0

Firstly, I think this is probably quite similar to this: New Primary Domain Controller won't start Active Directory unless Old DC is booted

But, the circumstances, and symptoms are slightly different.

I added a Windows Server 2012 server into an existing domain as a domain controller and transferred all roles as per these articles:

http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx

http://blogs.technet.com/b/canitpro/archive/2014/04/02/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx

The original DC server is Windows Server 2008 SBS The new server is Windows Server 2012

I have done everything but the last step on the second article:

"All that's left is to demote the old 2003 Windows server by first adding the new 2012 R2 Windows Server as the Primary DNS, followed by running DCPROMO to demote the old 2003 Windows server. Be sure to also visit Microsoft Virtual Academy created to further enable IT professionals in regards task such as migrating to Windows Server 2012 R2.")

I am concerned about doing this last step because of the following issue/s I am experiencing:

Active directory seems to be working fine on both servers in a basic sense (if I add/amend a user on either server, I can see the change on the other).

However, if I turn off the original server (the 2008 server), and go to e.g. "Active Directory Users and Computers" on the new server, I get the error

"naming information cannot be located the specified domain either does not exist or could not be contacted"

With both servers turned on, I am seeing the following issues which may or may not be relevant to the problem. I've tried to include as much information from as many avenues as I've been down trying to pin down the reason for this.

When loading "Active Directory Administrative Center" on new server:

Cannot connect to any domain. Refresh or try again when connection is available

When trying to replicate the domain manually (Active Directory Sites and Services, expand to server, NTDS SEttings, right click and replicate from the selected DC)

The following error occurred.... the target principle name is incorrect

Running AD Replication status tool on the new server,

error 1908 - could not find domain controller for this domain

and

-2146893022 - the target principle name is incorrect

and

1256: The remote system is not available.

running repadmin /showreps or /showrepl on the new server - all OK. Doing the same on the old server shows failures

DCDiag on the new server shows the following errors amongst successful tests:

Running enterprise tests on : halsalls.local Starting test: LocatorCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355 A Global Catalog Server could not be located - All GC's are down. ......................... halsalls.local failed test LocatorCheck Starting test: Intersite ......................... halsalls.local passed test Intersite

Starting test: NetLogons Unable to connect to the NETLOGON share! (\SERVER1\netlogon) [SERVER1] An net use or LsaPolicy operation failed with error 67, The network name cannot be found.. ......................... SERVER1 failed test NetLogons Starting test: ObjectsReplicated

Starting test: Advertising Warning: DsGetDcName returned information for \NTSERVER1.halsalls.local, when we were trying to reach SERVER1. SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE. ......................... SERVER1 failed test Advertising Starting test: FrsEvent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... SERVER1 passed test FrsEvent

DNS - I have both servers set to use the new server as it's only DNS server.

Both have DNS services running - and here is where I get a bit lost, but as far as I can tell at least, the IPs for the relevant domain controllers / domains are correct.

I've probably come across a ton of other error messages in my various attempts to find the actual problem, so if I can give any more information, or answer any questions I will. I want to be able to take this server off the network and decommission it, but I am obviously nervous to do so with the above problems!

Any help much appreciated!!

Community
  • 1
Mayb2Moro
  • 61
  • 1
  • 3
  • Lots of text - is the new DC a global catalog? If not - there is your issue. – TomTom Feb 10 '16 at 19:02
  • Sorry, just wanted to give as much info as possible. New dc is a global catalog. Old one is not anymore. – Mayb2Moro Feb 11 '16 at 07:35
  • Your problem is a DNS problem. DNS isn't working (or isn't working properly) on the new server, and that's why you have problems contacting the domain for anything when you turn the old, working, domain controller/DNS server off. – HopelessN00b Feb 11 '16 at 14:54
  • Thanks - any pointers on what to check? The server is able to lookup the old server by name no problem. In the various folders in the DNS tree for the domain, there are references to both new and old server. I don't really know where to start here :( – Mayb2Moro Feb 12 '16 at 11:55
  • I ran dcdiag /test:DNS ... And the only complaint it seems to throw up is a dislike to a secondary DNS server I have added on the adapter of the new server which points to Google's DNS servers. I ran the test against both servers – Mayb2Moro Feb 12 '16 at 12:03

0 Answers0