Announcement

Collapse
No announcement yet.

New Active Directory not working?!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • New Active Directory not working?!

    Hi guys,

    OK, I have been working for over a day on this issue and cannot get anywhere!!!

    Story:

    Had TWO DC's in a small network. One DC was used for main profiles/files and housed the GC. The other DC had a simple mail server and mirrored the first.

    I installed a new server, (2003 64-bit AMD) -installed AD and proceeded to transfer FSMO roles, Schema, etc from the main DC to this new server (using dcpromo etc)

    Transfer seemed to be successful. I then proceeded to DEMOTE the original and first DC (where I copied from to my new AD).

    Since then, I have the second DC as all fine, but I seemed to have lost all evidence of my new server within any DNS settings and amy getting lots of errors up now in Replication Services and Directory Services.

    Results from the various tools on the newly created AD are attached.

    Now, in the event logs of this new AD, I am getting all sorts of errors:

    8418 The replication operation failed because of a schema mismatch between the servers involved.

    Active Directory was unable to establish a connection with the global catalog.

    It seems that AD has totally forgotten my new AD and has considered it no longer a fully fledged DC!!!

    Please and begging in advance -could anyone kindly advise me!?!

    Best regards in advance.

    DAvid
    Attached Files

  • #2
    Re: New Active Directory not working?!

    Hi

    Can you run the following command from your new dc. you need support tools for that. Just google it and download and install them

    netdom query fsmo

    Second when you ran dcpromo then did you install dns, is it AD integrated if installed.
    By Default the first dc is gc and you need to make subsequent DC as GC manually.
    Can you access sysvol and netlogon shares.

    Check in dssite.msc and check if you have reference to old dc still.
    Thanks & Regards
    v-2nas

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect
    Blog: http://www.exchadtech.blogspot.com

    Show your appreciation for my help by giving reputation points

    Comment


    • #3
      Re: New Active Directory not working?!

      Hi v-2nas,

      OK, so I had to put the original DC back as the main Active Directory and Global Catalog -as I was having no success with the new AD.

      The scenario is now:

      1 x AD - ussu-bwing (original AD and reinstated as AD) and activated as GC
      1 x DC obiwan (GC selected or this too)
      1 x new AD (ussu-skywalker. I have let it as an AD system, but there are errors and it cannot become a DC)

      So, I ran the command, and here is what I get:
      ---------------------------------------------------------------
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Information Event occured. EventID: 0x4000049D
      Time Generated: 04/12/2010 11:00:20
      (Event String could not be retrieved)
      An Warning Event occured. EventID: 0x8000051C
      Time Generated: 04/12/2010 11:00:30
      Event String: The Knowledge Consistency Checker (KCC) has
      An Warning Event occured. EventID: 0x80000785
      Time Generated: 04/12/2010 11:00:30
      Event String: The attempt to establish a replication link for
      An Warning Event occured. EventID: 0x80000785
      Time Generated: 04/12/2010 11:00:30
      Event String: The attempt to establish a replication link for
      An Warning Event occured. EventID: 0x80000785
      Time Generated: 04/12/2010 11:00:30
      Event String: The attempt to establish a replication link for
      An Warning Event occured. EventID: 0x80000785
      Time Generated: 04/12/2010 11:00:30
      Event String: The attempt to establish a replication link for
      An Error Event occured. EventID: 0xC00007E6
      Time Generated: 04/12/2010 11:06:03
      (Event String could not be retrieved)
      ......................... USSU-SKYWALKER failed test kccevent
      Starting test: systemlog
      An Error Event occured. EventID: 0x40000004
      Time Generated: 04/12/2010 10:31:21
      Event String: The kerberos client received a
      An Error Event occured. EventID: 0xC0002724
      Time Generated: 04/12/2010 10:51:42
      (Event String could not be retrieved)
      An Error Event occured. EventID: 0xC0002724
      Time Generated: 04/12/2010 10:51:42
      (Event String could not be retrieved)
      An Error Event occured. EventID: 0xC0002724
      Time Generated: 04/12/2010 10:55:20
      (Event String could not be retrieved)
      An Error Event occured. EventID: 0x40000004
      Time Generated: 04/12/2010 10:56:07
      Event String: The kerberos client received a
      An Error Event occured. EventID: 0xC0002719
      Time Generated: 04/12/2010 10:57:09
      (Event String could not be retrieved)
      ......................... USSU-SKYWALKER failed test systemlog
      Starting test: VerifyReferences
      ......................... USSU-SKYWALKER passed test VerifyReferences

      Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
      ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
      ......................... ForestDnsZones passed test CheckSDRefDom

      Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
      ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
      ......................... DomainDnsZones passed test CheckSDRefDom

      Running partition tests on : Schema
      Starting test: CrossRefValidation
      ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
      ......................... Schema passed test CheckSDRefDom

      Running partition tests on : Configuration
      Starting test: CrossRefValidation
      ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
      ......................... Configuration passed test CheckSDRefDom

      Running partition tests on : ad
      Starting test: CrossRefValidation
      ......................... ad passed test CrossRefValidation
      Starting test: CheckSDRefDom
      ......................... ad passed test CheckSDRefDom

      Running enterprise tests on : ad.ussu.susx.ac.uk
      Starting test: Intersite
      ......................... ad.ussu.susx.ac.uk passed test Intersite
      Starting test: FsmoCheck
      ......................... ad.ussu.susx.ac.uk passed test FsmoCheck
      ---------------------------------------------------------

      When I ran dcpromo initially on the old AD (ussu-bwing) it didnt through up any errors or problems.

      However, I recollect after running dcpromo on the new AD (skywalker), I may have incorrectly set some of the DNS -but cannot recollect what or which ones!

      SYSVOL and NETLOGON shares exist or the original AD (bwing) -but I cannot see the new AD server in dssite.msc OR any SYSVOL and NETLOGON folders within it either (or by doing net share!)

      What do you think?! I think it may be DNS issues?

      Thanks in advance!!

      Comment


      • #4
        Re: New Active Directory not working?!

        Can you let us know what procedure did you follow to demote the old DC and promote the new DC?

        To promote any new server as a DC, you first need to make it a member server, install & configure AD integrated DNS and run DCPROMO on it. Make it a GC then. Force a replication between the DCs (using repadmin) and wait until you have a successful complete replication. Once this is done, you can take off the GC from the first DC and test the functionality of the domain using dcdiag and other utilities if the new DC has been identified as the GC server in the domain by the tests. Once done you can move to transfer the FSMO role to the new DC.

        Once this is done, follow the normal process of DCPROMO to uninstall the first DC and make sure you delete the other references of this object from sites & services, DNS, WINS etc services. Make sure there is no record exists in the DNS with points to the old DC for any services. Shutdown the old DC and perform some domain/forest wide tests. This will tell you if you still have any discrepencies in your infrastructure.

        There are many articles available on web for this process.

        Comment


        • #5
          Re: New Active Directory not working?!

          Well, I followed the right protocols and ensured that I prepared the domain accordingly.

          However, the problem seems to be lots of issues i am seeing in the event logs related to file replication services and also DCOM.

          I have the original AD back to how it was and am ready to create a new DC (for my new AD) - but before I do the process again, could anyone advise on a few things:

          1. Where can i find the current AD's SYSVOL folder?
          2. How can i resolve issues with File Replication?
          3. Schema mismatches?

          I think i will need to resovle issues with the original AD before I try again to commission a new DC.

          Any help appreciated.

          Davidstar

          Comment


          • #6
            Re: New Active Directory not working?!

            Hi,

            Sysvol folders would be under your original ac. you can use unc paths \\servername and it will show you sysvol and netlogon folders + other shares (don't be bothered about this)

            By default the path is c:\windows\sysvol.

            There seems to be multiple issue with your ad right now.
            There are various approach to this problem but to begin with i would like to ask you few questions
            A. So far i understand you have 1 DC and you wanted to add 2nd dc, one you add 2nd dc you have shutdown/decom the old dc ... is it.

            B. after seeing the issues you have turn on the original dc or restored from backup... is it

            C. right now you only have 1 dc and the new dc you have added in A you have decom/shutdown/removed it.


            if you like i can remote into your servers and try to resolve it.
            Thanks & Regards
            v-2nas

            MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
            Sr. Wintel Eng. (Investment Bank)
            Independent IT Consultant and Architect
            Blog: http://www.exchadtech.blogspot.com

            Show your appreciation for my help by giving reputation points

            Comment

            Working...
            X