Re: Problems migrating AD PDC
I really appreciate all your help. Here are the outputs:
Server1 is Old Server
New-Server is new server
netdom query fsmo:
Schema owner SERVER1.ars.local
Domain role owner SERVER1.ars.local
PDC role new-server.ars.local
RID pool manager SERVER1.ars.local
Infrastructure owner SERVER1.ars.local
The command completed successfully.
repadmin running command /showrepl against server localhost
Default-First-Site-Name\NEW-SERVER
DC Options: IS_GC
Site Options: (none)
DC object GUID: bbd5e31c-ceaf-4c89-bbaf-be1245dbf679
DC invocationID: 56399df1-ebe1-4dd1-817a-fb046fcab5b8
==== INBOUND NEIGHBORS ======================================
DC=ars,DC=local
Default-First-Site-Name\SERVER1 via RPC
DC object GUID: c834486a-c689-4f82-a4ec-85e81937e0f7
Last attempt @ 2008-09-18 20:58:20 was successful.
CN=Configuration,DC=ars,DC=local
Default-First-Site-Name\SERVER1 via RPC
DC object GUID: c834486a-c689-4f82-a4ec-85e81937e0f7
Last attempt @ 2008-09-18 21:33:32 was successful.
CN=Schema,CN=Configuration,DC=ars,DC=local
Default-First-Site-Name\SERVER1 via RPC
DC object GUID: c834486a-c689-4f82-a4ec-85e81937e0f7
Last attempt @ 2008-09-18 20:58:20 was successful.
DC=ForestDnsZones,DC=ars,DC=local
Default-First-Site-Name\SERVER1 via RPC
DC object GUID: c834486a-c689-4f82-a4ec-85e81937e0f7
Last attempt @ 2008-09-18 20:58:20 was successful.
DC=DomainDnsZones,DC=ars,DC=local
Default-First-Site-Name\SERVER1 via RPC
DC object GUID: c834486a-c689-4f82-a4ec-85e81937e0f7
Last attempt @ 2008-09-18 21:29:30 was successful.
****************************************************************
DCDIAG on new server:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\NEW-SERVER
Starting test: Connectivity
......................... NEW-SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\NEW-SERVER
Starting test: Replications
[SERVER1] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... NEW-SERVER passed test Replications
Starting test: NCSecDesc
......................... NEW-SERVER passed test NCSecDesc
Starting test: NetLogons
......................... NEW-SERVER passed test NetLogons
Starting test: Advertising
......................... NEW-SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Warning: SERVER1 is the Schema Owner, but is not responding to DS
RPC B
ind.
[SERVER1] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
Warning: SERVER1 is the Schema Owner, but is not responding to LDAP
Bin
d.
Warning: SERVER1 is the Domain Owner, but is not responding to DS
RPC B
ind.
Warning: SERVER1 is the Domain Owner, but is not responding to LDAP
Bin
d.
Warning: SERVER1 is the Rid Owner, but is not responding to DS RPC
Bind
..
Warning: SERVER1 is the Rid Owner, but is not responding to LDAP
Bind.
Warning: SERVER1 is the Infrastructure Update Owner, but is not
respond
ing to DS RPC Bind.
Warning: SERVER1 is the Infrastructure Update Owner, but is not
respond
ing to LDAP Bind.
