Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS 2003 migration to SBS 2011 - DCDIAG fails MachineAccount test

Posted on 2013-05-17
6
Medium Priority
?
721 Views
Last Modified: 2016-11-23
Hi,

I have an old SBS2003 SP2 server, set as DC; in the process of upgrading to a new SBS2011 machine (running under XenServer on a Dell T620).  In doing my prep work, I ran DCDIAG on the old server (named CORP01) and got the following:
 Starting test: MachineAccount
    * The current DC is not in the domain controller's OU
    ......................... CORP01 failed test MachineAccount

Open in new window


I checked, and yes, the top-level "Domain Controllers" list is empty.  CORP01 shows up in /My Business/Computers/Production Servers, and is a member of the Domain Controllers group.
Microsoft has a hotfix that supposedly fixes this issue, but when I run the hotfix on the server it says that "the Service Pack version of this system is newer than the update you are applying.  There is no need to install this update."

How can I resolve this issue?  Any tips?
0
Comment
Question by:JessCat_606
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 22

Accepted Solution

by:
Larry Struckmeyer MVP earned 1000 total points
ID: 39177076
SBS 2003 server should be in the Domain Controllers OU.  Someone moved it or it is just misplaced.  Any reason why you cannot move it to the DC OU?  Right Click - Move or drag and drop.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 1000 total points
ID: 39181767
By default all DC's are placed in the Domain Controllers OU and process which the Default Domain Controllers GP is applied to. Microsoft DOES NOT support moving a DC out of the Default Domain Controller's OU. As fl_flyfishing has mentioned it sounds like someone moved the DC..

I would suggest moving the DC to the Default Domain Controller's OU then rebooting the DC...
0
 

Author Comment

by:JessCat_606
ID: 39182127
Thanks fl_flyfishing,  compdigit44, that's helpful.  I'm just unsure, will moving the DC cause any issues with group policies or other stuff?
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 39182153
no issues.... just move it.
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 39182180
Agreed, move the DC then reboot just to be safe.. ;-)
0
 

Author Comment

by:JessCat_606
ID: 39183262
Excellent, I moved it and rebooted; no issues.  Thanks for the assist!
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question