| Author |
Message |
Kizetoni
Guest
|
 Posted:
Fri Nov 11, 2005 1:50 pm Post subject:
upgraded 2003 domain- problems demoting a DC |
|
|
Hi All!
I am about to demote a DC to member server in a 2003 domain, but the dcpromo
stops with the following error:
"Active Directory could not transfer the remaining data in directory
partition CN= .... to domain controller server3.ourdomain.local
The directory service was unable to transfer ownership of one or more
floating single-master operation roles to other servers"
But let's start from the beginning.
I am about to upgrade an NT domain to 2003 domain. For that purpose I have 3
servers:
1. server1 - the original NT PDC
2. server2 - the temporary NT/2003 BDC/PDC/DC
3. server3 - the new 2003 DC
The start situation was:
server1 - NT 40sp6 server being PDC for the NT domain "ourdomain"
server2 - NT40sp6 server being BDC
server3 - 2003std server being member server
I did following:
- installed WINS on server3
- changed all servers and workstations' network-settings so DNS and WINS
server is primarily server3 (and secondary are ISP's DNS servers)
- promoted server 2 to PDC (server 1 was automatically BDC)
- upgraded server2 from NT to 2003 server with following settings
- domain in a new forest
- full DNS name: ourdomain.local
- functional level of the new forest: Windows Server 2003 interim
- DNS Registration Diagnostics: "install and configure DNS server
on this computer..."
- Permissions: "Permissions compatible only with w2000 or
w2003..."
- this proces had several errors (mostly related to lsass.exe) but after 2
restart it went throught without problems the 3rd time.
- that made server2 as first AD server
- I added server2's IP address on DNS server list in server3
- then I promoted server3 to DC with following settings:
- additional domain controller for existing domain
- full DNS name: ourdomain.local
- after that server3 was also a DC
- I promoted the new 2003 server PDC to Global Catalog server (Sites -
Servers - NTDS settings - properties)
- I installed DNS server on server3, with following settings:
- small network
- zone: ourzone.ourdomain.local
- only secure dynamic updates
- with forwarding to the server2, and ISP's DNS servers
- at the end of installation, I got an error message, but after clicking on
"OK" I also got the message about everything was all right; after I
restarted the server, the DNS server was functioning
- now I am trying to demote server2, and I cannot do it, could it be a
connection problem, or what? Am I missing something, or did I do some steps
wrong?
All this is happening under VMware (the machines are virtual) since I want
to test the ting before doing it on the live system.
Thanx in advance!
Regards,
Zoran |
|
| Back to top |
|
 |
Kizetoni
Guest
|
| Posted:
Fri Nov 11, 2005 1:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hello again,
here is the whole error message on the server2:
The operation failed because:
Active Directory could not transfer the remaining data in directory
partition CN=Schema,CN=Configuration,DC=ourdomain,DC=local to domain
controller server3.ourdomain.local.
"The directory service was unable to transfer ownership of one or more
floating single-master operation roles to other servers."
On the server3 I get the following in Event Viewer:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Internal Configuration
Event ID: 1837
Date: 11-11-2005
Time: 11:47:27
User: OURDOMAIN\SERVER2$
Computer: SERVER3
Description:
An attempt to transfer the operations master role represented by the
following object failed.
Object:
CN=Partitions,CN=Configuration,DC=vmmotto,DC=local
Current operations master role:
CN=NTDS
Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config
uration,DC=ourdomain,DC=local
Proposed operations master role:
CN=NTDS
Settings,CN=SERVER3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config
uration,DC=ourdomain,DC=local
Additional Data
Error value: 3
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp. |
|
| Back to top |
|
|
Miha Pihler [MVP]
Guest
|
| Posted:
Fri Nov 11, 2005 1:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hi,
Does this server hold any FSMO roles? Did you move FSMO roles to another
server?
How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/default.aspx?kbid=324801&product=winsvr2003
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:O5AQpCr5FHA.4012@TK2MSFTNGP14.phx.gbl...
| Quote: | Hi All!