......................... NEW-SERVER failed test KnowsOfRoleHolders
Starting test: RidManager
......................... NEW-SERVER failed test RidManager
Starting test: MachineAccount
......................... NEW-SERVER passed test MachineAccount
Starting test: Services
......................... NEW-SERVER passed test Services
Starting test: ObjectsReplicated
......................... NEW-SERVER passed test ObjectsReplicated
Starting test: frssysvol
......................... NEW-SERVER passed test frssysvol
Starting test: frsevent
......................... NEW-SERVER passed test frsevent
Starting test: kccevent
......................... NEW-SERVER passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC00010E1
Time Generated: 09/18/2008 20:58:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000166D
Time Generated: 09/18/2008 20:58:22
Event String: Netlogon could not register the ARS<1B> name
An Error Event occured. EventID: 0xC00010E1
Time Generated: 09/18/2008 21:13:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00010E1
Time Generated: 09/18/2008 21:28:22
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC00010E1
Time Generated: 09/18/2008 21:43:22
(Event String could not be retrieved)
......................... NEW-SERVER failed test systemlog
Starting test: VerifyReferences
......................... NEW-SERVER passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : ARS
Starting test: CrossRefValidation
......................... ARS passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ARS passed test CheckSDRefDom
Running enterprise tests on : ARS.local
Starting test: Intersite
......................... ARS.local passed test Intersite
Starting test: FsmoCheck
Error: The server returned by DsGetDcName() did not match
DsListRoles()
for the PDC
......................... ARS.local passed test FsmoCheck
**********************************************************************
DCDIAG on Old Server:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER1
Starting test: Connectivity
The host c834486a-c689-4f82-a4ec-85e81937e0f7._msdcs.ars.local coul
d not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(c834486a-c689-4f82-a4ec-85e81937e0f7._msdcs.ars.local) couldn't
be resolved, the server name (SERVER1.ars.local) resolved to the
IP address (192.168.0.1) and was pingable. Check that the IP
address
is registered correctly with the DNS server.
......................... SERVER1 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER1
Skipping all tests, because server SERVER1 is
not responding to directory service requests
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : ars
Starting test: CrossRefValidation
......................... ars passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ars passed test CheckSDRefDom
Running enterprise tests on : ars.local
Starting test: Intersite
......................... ars.local passed test Intersite
Starting test: FsmoCheck
Error: The server returned by DsGetDcName() did not match
DsListRoles()
for the PDC
......................... ars.local passed test FsmoCheck
************************************************************************
NETDIAG ON NEW SERVER:
Computer Name: NEW-SERVER
DNS Host Name: new-server.ars.local
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : x86 Family 6 Model 15 Stepping 13, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : new-server
IP Address . . . . . . . . : 192.168.0.185
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.0.254
Dns Servers. . . . . . . . : 192.168.0.1
192.168.0.185
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{1564DF95-1390-4C84-8E00-D154F9AED25D}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver '192.168.0.1'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver '192.168.0.185'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{1564DF95-1390-4C84-8E00-D154F9AED25D}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{1564DF95-1390-4C84-8E00-D154F9AED25D}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
****************************************************************************
**
NETDIAG ON OLD SERVER:
Computer Name: SERVER1
DNS Host Name: SERVER1.ars.local
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
Netcard queries test . . . . . . . : Failed
GetStats failed for 'Intel(R) PRO/1000 XT Network Connection'.
[ERROR_INVALI
D_FUNCTION]
[FATAL] - None of the netcard drivers provided satisfactory results.
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Failed
NetCard Status: UNKNOWN
Host Name. . . . . . . . . : SERVER1
IP Address . . . . . . . . : 192.168.0.1
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.0.254
Dns Servers. . . . . . . . : 192.168.0.1
192.168.0.185
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{E4FF46BE-FF6F-4E97-8825-A3B494203996}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver '192.168.0.1'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver '192.168.0.185'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{E4FF46BE-FF6F-4E97-8825-A3B494203996}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{E4FF46BE-FF6F-4E97-8825-A3B494203996}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
**************************************************************************
Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb6678608cae7efe2fb2d9d@msnews.microsoft.com...
> Hello Paul,
>
> For the DNS settings choose also the other DC as secondary on the NIC.
Also
> post the output in command window from "netdom query fsmo" without the
quotes.
> Then run repadmin /showrepl and post the output also. Run dcdiag and
netdiag
> on both DC's and if you get errors post also the complete output.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> >> Did you configure the FORWARDERS in the DNS management console under
> >> the server properties?
> >>
> > Yes. I deleted the DNS forwarders and re-entered them. I am now able
> > to browse if I point the new serve to itself as the DNS server. I
> > think this part is fixed. Thanks for pointing me in the right
> > direction on this 
(or what ever a super happy face is!)
> >
> >> Did you move all 5 FSMO roles to the new server?
> >>
> > No, when I try I get "The transfer of the operations master role
> > cannot be
> > performed because the requested FSMO
> > operation failed. The current FSMO holder could not be contacted"
> >> Did you make the new DC Global catalog server?
