No announcement yet.

New Domain Controller Replication: Windows 2003 / 2008

  • Filter
  • Time
  • Show
Clear All
new posts

  • New Domain Controller Replication: Windows 2003 / 2008


    ASOK: Windows 2003 domain controller (FSMO) (2xx.x.x.x)
    MORDAC: Windows 2003 domain controller (2xx.x.x.x)
    DDNS2: Windows 2008 domain controller (DNS and DHCP server) (192.168.x.x)
    DDNS1: Windows 2008 server, promoted to domain controller (DNS and DHCP server) (192.168.x.x)

    Over the weekend, I promoted a Windows 2008 server, DDNS1 , to domain controller.

    DNSLint shows no errors (since the MSDCS GUID was added to our internal Unix-based DNS servers. I learned that lesson when DDNS2 was promoted to a domain controller a few months ago).

    However, replication between DDNS1 and MORDAC is not occurring properly. No symptoms have been observed, but when I run repadmin /showrepl on DDNS1, the results show replication with DDNS2 and ASOK, but not MORDAC. There is no error, MORDAC just is not listed. Likewise, when running repadmin /showrepl on MORDAC, DDSN1 is not listed.

    Using Active Directory Sites and Services, the "Default First Site Name" NTDS settings look something like this:

    |--MORDAC (automatically generated)
    |--DDNS1 (automatically generated)
    |--DDNS2 (automatically generated)

    |--ASOK (automatically generated)
    |--DDNS2 (automatically generated)

    |--ASOK (automatically generated)
    |--DDNS2 (automatically generated)

    |--ASOK (automatically generated)
    |--MORDAC (94b88236-xxxx-xxxx-xxxx-xxxxxxxxxxxx) <--?????
    |--DDNS1 (automatically generated)

    I was about to ask what may be causing this error, but after entering the NTDS settings above, which actually forced me to pay attention, I may have just answered my own question.

    It looks like a GUID for MORDAC may need to be manually entered into DNS on DDNS1, since it is not "automatically generated" on DDNS2. Given that the old Windows 2003 and new Windows 2008 domain controllers are on different VLANs, that makes sense.

    UPDATE: Nope, it looks like I was wrong. DNS entries look the same on both DDNS1 and DDNS2. Any ideas?

    I'm not even sure what that GUID is. It is not the same as the MSDCS GUID reported by DNSLint. When I examine the properties of MORDAC using Active Directory Explorer, it does not appear anywhere.

    Last edited by Robert R.; 6th April 2010, 00:16.