I am about to demote a DC to member server in a 2003 domain, but the
dcpromo
stops with the following error:
"Active Directory could not transfer the remaining data in directory
partition CN= .... to domain controller server3.ourdomain.local
The directory service was unable to transfer ownership of one or more
floating single-master operation roles to other servers"
But let's start from the beginning.
I am about to upgrade an NT domain to 2003 domain. For that purpose I have
3
servers:
1. server1 - the original NT PDC
2. server2 - the temporary NT/2003 BDC/PDC/DC
3. server3 - the new 2003 DC
The start situation was:
server1 - NT 40sp6 server being PDC for the NT domain "ourdomain"
server2 - NT40sp6 server being BDC
server3 - 2003std server being member server
I did following:
- installed WINS on server3
- changed all servers and workstations' network-settings so DNS and WINS
server is primarily server3 (and secondary are ISP's DNS servers)
- promoted server 2 to PDC (server 1 was automatically BDC)
- upgraded server2 from NT to 2003 server with following settings
- domain in a new forest
- full DNS name: ourdomain.local
- functional level of the new forest: Windows Server 2003 interim
- DNS Registration Diagnostics: "install and configure DNS server
on this computer..."
- Permissions: "Permissions compatible only with w2000 or
w2003..."
- this proces had several errors (mostly related to lsass.exe) but after 2
restart it went throught without problems the 3rd time.
- that made server2 as first AD server
- I added server2's IP address on DNS server list in server3
- then I promoted server3 to DC with following settings:
- additional domain controller for existing domain
- full DNS name: ourdomain.local
- after that server3 was also a DC
- I promoted the new 2003 server PDC to Global Catalog server (Sites -
Servers - NTDS settings - properties)
- I installed DNS server on server3, with following settings:
- small network
- zone: ourzone.ourdomain.local
- only secure dynamic updates
- with forwarding to the server2, and ISP's DNS servers
- at the end of installation, I got an error message, but after clicking
on
"OK" I also got the message about everything was all right; after I
restarted the server, the DNS server was functioning
- now I am trying to demote server2, and I cannot do it, could it be a
connection problem, or what? Am I missing something, or did I do some
steps
wrong?
All this is happening under VMware (the machines are virtual) since I want
to test the ting before doing it on the live system.
Thanx in advance!
Regards,
Zoran
|
|
|
| Back to top |
|
|
Kizetoni
Guest
|
| Posted:
Fri Nov 11, 2005 5:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hi Mike,
thanx for your quick reply.
I will look at the links - thanx.
One question in the meantime:
Although the DNS servers and networking are configured right (I can see the
internet from each machine, and machines can see each other via Windows
Explorer), I get misterious results pinging:
- server3 I get response
- server3.ourdomain.local get NO response ?
- server2 I get response
- server2.ourdomain.local get NO response ?
Am I missing something?
Regards,
Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:utxhA%23r5FHA.3880@TK2MSFTNGP12.phx.gbl...
| Quote: | Hi,
Does this server hold any FSMO roles? Did you move FSMO roles to another
server?
How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/default.aspx?kbid=324801&product=winsvr2003
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:O5AQpCr5FHA.4012@TK2MSFTNGP14.phx.gbl...
Hi All!
I am about to demote a DC to member server in a 2003 domain, but the
dcpromo
stops with the following error:
"Active Directory could not transfer the remaining data in directory
partition CN= .... to domain controller server3.ourdomain.local
The directory service was unable to transfer ownership of one or more
floating single-master operation roles to other servers"
But let's start from the beginning.
I am about to upgrade an NT domain to 2003 domain. For that purpose I
have
3
servers:
1. server1 - the original NT PDC
2. server2 - the temporary NT/2003 BDC/PDC/DC
3. server3 - the new 2003 DC
The start situation was:
server1 - NT 40sp6 server being PDC for the NT domain "ourdomain"
server2 - NT40sp6 server being BDC
server3 - 2003std server being member server
I did following:
- installed WINS on server3
- changed all servers and workstations' network-settings so DNS and WINS
server is primarily server3 (and secondary are ISP's DNS servers)
- promoted server 2 to PDC (server 1 was automatically BDC)
- upgraded server2 from NT to 2003 server with following settings
- domain in a new forest
- full DNS name: ourdomain.local
- functional level of the new forest: Windows Server 2003
interim
- DNS Registration Diagnostics: "install and configure DNS
server
on this computer..."