> >>
> > Yes
> >
> > Old Server:
> > Windows IP Configuration
> > Host Name . . . . . . . . . . . . : SERVER1
> > Primary Dns Suffix . . . . . . . : ars.local
> > Node Type . . . . . . . . . . . . : Unknown
> > IP Routing Enabled. . . . . . . . : Yes
> > WINS Proxy Enabled. . . . . . . . : Yes
> > DNS Suffix Search List. . . . . . : ars.local
> > Ethernet adapter Local Area Connection:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
> > Connection
> > Physical Address. . . . . . . . . : 00-0D-56-FD-47-D9
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.0.1
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.0.254
> > DNS Servers . . . . . . . . . . . : 192.168.0.1
> > New Server:
> > Windows IP Configuration
> > Host Name . . . . . . . . . . . . : new-server
> > Primary Dns Suffix . . . . . . . : ars.local
> > Node Type . . . . . . . . . . . . : Unknown
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : ars.local
> > Ethernet adapter Local Area Connection:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> > Ethernet
> > Physical Address. . . . . . . . . : 00-1D-09-FF-97-24
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.0.185
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.0.254
> > DNS Servers . . . . . . . . . . . : 192.168.0.1
> > "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
> > news:ff16fb6676fb8cae77e58e6f198@msnews.microsoft.com...
> >
> >> Hello Paul,
> >>
> >> Please post an unedited ipconfig /all from both DC's.
> >>
> >> Did you configure the FORWARDERS in the DNS management console under
> >> the server properties?
> >>
> >> Did you move all 5 FSMO roles to the new server?
> >>
> >> Did you make the new DC Global catalog server?
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> > confers
> >
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> So I have been going through your list. I still have not been able
> >>> to get rid of any of the original errors that I posted.
> >>>
> >>> When I try to Transfer FSMO roles (change operations master, change
> >>> schema master, etc.) I get the following: "The transfer of the
> >>> operations master role cannot be performed because the requested
> >>> FSMO operation failed. The current FSMO holder could not be
> >>> contacted"
> >>>
> >>> As I stated in an earlier post I know that there are DNS issues.
> >>> 1. From the event logs
> >>> 2. If I take the old server offline and point a workstation DNS
> >>> setting to
> >>> the new server I cant browse.
> >>> I am sure that all of these issues are related, but not sure how to
> >>> correct.
> >>> I have no idea what to do next
> >>>
> >>> <Meinolf Weber> wrote in message
> >>> news:ff16fb6666c48cae132945ad0f4@msnews.microsoft.com...
> >>>> Hello Paul,
> >>>>
> >>>> Check this list for the steps you have done or not, if not do it
> >>>> now and leave the old DC still up and running during the time:
> >>>>
> >>>> - On the old server open DNS management console and check that you
> >>>> are
> >>>>
> >>> running
> >>>
> >>>> Active directory integrated zone (easier for replication, if you
> >>>> have more then one DNS server)
> >>>>
> >>>> - run replmon, dcdiag and netdiag on the old machine to check for
> >>>> errors, if you have some post the complete output from the command
> >>>> here or solve them first
> >>>>
> >>>> - run adprep /forestprep and adprep /domainprep from the 2003
> >>>> installation disk against the 2000 server, with an account that is
> >>>> member of the Schema admins, to upgrade the schema to the new
> >>>> version
> >>>>
> >>>> - Install the new machine as a member server in your existing
> >>>> domain
> >>>>
> >>>> - configure a fixed ip and set the preferred DNS server to the old
> >>>> DNS
> >>>>
> >>> server
> >>>
> >>>> only
> >>>>
> >>>> - run dcpromo and follow the wizard to add the 2003 server to an
> >>>> existing domain
> >>>>
> >>>> - if you are prompted for DNS configuration choose Yes (also
> >>>> possible that no DNS preparation occur), then install DNS after the
> >>>> reboot
> >>>>
> >>>> - for DNS give the server time for replication, at least 15
> >>>> minutes.
