No announcement yet.

Need help adding 2nd DC

  • Filter
  • Time
  • Show
Clear All
new posts

  • Need help adding 2nd DC

    Hello All,

    I'm having problems adding a second DC to our current Active Directory. I've searched Google, this forum, and many others and cannot find a solution.

    Anyway the current setup is Windows Server 2003 Active Directory (Native).
    DC1 is Win2K3 R2 32bit with all updates. What will be DC2 is Win2K3 R2 64bit (slipstreamed SP2)

    I want to build this new server and have it replace the original (transfer all the roles etc...). For some reason though, every time I add the server I cannot get replication to work (the SYSVOL and NETLOGON shares never show on the new server etc...).

    Currently, I have the DC2 Server demoted to a member server and I do not see any references anywhere (dcdiag /c /e /v passes everything - netdiag /v passes everything).

    I need to get this DC1 all prepared and fully functional; however, when I do ntfrsutl ds I get cracked domain issues (not sure if these are normal since now it's a single DC again).

    DN : cn=DC1,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=company,dc=local
    Guid : f1ba84bf-df65-481b-81551911a95580b5
    Server Ref : CN=NTDS Settings,CN=DC1,CN=Servers,CN=company,CN=Sites,CN= Configuration,DC=company,DC=local
    Computer Ref : cn=DC1,ou=domain controllers,dc=company,dc=local
    Cracked Domain : company.local
    Cracked Name : 00000002 company\DC1$
    Cracked Domain : company.local
    Cracked Name : fffffff4 S-1-5-21-3569697419-2275057475-2137919049-1000
    Computer's DNS :
    WhenCreated : 7/3/2008 14:11:46 Central Standard Time Central Daylight Time [360]
    WhenChanged : 7/3/2008 15:47:46 Central Standard Time Central Daylight Time [360]

    Full ntfrsutl results attached.

    Can anyone help?
    Again, currently DC1 is the only DC (ntdsutl metadata cleanup does only show the one DC1 server).
    Attached Files

  • #2
    Re: Need help adding 2nd DC

    Have you checked the event viewer logs on DC1 to see if there are any errors about replication failure?

    Also, how is your DNS configured? That was my major issue, when I solved the DNS issue, everything else started to work.

    Does the new DC2 actually DCPromo OK, with no errors? And how long did you leave it for SYSVOL to replicate? Sometimes, unless you force it, it can take some time.



    • #3
      Re: Need help adding 2nd DC

      When both DC1 and DC2 were both Domain Controllers (DC2 currently has been demoted back to a member server), then both servers would get the FRS errors stating that it had been trying to replicate the SYSVOL ;however, could not.

      I actually left the server up and running all weekend, that sysvol folder should have completed by then (especially since I can copy the entire thing from DC1 to my computer in less then 5 minutes).

      It does seem like other than that issue, when I try to DCPROMO the DC2 it does OK. I can even make a change via ADUC on DC1 and see it immediately on DC2 (and vice versa).

      However, before I get this DC2 back as a DC actually, I need to resolve that cracked domain issue I believe and am not sure where to start with that.