- Permissions: "Permissions compatible only with w2000 or
w2003..."
- this proces had several errors (mostly related to lsass.exe) but after
2
restart it went throught without problems the 3rd time.
- that made server2 as first AD server
- I added server2's IP address on DNS server list in server3
- then I promoted server3 to DC with following settings:
- additional domain controller for existing domain
- full DNS name: ourdomain.local
- after that server3 was also a DC
- I promoted the new 2003 server PDC to Global Catalog server (Sites -
Servers - NTDS settings - properties)
- I installed DNS server on server3, with following settings:
- small network
- zone: ourzone.ourdomain.local
- only secure dynamic updates
- with forwarding to the server2, and ISP's DNS servers
- at the end of installation, I got an error message, but after clicking
on
"OK" I also got the message about everything was all right; after I
restarted the server, the DNS server was functioning
- now I am trying to demote server2, and I cannot do it, could it be a
connection problem, or what? Am I missing something, or did I do some
steps
wrong?
All this is happening under VMware (the machines are virtual) since I
want
to test the ting before doing it on the live system.
Thanx in advance!
Regards,
Zoran
|
|
|
| Back to top |
|
|
Kizetoni
Guest
|
| Posted:
Fri Nov 11, 2005 5:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hello again,
I did what you suggested, and the process went fine, I managed to transfer
all the things.
But when I try to demote the server2 (old DC "PDC"), I get error "...
because of a DNS lookup failure".
===============================================================
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 2023
Date: 11-11-2005
Time: 16:46:05
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SERVER2
Description:
The local domain controller was unable to replicate changes to the following
remote domain controller for the following directory partition.
Remote domain controller:
91dcfcd8-68fc-47fd-a527-b417541601fd._msdcs.ourdomain.local
Directory partition:
CN=Schema,CN=Configuration,DC=ourdomain,DC=local
The local domain controller cannot complete demotion.
User Action
Investigate why replication between these two domain controllers cannot be
performed. Then, try to demote this domain controller again.
Additonal Data
Error value: 8524 The DSA operation is unable to proceed because of a DNS
lookup failure.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
===========================================================================
As I said previously, I cannot ping the full domain name, even if I put the
name in the HOSTS file ....?
I never saw a thing like this - somehow computers can't see each other, and
sometimes they can....?
Any ideas?
Well, I didn't restart the machines - maybe I should do so?
Another question - if now I just take the old DC/PDC out, meaning that I
turn it off and then delete all it's accounts on the new DC/PDC - should
that give any problems, and would all workstations be able to log on?
Thanx,
Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:utxhA%23r5FHA.3880@TK2MSFTNGP12.phx.gbl...
|
|
| Back to top |
|
|
Kizetoni
Guest
|
| Posted:
Fri Nov 11, 2005 5:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o) |
|
| Back to top |
|
|
Miha Pihler [MVP]
Guest
|
| Posted:
Fri Nov 11, 2005 9:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hi,
Can you do
ipconfig /all
on both computers and post back?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:ePHY2Uu5FHA.3636@TK2MSFTNGP09.phx.gbl...