> >>>>
> >>> Because
> >>>
> >>>> you use Active directory integrated zones it will automatically
> >>>> replicate the zones to the new server. Open DNS management console
> >>>> to check that
> >>>>
> >>> they
> >>>
> >>>> appear
> >>>>
> >>>> - if the new machine is domain controller and DNS server run again
> >>>>
> >>> replmon,
> >>>
> >>>> dcdiag and netdiag on both domain controllers
> >>>>
> >>>> - if you have no errors, make the new server Global catalog server,
> >>>> open Active directory Sites and Services and then double-click
> >>>> sitename,
> >>>>
> >>> double-click
> >>>
> >>>> Servers, click your domain controller, right-click NTDS Settings,
> >>>> and then click Properties, on the General tab, click to select the
> >>>> Global catalog check box (http://support.microsoft.com/?id=313994)
> >>>>
> >>>> - Transfer, NOT seize the 5 FSMO roles to the new Domain controller
> >>>>
> >>> (http://support.microsoft.com/kb/324801)
> >>>
> >>>> - you can see in the event viewer (Directory service) that the
> >>>> roles are transferred, also give it some time
> >>>>
> >>>> - reconfigure the DNS configuration on your NIC of the 2003 server,
> >>>>
> >>> preferred
> >>>
> >>>> DNS itself, secondary the old one
> >>>>
> >>>> - if you use DHCP do not forget to reconfigure the scope settings
> >>>> to point to the new installed DNS server
> >>>>
> >>>> - export and import of DHCP database (if needed)
> >>>>
> >>> http://support.microsoft.com/kb/325473
> >>>
> >>>> Demoting
> >>>>
> >>>> - reconfigure your clients/servers that they not longer point to
> >>>> the old DC/DNS server on the NIC
> >>>>
> >>>> - to be sure that everything runs fine, disconnect the old DC from
> >>>> the
> >>>>
> >>> network
> >>>
> >>>> and check with clients and servers the connectivity, logon and also
> >>>> with one client a restart to see that everything is ok
> >>>>
> >>>> - then run dcpromo to demote the old DC, if it works fine the
> >>>> machine will move from the DC's OU to the computers container,
> >>>> where you can delete it by hand. Can be that you got an error
> >>>> during demoting at the beginning,
> >>>>
> >>> then
> >>>
> >>>> uncheck the Global catalog on that DC and try again
> >>>>
> >>>> - check the DNS management console, that all entries from the
> >>>> machine are disappeared or delete them by hand if the machine is
> >>>> off the network for
> >>>>
> >>> ever
> >>>
> >>>> Best regards
> >>>>
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>> confers
> >>>
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Thanks for your reply.
> >>>>>
> >>>>>> Did you install DNS also on the new server and point all clients
> >>>>>> to use
> >>>>>>
> >>>>> it?
> >>>>> DNS is installed. After shutting down the old server I changed the
> >>>>> new
> >>>>> server to the old servers IP and rebooted.
> >>>>>> Did you configure the FORWARDERS in the DNS management console
> >>>>>> under the server properties?
> >>>>>>
> >>>>> I dont think so. I just "poked" around in the DNS console and cant
> >>>>> even find
> >>>>> these settings.
> >>>>> Is there a (easy) way to export the entire DNS setup from the old
> >>>>> server?
> >>>>>> Did you move all 5 FSMO roles to the new server?
> >>>>>>
> >>>>> I dont know what this means, so probably not.
> >>>>>
> >>>>>> Did you make the new DC Global catalog server?
> >>>>>>
> >>>>> Yes
> >>>>>
> >>>>> help... I'm over my head
> >>>>>
> >>>>> "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
> >>>>> news:ff16fb6666398cae0e32ae8ece8@msnews.microsoft.com...
> >>>>>
> >>>>>> Hello Paul,
> >>>>>>
> >>>>>> Did you install DNS also on the new server and point all clients
> >>>>>> to use
> >>>>>>
> >>>>> it?
> >>>>>
> >>>>>> Did you configure the FORWARDERS in the DNS management console
> >>>>>> under the server properties?
> >>>>>>
> >>>>>> Did you move all 5 FSMO roles to the new server?
> >>>>>>
> >>>>>> Did you make the new DC Global catalog server?
