New DC, Not the DC!

Tutorials Win: Microsoft Windows Forum

I am migrating from my old Win 200 SP4 server to a Win 2003 R2 x64 server &
Exchange 2007. I did the dcpromo and all step that I was aware of to the new
server and I thought things were fine. But, when I shut down the old DC I
lost all my domain abilities (not even able to log into the new server).

So I started looking into it, and I'm lost as to what is happening. There
are lot's of error messages in my logs, I don't see a SYSVOL share on the new
server, even though the new server is supposed to be the GC it's not. I've
checked and the new server SEEMS to have all the FSMO roles.

I have been doing research online, and frankly I'm lost as to the best path
to proceded. Here is a list of errors I am seeing (Note - All real server and
domain names have been replaced... I'm a bit of a security freak):

Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 5/9/2008
Time: 3:12:12 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: KEGERATOR
Description:
Active Directory was unable to establish a connection with the global
catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200cf3


Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 5/9/2008
Time: 1:46:03 PM
User: N/A
Computer: KEGERATOR
Description:
The File Replication Service is having trouble enabling replication from
{OLDSERVERNAME}.{DOMAIN-NAME}.com to {NEWSERVERNAME} for
c:\windows\sysvol\domain using the DNS name
{OLDSERVERNAME}.{DOMAIN-NAME}.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name
{OLDSERVERNAME}.{DOMAIN-NAME}.com from this computer.
[2] FRS is not running on {OLDSERVERNAME}.{DOMAIN-NAME}.com.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.


Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1308
Date: 5/9/2008
Time: 4:15:50 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: KEGERATOR
Description:
The Knowledge Consistency Checker (KCC) has detected that successive
attempts to replicate with the following domain controller has consistently
failed.

Attempts:
2
Domain controller:
CN=NTDS
Settings,CN={OLDSERVERNAME},CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC={DOMAIN-NAME},DC=com
Period of time (minutes):
122

The Connection object for this domain controller will be ignored, and a new
temporary connection will be established to ensure that replication
continues. Once replication with this domain controller resumes, the
temporary connection will be removed.

Additional Data
Error value:
1722 The RPC server is unavailable.

There are no DNS errors, both system are running DNS, and pointed to the
correct servers (I do have my ISP's DNS also listed). This is a single server
install so it will do everything for the domain.

Any help is GREATLY apprecated, and more info will be supplied if needed.
Thanks!!
Top

Re: New DC, Not the DC! by Meinolf

Meinolf
Fri May 09 23:24:21 PDT 2008

Hello BC68,

Please post an unedited ipconfig /all from both DC's

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> I am migrating from my old Win 200 SP4 server to a Win 2003 R2 x64
> server & Exchange 2007. I did the dcpromo and all step that I was
> aware of to the new server and I thought things were fine. But, when I
> shut down the old DC I lost all my domain abilities (not even able to
> log into the new server).
>
> So I started looking into it, and I'm lost as to what is happening.
> There are lot's of error messages in my logs, I don't see a SYSVOL
> share on the new server, even though the new server is supposed to be
> the GC it's not. I've checked and the new server SEEMS to have all the
> FSMO roles.
>
> I have been doing research online, and frankly I'm lost as to the best
> path to proceded. Here is a list of errors I am seeing (Note - All
> real server and domain names have been replaced... I'm a bit of a
> security freak):
>
> Event Type: Error
> Event Source: NTDS General
> Event Category: Global Catalog
> Event ID: 1126
> Date: 5/9/2008
> Time: 3:12:12 AM
> User: NT AUTHORITY\ANONYMOUS LOGON
> Computer: KEGERATOR
> Description:
> Active Directory was unable to establish a connection with the global
> catalog.
> Additional Data
> Error value:
> 1355 The specified domain either does not exist or could not be
> contacted.
> Internal ID:
> 3200cf3
> Event Type: Warning
> Event Source: NtFrs
> Event Category: None
> Event ID: 13508
> Date: 5/9/2008
> Time: 1:46:03 PM
> User: N/A
> Computer: KEGERATOR
> Description:
> The File Replication Service is having trouble enabling replication
> from
> {OLDSERVERNAME}.{DOMAIN-NAME}.com to {NEWSERVERNAME} for
> c:\windows\sysvol\domain using the DNS name
> {OLDSERVERNAME}.{DOMAIN-NAME}.com. FRS will keep retrying.
> Following are some of the reasons you would see this warning.
> [1] FRS can not correctly resolve the DNS name
> {OLDSERVERNAME}.{DOMAIN-NAME}.com from this computer.
> [2] FRS is not running on {OLDSERVERNAME}.{DOMAIN-NAME}.com.
> [3] The topology information in the Active Directory for this replica
> has
> not yet replicated to all the Domain Controllers.
> Event Type: Warning
> Event Source: NTDS KCC
> Event Category: Knowledge Consistency Checker
> Event ID: 1308
> Date: 5/9/2008
> Time: 4:15:50 AM
> User: NT AUTHORITY\ANONYMOUS LOGON
> Computer: KEGERATOR
> Description:
> The Knowledge Consistency Checker (KCC) has detected that successive
> attempts to replicate with the following domain controller has
> consistently
> failed.
> Attempts:
>
> 2
>
> Domain controller:
>
> CN=NTDS
>
> Settings,CN={OLDSERVERNAME},CN=Servers,CN=Default-First-Site-Name,CN=S
> ites,CN=Configuration,DC={DOMAIN-NAME},DC=com
>
> Period of time (minutes):
>
> 122
>
> The Connection object for this domain controller will be ignored, and
> a new temporary connection will be established to ensure that
> replication continues. Once replication with this domain controller
> resumes, the temporary connection will be removed.
>
> Additional Data
> Error value:
> 1722 The RPC server is unavailable.
> There are no DNS errors, both system are running DNS, and pointed to
> the correct servers (I do have my ISP's DNS also listed). This is a
> single server install so it will do everything for the domain.
>
> Any help is GREATLY apprecated, and more info will be supplied if
> needed. Thanks!!
>