| Quote: | I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o)
|
|
|
| Back to top |
|
|
Kizetoni
Guest
|
| Posted:
Sat Nov 12, 2005 9:50 am Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hello Mike,
I solved the problem - and you don't aks me how. :o)
First I found an article at MS's site telling that it could be a corrupted
registry. I did that, though registry didn't seemd to be corrupted. Then I
installed Support Tools and run dcdiag.exe. It complained that it could not
connet to a host that has a long funny number as a name (se down). Then I
said "now it is enough", and I put the following thing in the hosts-file on
both servers. First then I started to get answers pinging the full domain
name of the hosts. But dcpromo didin't work, until I restarted the both
servers, and then it just worked! :o)
Here is hosts-file:
=======================================================================
127.0.0.1 localhost
192.168.1.31 server2
192.168.1.31 server2.ourdomain.local
192.168.1.31 013ED4C1-EBA4-4048-8F05-77B3F8452B3D._msdcs.ourdomain.local
192.168.1.32 server3
192.168.1.32 server3.ourdomain.local
192.168.1.32 91dcfcd8-68fc-47fd-a527-b417541601fd._msdcs.ourdomain.local
=======================================================================
Those funny numbers (what are they, in fact?) I remember I saw under each
host under "Active Directory Sites and Services", and I juct copied them
from there and put the right IP address.
Here is the result of Ipconfig /all:
for server3:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server3
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter LAN_1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet Adapter
Physical Address. . . . . . . . . : 00-0C-29-58-9F-9A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.32
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.32
192.168.1.31
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
Secondary WINS Server . . . . . . : 127.0.0.1
=======================================================================
IP...31 is server2 (old upgraded NT PDC to 2003), IP...32 is server3 (new
DC/PD, win2003), and IP...23 is a "ISP DNS" server (a linux box serving
inside our LAN as a DNS server, just forwarding to ISP's DNS servers).
for server2:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server2
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet Adapter
Physical Address. . . . . . . . . : 00-0C-29-DC-93-0A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.31
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.31
192.168.1.32
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
=======================================================================
Can you see anything strange?
Thanx for helping!
Regards, Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uTs3y3v5FHA.4076@tk2msftngp13.phx.gbl...
| Quote: | Hi,
Can you do
ipconfig /all
on both computers and post back?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:ePHY2Uu5FHA.3636@TK2MSFTNGP09.phx.gbl...
I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor
their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o)
|
|
|
| Back to top |
|
|
Miha Pihler [MVP]
Guest
|
| Posted:
Mon Nov 14, 2005 1:50 am Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hi,
TCP configuration seems OK. What you could try is instead 127.0.0.1 use each
other servers IP address for DNS. E.g. on server with IP address
192.168.1.32 use preferred DNS server of 192.168.1.31 and on server with IP
address 192.168.1.31 use preferred DNS server of 192.168.1.32.
If I understand you, you managed to resolve your problem?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:etdWFr25FHA.2628@TK2MSFTNGP11.phx.gbl...
| Quote: | Hello Mike,
I solved the problem - and you don't aks me how. :o)
First I found an article at MS's site telling that it could be a corrupted
registry. I did that, though registry didn't seemd to be corrupted. Then I
installed Support Tools and run dcdiag.exe. It complained that it could
not
connet to a host that has a long funny number as a name (se down). Then I
said "now it is enough", and I put the following thing in the hosts-file
on
both servers. First then I started to get answers pinging the full domain
name of the hosts. But dcpromo didin't work, until I restarted the both
servers, and then it just worked! :o)
Here is hosts-file:
=======================================================================
127.0.0.1 localhost
192.168.1.31 server2
192.168.1.31 server2.ourdomain.local
192.168.1.31 013ED4C1-EBA4-4048-8F05-77B3F8452B3D._msdcs.ourdomain.local
192.168.1.32 server3
192.168.1.32 server3.ourdomain.local
192.168.1.32 91dcfcd8-68fc-47fd-a527-b417541601fd._msdcs.ourdomain.local
=======================================================================
Those funny numbers (what are they, in fact?) I remember I saw under each
host under "Active Directory Sites and Services", and I juct copied them
from there and put the right IP address.
Here is the result of Ipconfig /all:
for server3:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server3
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter LAN_1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-58-9F-9A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.32
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.32
192.168.1.31
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
Secondary WINS Server . . . . . . : 127.0.0.1
=======================================================================
IP...31 is server2 (old upgraded NT PDC to 2003), IP...32 is server3 (new
DC/PD, win2003), and IP...23 is a "ISP DNS" server (a linux box serving
inside our LAN as a DNS server, just forwarding to ISP's DNS servers).
for server2:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server2
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-DC-93-0A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.31
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.31
192.168.1.32
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
=======================================================================
Can you see anything strange?