> >>>>>>
> >>>>>> Best regards
> >>>>>>
> >>>>>> Meinolf Weber
> >>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>>>> and
> >>>>> confers
> >>>>>
> >>>>>> no rights.
> >>>>>> ** Please do NOT email, only reply to Newsgroups
> >>>>>> ** HELP us help YOU!!!
> >>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>>>> I am trying to migrate from an old W2K3 Active Directory domain
> >>>>>>> controller to a new one. Eventually I want to remove the old
> >>>>>>> server from the network. I have never done this before and it is
> >>>>>>> a little bit out of my league so I Googled, read and hopefully
> >>>>>>> followed several articles that I found, but am still getting
> >>>>>>> some errors logged.
> >>>>>>>
> >>>>>>> The list of AD users, computers etc replicated over to the new
> >>>>>>> server, but when I turn off the old one no one can log in and
> >>>>>>> there is no Internet access. I think both of these problems are
> >>>>>>> due to DNS (which I really understand about 1% of). There are no
> >>>>>>> errors in the DNS log though (just info that the service
> >>>>>>> started).
> >>>>>>>
> >>>>>>> Most of the computers have fixed IPs so DHCP isn't really an
> >>>>>>> issue, but the DHCP service is also failing.
> >>>>>>>
> >>>>>>> I'm hoping from the log files someone can give me some specific
> >>>>>>> things to try as opposed to links to articles that are above my
> >>>>>>> understanding.
> >>>>>>>
> >>>>>>> Your help is much appreciated.
> >>>>>>>
> >>>>>>> System Log:
> >>>>>>>
> >>>>>>> Event ID 1059
> >>>>>>> The DHCP service failed to see a directory server for
> >>>>>>> authorization.
> >>>>>>> Directory Service Log:
> >>>>>>> Event ID 2088
> >>>>>>> Active Directory could not use DNS to resolve the IP address of
> >>>>>>> the
> >>>>>>> source
> >>>>>>> domain controller listed below. To maintain the consistency of
> >>>>>>> Security
> >>>>>>> groups, group policy, users and computers and their passwords,
> >>>>>>> Active
> >>>>>>> Directory successfully replicated using the NetBIOS or fully
> >>>>>>> qualified
> >>>>>>> computer name of the source domain controller.
> >>>>>>> Invalid DNS configuration may be affecting other essential
> >>>>>>> operations
> >>>>>>> on
> >>>>>>> member computers, domain controllers or application servers in
> >>>>>>> this
> >>>>>>> Active
> >>>>>>> Directory forest, including logon authentication or access to
> >>>>>>> network
> >>>>>>> resources.
> >>>>>>> (I cut out the rest of the error, let me know if it would be
> >>>>>>> helpful
> >>>>>>> to post
> >>>>>>> the entire message)
> >>>>>>> Event ID 1586
> >>>>>>> The Windows NT 4.0 or earlier replication checkpoint with the
> >>>>>>> PDC
> >>>>>>> emulator
> >>>>>>> master was unsuccessful.
> >>>>>>> A full synchronization of the security accounts manager (SAM)
> >>>>>>> database
> >>>>>>> to domain controllers running Windows NT 4.0 and earlier might
> >>>>>>> take
> >>>>>>> place if the PDC emulator master role is transferred to the
> >>>>>>> local
> >>>>>>> domain controller before the next successful checkpoint.
> >>>>>>> Application Log:
> >>>>>>> Event ID5 3258
> >>>>>>> MS DTC could not correctly process a DC Promotion/Demotion
> >>>>>>> event.
> >>>>>>> MS
> >>>>>>> DTC
> >>>>>>> will continue to function and will use the existing security
> >>>>>>> settings.
> >>>>>>> Error
> >>>>>>> Specifics: %1
> >>>>>>> Event ID 53258
> >>>>>>> MS DTC could not correctly process a DC Promotion/Demotion
> >>>>>>> event.
> >>>>>>> MS
> >>>>>>> DTC
> >>>>>>> will continue to function and will use the existing security
> >>>>>>> settings.
> >>>>>>> Error
> >>>>>>> Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9351, Pid:
> >>>>>>> 1160
> >>>>>>> No Callstack, CmdLine: C:\WINDOWS\system32\msdtc.exe
>
>