Solved

SBS 2003 migration to SBS 2011 - DCDIAG fails MachineAccount test

Posted on 2013-05-17

2 solutions

717 Views

Last Modified: 2016-11-23

Hi,

I have an old SBS2003 SP2 server, set as DC; in the process of upgrading to a new SBS2011 machine (running under XenServer on a Dell T620). In doing my prep work, I ran DCDIAG on the old server (named CORP01) and got the following:

 Starting test: MachineAccount
    * The current DC is not in the domain controller's OU
    ......................... CORP01 failed test MachineAccount

Open in new window

I checked, and yes, the top-level "Domain Controllers" list is empty. CORP01 shows up in /My Business/Computers/Production Servers, and is a member of the Domain Controllers group.
Microsoft has a hotfix that supposedly fixes this issue, but when I run the hotfix on the server it says that "the Service Pack version of this system is newer than the update you are applying. There is no need to install this update."

How can I resolve this issue? Any tips?

Comment

Question by:JessCat_606

[X]

Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

Help others & share knowledge
Earn cash & points
Learn & ask questions

Join The Community

6 Comments

LVL 22

Accepted Solution

by:Larry Struckmeyer MVP

Larry Struckmeyer MVP earned 250 total points

ID: 391770762013-05-18

SBS 2003 server should be in the Domain Controllers OU. Someone moved it or it is just misplaced. Any reason why you cannot move it to the DC OU? Right Click - Move or drag and drop.

LVL 20

Assisted Solution

by:compdigit44

compdigit44 earned 250 total points

ID: 391817672013-05-20

By default all DC's are placed in the Domain Controllers OU and process which the Default Domain Controllers GP is applied to. Microsoft DOES NOT support moving a DC out of the Default Domain Controller's OU. As fl_flyfishing has mentioned it sounds like someone moved the DC..

I would suggest moving the DC to the Default Domain Controller's OU then rebooting the DC...

Author Comment

by:JessCat_606

ID: 391821272013-05-20

Thanks fl_flyfishing, compdigit44, that's helpful. I'm just unsure, will moving the DC cause any issues with group policies or other stuff?

LVL 22

Expert Comment

by:Larry Struckmeyer MVP

ID: 391821532013-05-20

no issues.... just move it.

LVL 20

Expert Comment

by:compdigit44

ID: 391821802013-05-20

Agreed, move the DC then reboot just to be safe.. ;-)

Author Comment

by:JessCat_606

ID: 391832622013-05-20

Excellent, I moved it and rebooted; no issues. Thanks for the assist!

Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows File Server - Folder ownership problems and resolution

Article by: Mahesh

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…

Webinar: Secure Your Active Directory

Article by: Experts Exchange

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…

Webinar: Are Unknown Privileged Accounts Putting You At Risk?

Video by: Experts Exchange

Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

Secure Your Active Directory [VIDEO]

Video by: Experts Exchange

Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…