Thanx for helping!
Regards, Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uTs3y3v5FHA.4076@tk2msftngp13.phx.gbl...
Hi,
Can you do
ipconfig /all
on both computers and post back?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:ePHY2Uu5FHA.3636@TK2MSFTNGP09.phx.gbl...
I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor
their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o)
|
|
|
| Back to top |
|
|
Kizetoni
Guest
|
| Posted:
Mon Nov 14, 2005 9:50 am Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
Hi Mike,
thanx for your input.
Yes, now it works, but... Now I should test it with the workstation-access,
so probably I will get back here with more problems...! :o)
Now, one thing that I forgot to mention - the upgraded server (server2) is a
2003 std but without sp1, and the new server (server3) is the sp1 version
with all updates - could it be that was the cause of troubles?
Thanx for your help!
Regards,
Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uxNojuK6FHA.3976@TK2MSFTNGP15.phx.gbl...
| Quote: | Hi,
TCP configuration seems OK. What you could try is instead 127.0.0.1 use
each
other servers IP address for DNS. E.g. on server with IP address
192.168.1.32 use preferred DNS server of 192.168.1.31 and on server with
IP
address 192.168.1.31 use preferred DNS server of 192.168.1.32.
If I understand you, you managed to resolve your problem?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:etdWFr25FHA.2628@TK2MSFTNGP11.phx.gbl...
Hello Mike,
I solved the problem - and you don't aks me how. :o)
First I found an article at MS's site telling that it could be a
corrupted
registry. I did that, though registry didn't seemd to be corrupted. Then
I
installed Support Tools and run dcdiag.exe. It complained that it could
not
connet to a host that has a long funny number as a name (se down). Then
I
said "now it is enough", and I put the following thing in the hosts-file
on
both servers. First then I started to get answers pinging the full
domain
name of the hosts. But dcpromo didin't work, until I restarted the both
servers, and then it just worked! :o)
Here is hosts-file:
=======================================================================
127.0.0.1 localhost
192.168.1.31 server2
192.168.1.31 server2.ourdomain.local
192.168.1.31 013ED4C1-EBA4-4048-8F05-77B3F8452B3D._msdcs.ourdomain.local
192.168.1.32 server3
192.168.1.32 server3.ourdomain.local
192.168.1.32 91dcfcd8-68fc-47fd-a527-b417541601fd._msdcs.ourdomain.local
=======================================================================
Those funny numbers (what are they, in fact?) I remember I saw under
each
host under "Active Directory Sites and Services", and I juct copied them
from there and put the right IP address.
Here is the result of Ipconfig /all:
for server3:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server3
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter LAN_1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-58-9F-9A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.32
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.32
192.168.1.31
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
Secondary WINS Server . . . . . . : 127.0.0.1
=======================================================================
IP...31 is server2 (old upgraded NT PDC to 2003), IP...32 is server3
(new
DC/PD, win2003), and IP...23 is a "ISP DNS" server (a linux box serving
inside our LAN as a DNS server, just forwarding to ISP's DNS servers).
for server2:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server2
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-DC-93-0A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.31
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.31
192.168.1.32
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
=======================================================================
Can you see anything strange?
Thanx for helping!
Regards, Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uTs3y3v5FHA.4076@tk2msftngp13.phx.gbl...
Hi,
Can you do
ipconfig /all
on both computers and post back?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:ePHY2Uu5FHA.3636@TK2MSFTNGP09.phx.gbl...
I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems
accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor
their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o)
|
|
|
| Back to top |
|
|
Miha Pihler [MVP]
Guest
|
| Posted:
Mon Nov 14, 2005 5:50 pm Post subject:
Re: upgraded 2003 domain- problems demoting a DC |
|
|
In general service pack level should not cause these problems...
