smallbusiness.local

                     Matching A record found at DNS server 10.0.0.6:
                     gc._msdcs.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _gc._tcp.Default-First-Site-Name._sites.smallbusiness.local

                     Matching  SRV record found at DNS server 10.0.0.6:
                     _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.smallbusiness.local

         
           
            DC: server-fullhous.smallbusiness.local

            Domain: smallbusiness.local

           

                 
               TEST: Authentication (Auth)
                  Authentication test: Successfully completed
                 
               TEST: Basic (Basc)
                  Error: No DS RPC connectivity
                  Error: No WMI connectivity
                  [Error details: 0x800706ba (Type: HRESULT - Facility: Win32, Description: The RPC server is unavailable.) - Connection to WMI server failed]
                  No host records (A or AAAA) were found for this DC

         
         Summary of test results for DNS servers used by the above domain

         controllers:

         

            DNS server: 71.242.0.12 (<name unavailable>)

               1 test failure on this DNS server

               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 71.242.0.12               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
               
            DNS server: 71.252.0.12 (<name unavailable>)

               1 test failure on this DNS server

               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 71.252.0.12               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
               
            DNS server: 10.0.0.1 (<name unavailable>)

               All tests passed on this DNS server

               
            DNS server: 10.0.0.5 (SERVER-FULLHOUS)

               All tests passed on this DNS server

               Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
               
            DNS server: 10.0.0.6 (FHSERV)

               All tests passed on this DNS server

               Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
               
            DNS server: 69.85.1.12 (<name unavailable>)

               All tests passed on this DNS server

               
            DNS server: 69.85.1.13 (<name unavailable>)

               All tests passed on this DNS server

               
         Summary of DNS test results:

         
                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: smallbusiness.local

               FHServ                       PASS PASS PASS PASS PASS PASS n/a  
               server-fullhous              PASS FAIL n/a  n/a  n/a  n/a  n/a  
         
         ......................... smallbusiness.local failed test DNS

      Test omitted by user request: LocatorCheck

      Test omitted by user request: Intersite
0
 

Accepted Solution

by:
Sean Rhudy earned 0 total points
ID: 38416219
I fixed it...the source server had multiple IP addresses assigned to the network adapter.
0
 

Author Closing Comment

by:Sean Rhudy
ID: 38466347
Multiple IP addresses on adapter
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Screencast - Getting to Know the Pipeline
Suggested Courses
Course of the Month19 days, 18 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question