CRL ltd
asked on
Issues joining domain
I had an issue with a PC losing the trust relationship earlier, therefore I had to remove it from the domain and re-add it. At the same time, a colleague was decommissioning an SBS 2011 server as it had been migrated over to Server 2012. However I was unable to join the domain and kept getting an EM saying the DC could not be contacted.
I tried adding the DNS of the server to the NIC, using domainname.local etc and nothing worked. I powered the old SBS server back on and I was able to join the domain. What I need to know is why the old SBS server is still needed to join the domain, I am looking down the DNS route, possible a rogue srv or ptr record but I'm unsure where to start.
I tried adding the DNS of the server to the NIC, using domainname.local etc and nothing worked. I powered the old SBS server back on and I was able to join the domain. What I need to know is why the old SBS server is still needed to join the domain, I am looking down the DNS route, possible a rogue srv or ptr record but I'm unsure where to start.
I have the same issue!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here in lies the issue. The person who performed this installation no longer works for us! We believed that all FSMO roles had been transferred.
I've just run netdom query fsmo and the Domain naming master and PDC roles are still showing as the SBS server, the schema master, RID pool manager and infrastructure manager are listed as the new DC!
Netdom query DC shows both the old SBS and the new DC
I've just run netdom query fsmo and the Domain naming master and PDC roles are still showing as the SBS server, the schema master, RID pool manager and infrastructure manager are listed as the new DC!
Netdom query DC shows both the old SBS and the new DC
So, he didn't decommissioned the SBS. Obviously your SBS is the current DC and client will authenticate to that. Good that you haven't crossed the tombstone period. Otherwise you should have encountered a major disaster on your network.
ASKER
Radhakrishnan R What is the best way to go about getting these roles transferred with the minimum of disruption to any of the users that are connected?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would agree with Radhakrishnan R, it does sound like the roles haven't been transferred and that the SBS hasn't been demoted.
Run the following command on your new 2012 Server (As administrator):
DCdiag /test:Knowsofroleholders /v
This will show you what holds the roles currently.
BTW, if the SBS hasn't been dcpromo'd then the job is definitely not finished. Check the roles, transfer the roles and the demote the SBS.
Run the following command on your new 2012 Server (As administrator):
DCdiag /test:Knowsofroleholders /v
This will show you what holds the roles currently.
BTW, if the SBS hasn't been dcpromo'd then the job is definitely not finished. Check the roles, transfer the roles and the demote the SBS.
ASKER
Further to this, it now appears I can't install some applications as a app data ban policy is in place under the computer configuration and it can't be disabled. Tried logging on as local and domain administrator and the group policy is still active. Removed the group policy from the OU but a gpupdate /force does not update the computer configuration. It errors with a DNS issue! Also set static DNS on the NIC to the new server.
Any ideas (other than getting the FSMO roles migrated over asap)?
Any ideas (other than getting the FSMO roles migrated over asap)?
Hi,
I would say rather than looking for installing apps, look at the fsmo transfer as it is the priority one.
It's up to you whether to follow or not.. I don't have any other comments.
I would say rather than looking for installing apps, look at the fsmo transfer as it is the priority one.
It's up to you whether to follow or not.. I don't have any other comments.