I am glad that you managed to solve your problem.
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:%23G0ZptP6FHA.3588@TK2MSFTNGP15.phx.gbl...
| Quote: | Hi Mike,
thanx for your input.
Yes, now it works, but... Now I should test it with the
workstation-access,
so probably I will get back here with more problems...! :o)
Now, one thing that I forgot to mention - the upgraded server (server2) is
a
2003 std but without sp1, and the new server (server3) is the sp1 version
with all updates - could it be that was the cause of troubles?
Thanx for your help!
Regards,
Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uxNojuK6FHA.3976@TK2MSFTNGP15.phx.gbl...
Hi,
TCP configuration seems OK. What you could try is instead 127.0.0.1 use
each
other servers IP address for DNS. E.g. on server with IP address
192.168.1.32 use preferred DNS server of 192.168.1.31 and on server with
IP
address 192.168.1.31 use preferred DNS server of 192.168.1.32.
If I understand you, you managed to resolve your problem?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:etdWFr25FHA.2628@TK2MSFTNGP11.phx.gbl...
Hello Mike,
I solved the problem - and you don't aks me how. :o)
First I found an article at MS's site telling that it could be a
corrupted
registry. I did that, though registry didn't seemd to be corrupted.
Then
I
installed Support Tools and run dcdiag.exe. It complained that it could
not
connet to a host that has a long funny number as a name (se down). Then
I
said "now it is enough", and I put the following thing in the
hosts-file
on
both servers. First then I started to get answers pinging the full
domain
name of the hosts. But dcpromo didin't work, until I restarted the both
servers, and then it just worked! :o)
Here is hosts-file:
=======================================================================
127.0.0.1 localhost
192.168.1.31 server2
192.168.1.31 server2.ourdomain.local
192.168.1.31
013ED4C1-EBA4-4048-8F05-77B3F8452B3D._msdcs.ourdomain.local
192.168.1.32 server3
192.168.1.32 server3.ourdomain.local
192.168.1.32
91dcfcd8-68fc-47fd-a527-b417541601fd._msdcs.ourdomain.local
=======================================================================
Those funny numbers (what are they, in fact?) I remember I saw under
each
host under "Active Directory Sites and Services", and I juct copied
them
from there and put the right IP address.
Here is the result of Ipconfig /all:
for server3:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server3
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter LAN_1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-58-9F-9A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.32
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.32
192.168.1.31
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
Secondary WINS Server . . . . . . : 127.0.0.1
=======================================================================
IP...31 is server2 (old upgraded NT PDC to 2003), IP...32 is server3
(new
DC/PD, win2003), and IP...23 is a "ISP DNS" server (a linux box serving
inside our LAN as a DNS server, just forwarding to ISP's DNS servers).
for server2:
=======================================================================
Windows IP Configuration
Host Name . . . . . . . . . . . . : server2
Primary Dns Suffix . . . . . . . : ourdomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ourdomain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet
Adapter
Physical Address. . . . . . . . . : 00-0C-29-DC-93-0A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.31
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
192.168.1.31
192.168.1.32
192.168.1.23
Primary WINS Server . . . . . . . : 192.168.1.32
=======================================================================
Can you see anything strange?
Thanx for helping!
Regards, Zoran
"Miha Pihler [MVP]" <mihap-news@atlantis.si> skrev i en meddelelse
news:uTs3y3v5FHA.4076@tk2msftngp13.phx.gbl...
Hi,
Can you do
ipconfig /all
on both computers and post back?
--
Mike
Microsoft MVP - Windows Security
"Kizetoni" <kizetoni@mail.ru> wrote in message
news:ePHY2Uu5FHA.3636@TK2MSFTNGP09.phx.gbl...
I reinstalled DNS servers on both machines.
I double-checked all IP addresses.
The machines can resolve "normal" internet sites (no problems
accessing
internet sites)
But they CANNOT resolve their own domain name (ourdomain.local) nor
their
own hostnames (server#.ourdomain.local).
Am I blind, or what...? :o)
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in