Solved

W2008 AD Upgrade Problem

Posted on 2014-03-02
7
273 Views
Last Modified: 2014-05-02
I am looking to upgrade AD from W2008 SBS to W2012.
There are are 2 AD controllers - SBS2008 plus W2008 R2 at another site, permanently connected by a VPN.
I have run the command Dcdiag /v /c /d /e /s:DCName.
Part of the output says (note I have removed direct server and domain name references):

"      Starting test: VerifyEnterpriseReferences
       The following problems were found while verifying various important DN
       references.  Note, that  these problems can be reported because of
       latency in replication.  So follow up to resolve the following
       problems, only if the same problem is reported on all DCs for a given
       domain or if  the problem persists after replication has had
       reasonable time to replicate changes.
       [1] Problem: Missing Expected Value
            Base Object:
            CN="servername",OU=Domain Controllers,DC="domain name",DC=local
            Base Object Description: "DC Account Object"
            Value Object Attribute Name: msDFSR-ComputerReferenceBL
            Value Object Description: "SYSVOL FRS Member Object"
            Recommended Action: See Knowledge Base Article: Q312862
"
Now I believe this refers to missing FRS Objects and FRS attributes and I need the file "Topchk.cmd" to parse the output of "NtrfsUtl ds" command. It just isn't clear to me where I get "Topchk.cmd" from and why its access appears to be restricted?

Thanks for any help
0
Comment
Question by:ajmcqueen
  • 4
  • 2
7 Comments
 
LVL 36

Assisted Solution

by:Mahesh
Mahesh earned 167 total points
ID: 39898870
You don't need to find "Topchk.cmd" mentioned in KB article in question

Just go to adsiedit and go to domain.com\system\File replication services\domain System volume and check server properties and all related attributes are correct
For Ex:ServerReference
You need to find out missing \ invalid attributes mentioned in KB article and need to correct them according to steps provided in KB article

Mahesh
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 333 total points
ID: 39898881
While I think its a good idea to run the DCDIAG and diagnose whatever problems it comes up with, I've found that adding a Server 2012 DC to an existing domain is sometimes easier to do from the Server 2012 itself as the checks it does on the network provide fairly good feedback.

http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx

Once it gets added you can move the FSMO roles over to it and then be sure to fully uninstall Exchange from your SBS before demoting it so you don't leave any remnant Exchange objects in AD.

Jeff
0
 

Author Comment

by:ajmcqueen
ID: 39898926
Jeff

Actually, I have to migrate Exchange over to the 2012 Server - to Exchange 2013.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39898997
I don't suggest that you run Exchange 2013 on a DC.  While this is not "unsupported" it's definitely not recommended.  Exchange on an SBS was a different story because of the way the wizards configured multiple services at the same time in order to ensure things would run well and be secure.

Since you will have virtualization rights with the Server 2012, you can install a Hyper-V host and then two separate Server 2012's -- one being the DC and the other for Exchange.  Of course, be sure you have a server with enough resources to do this.

Follow this checklist to do the Exchange Migration:
http://technet.microsoft.com/en-us/library/ff805032(v=exchg.150).aspx

And still -- be sure to fully uninstall Exchange 2010 from your SBS before demoting it.  Otherwise you'll leave some nasty legacy stuff in your AD.

Jeff
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39898999
0
 

Author Comment

by:ajmcqueen
ID: 39899129
OK. I was aware of the issue of not running Exchange on a DC. The plan is to put a copy of W2012 on the SBS server hardware to run as a DC. Obviously I will need a 3rd server as a temporary stand-in to run as a DC until the SBS has been wiped.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 333 total points
ID: 39899526
That is just another reason that doing it virtually is the way to go.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question