Top

Re: New DC, Not the DC! by BC68

BC68
Sat May 10 10:38:00 PDT 2008

Thanks Meinolf, however I found the problem. When doing this I noticed that
the old server wasn't pointed to the new server for DNS. So I updated it and
rebooted both servers (just casue) When doing so I found an event entry for
NTFRS that I had seen before, but for some reason it didn't stand out to me.
This time it did. I was getting a JRNL_WRAP_ERROR on the old Win 2000 svr, so
I fixed that, replication started happening and all appears to be golden.

"Meinolf Weber" wrote:

> Hello BC68,
>
> Please post an unedited ipconfig /all from both DC's
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > I am migrating from my old Win 200 SP4 server to a Win 2003 R2 x64
> > server & Exchange 2007. I did the dcpromo and all step that I was
> > aware of to the new server and I thought things were fine. But, when I
> > shut down the old DC I lost all my domain abilities (not even able to
> > log into the new server).
> >
> > So I started looking into it, and I'm lost as to what is happening.
> > There are lot's of error messages in my logs, I don't see a SYSVOL
> > share on the new server, even though the new server is supposed to be
> > the GC it's not. I've checked and the new server SEEMS to have all the
> > FSMO roles.
> >
> > I have been doing research online, and frankly I'm lost as to the best
> > path to proceded. Here is a list of errors I am seeing (Note - All
> > real server and domain names have been replaced... I'm a bit of a
> > security freak):
> >
> > Event Type: Error
> > Event Source: NTDS General
> > Event Category: Global Catalog
> > Event ID: 1126
> > Date: 5/9/2008
> > Time: 3:12:12 AM
> > User: NT AUTHORITY\ANONYMOUS LOGON
> > Computer: KEGERATOR
> > Description:
> > Active Directory was unable to establish a connection with the global
> > catalog.
> > Additional Data
> > Error value:
> > 1355 The specified domain either does not exist or could not be
> > contacted.
> > Internal ID:
> > 3200cf3
> > Event Type: Warning
> > Event Source: NtFrs
> > Event Category: None
> > Event ID: 13508
> > Date: 5/9/2008
> > Time: 1:46:03 PM
> > User: N/A
> > Computer: KEGERATOR
> > Description:
> > The File Replication Service is having trouble enabling replication
> > from
> > {OLDSERVERNAME}.{DOMAIN-NAME}.com to {NEWSERVERNAME} for
> > c:\windows\sysvol\domain using the DNS name
> > {OLDSERVERNAME}.{DOMAIN-NAME}.com. FRS will keep retrying.
> > Following are some of the reasons you would see this warning.
> > [1] FRS can not correctly resolve the DNS name
> > {OLDSERVERNAME}.{DOMAIN-NAME}.com from this computer.
> > [2] FRS is not running on {OLDSERVERNAME}.{DOMAIN-NAME}.com.
> > [3] The topology information in the Active Directory for this replica
> > has
> > not yet replicated to all the Domain Controllers.
> > Event Type: Warning
> > Event Source: NTDS KCC
> > Event Category: Knowledge Consistency Checker
> > Event ID: 1308
> > Date: 5/9/2008
> > Time: 4:15:50 AM
> > User: NT AUTHORITY\ANONYMOUS LOGON
> > Computer: KEGERATOR
> > Description:
> > The Knowledge Consistency Checker (KCC) has detected that successive
> > attempts to replicate with the following domain controller has
> > consistently
> > failed.
> > Attempts:
> >
> > 2
> >
> > Domain controller:
> >
> > CN=NTDS
> >
> > Settings,CN={OLDSERVERNAME},CN=Servers,CN=Default-First-Site-Name,CN=S
> > ites,CN=Configuration,DC={DOMAIN-NAME},DC=com
> >
> > Period of time (minutes):
> >
> > 122
> >
> > The Connection object for this domain controller will be ignored, and
> > a new temporary connection will be established to ensure that
> > replication continues. Once replication with this domain controller
> > resumes, the temporary connection will be removed.
> >
> > Additional Data
> > Error value:
> > 1722 The RPC server is unavailable.
> > There are no DNS errors, both system are running DNS, and pointed to
> > the correct servers (I do have my ISP's DNS also listed). This is a
> > single server install so it will do everything for the domain.
> >
> > Any help is GREATLY apprecated, and more info will be supplied if
> > needed. Thanks!!
> >
>
>
>
Top