Link to home
Start Free TrialLog in
Avatar of pcservne
pcservneFlag for United States of America

asked on

Domain Controller DNS will not start

I setup a 2003 R2 server as a VM using VMWare player.  I want to use it as an additional domain controller.  First I ran adprep /forestprep (from 2003 R2 disc 2) on our 2003 (not R2) domain controller then I installed DNS and ran dcpromo on the VM server.  No errors during the setup, but lots of errors after.  I get event 4013 "The DNS server was unable to open the Active Directory" in DNS logs.  An occassional 16651 "The request for a new account-identifier pool failed. The operation   will be retried until the request succeeds. The error is
 "The requested FSMO operation failed. The current FSMO holder could not be contacted"".  13565 "File Replication Service is initializing the system volume with data from another domain controller. Computer DC cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL." - but SOLVOL share never appears.  Also 1586 "The Windows NT 4.0 or earlier replication checkpoint with the PDC emulator master was unsuccessful.", 1308  "The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed", 2089 "This directory partition has not been backed up since at least the following number of days." , and 1202 "Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done".

Obviously something is very screwed up.  I've demoted and removed & reinstalled DNS.  Something tells me error 1586 could be the main problem since its talks about NT 4.0, but no clue what to do about it.
Avatar of arnold
arnold
Flag of United States of America image

How is the VMs network setup? Is it NATed or is it bridged such that it gets an IP on the LAN where the other DC is?
So this is DC2?

Please post the names and IP of DC1 and DC2.

If all network things are OK then you may try by removing and DNS(Are you using a AD integrated DNS)
Avatar of pcservne

ASKER

The VM is bridged with a valid IP on the network.  I can ping the new DC from other computers on the LAN.  

Yes, this could be called DC2, but I named it DC and the first DC is called gidserver.  gidserver is 192.168.150.245 and DC is 192.168.150.103 - both statically assigned.  I was not the one who set up the first DC.  How do I tell is it is an AD integrated DNS?
SOLUTION
Avatar of sfossupport
sfossupport
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
What is your Subnet mask on those two servers? is it 255.255.255.0? or do you have a different subnet mask?
Ad Hoc naming and IPs. Hmmm...  Well I'll just rename them and assign sequential IPs and all will be well, correct?  Isn't that why you brought it up?  And since the original DC is 2003 and the new one is 2003 R2 I assume those links for 2003 might just be applicable.

I would assume the first DC has the FSMO roles.  Again, since I wasn't the one who setup the first DC I will have to verify that.  I believe this server was originally part of a larger network, so it is possible it was a secondary DC on that network.  Everything points its DNS server to the existing DC - 192.168.150.245, except the new DC which I put .245 first and its IP, .103, in second.

The subnet is 255.255.255.0.

Thanks
Did you run adprep /forest /domain from disk2 on R2 prior to trying dcpromo?

Use dcdiag/netdiag to explore what might be going on.  Double check the DNS server properties to make sure you have not configured it to listen on a specific IP that is currently not n the system,
I ran adprep /forestprem from R2 disc 2 before running dcpromo on the other machine.