?
Solved

Migrating from Server 2003 SBS to Server 2012 Standard

Posted on 2014-04-11
9
Medium Priority
?
757 Views
Last Modified: 2014-04-22
I am trying to finish a migration from 2003 SBS to 2012 standard. I have added the 2012 server to the domain, and promoted it as a domain controller. We have all the data moved and it seems as those AD has replicated as all that data is viewable on the 2012 server now.  Now I am trying to change the FSMO roles and I get an error:  The current Domain Controller is the operations master. To Transfer the operations master role to another computer, you must first connect to it.
I am trying to do this FROM the 2012 server, I go into the operations master and click the Change button under the RID and that is the error I get.  It is showing the OLD server as the current operations master.  I have read a few other posts about upgrading the schema etc... but when I check the schema level on the 2003 server it is saying the object version is 56, which refers to a 2012 server.
What am I missing here???
Thanks
0
Comment
Question by:invisimax
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39995091
This is usually a DNS issue. Make sure you have DNS properly configured on the NIC and that it is *only* pointing to your DCs. Also, look for replication errors in your event logs. Even if objects are viewable in 2012, that doesn't mean replication has completed and that the machine is advertising itself as an eligible DC. Event logs will almost always indicate the replication status (successes and failures.)
0
 

Author Comment

by:invisimax
ID: 39995135
I found that there was an additional DNS in there pointing to 8.8.8.8. I have removed that and I still get the same error.  I looked through the event logs and found a DFS error, and that seems to be resovled after removing the DNS address. not seeing any other errors related to replication status.  
I am still getting the same error. Any other thoughts.  Thanks
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39995148
are you able to view event id 1394 in directory service event logs on 2012 DC, also check 13516 in File replication logs

Also check if you are able to view netlogon and Sysvol shares on 2012 DC by running net share command

Also run netdom query fsmo on 2012 DC and check where existing FSMO roles are residing ?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39995149
Reboot both servers, then practice patience. A DNS issue can definitely break replication, and AD does replicate with DFS, so DFS errors *are* replication errors. It can take a bit for both servers to agree they are staying in sync and for the new server to properly advertise.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39995161
I don't think AD is replicating with DFS at this point of time

1st there is SBS 2003 server which prevent AD from replicating Sysvol with DFS

Sysvol must be replicating with FRS

However DFS services are running on DC
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39995778
First you need to verify the health of dc, run dcdiag/q and repadmin /replsum on both DCs and post the result if error is reported.

Set DNS on DC as below.
Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

You can also try powershell command on Win2012 DC to move FSMO role. Open powershell(run as administrator) and execute below command.

Move-ADDirectoryServerOperationMasterRole -Identity "DC01" -OperationMasterRole 0,1,2,3,4

Reference link: http://www.archy.net/windows-server-2012-migrating-fsmo-roles/

Ensure that you are using enterprise, schema and domain admin rights user id.
0
 

Author Comment

by:invisimax
ID: 39999097
I ran the dcdiag/q and the only fail I get is
IsmServ Service is stopped on [Server] ...................................Failed test services

No Errors on the repadmin /replsum on either server

The netdom query fsmo shows the old server holding all the roles still.

I have only tried to move the roles via the normal way going through administrative tools and click on master roles and clicking change. I have not tried the powershell or forcing yet as I don't want it to break anything else.

Any ideas if I need to run the schema upgrade on the old server first? or can I just seize the roles?  
Thanks
0
 

Accepted Solution

by:
invisimax earned 0 total points
ID: 40006467
I contacted Microsoft to dig into the issue. The tech found the Sysvol folder had not replicated. He made some changes to the registry and few other files and it is now fixed.
0
 

Author Closing Comment

by:invisimax
ID: 40014362
Microsoft Resolved
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question