Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Windows Server 2008 R2 Standard Issues With Advertising And File Replication Service

  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows Server 2008 R2 Standard Issues With Advertising And File Replication Service

    We've got a Windows Server 2003 and a Windows Server 2008 R2 Standard. We promoted the 2008 R2 Standard to a Domain Controller in an attempt to have it shoulder all roles and responsibilities so that we can retire the 2003 Server.

    Let's say that the 2003 Server is Server2003, the 2008 Server is Server2008, and the domain is Domain.Local.

    DCDiag on Server2008 fails the Advertising test, saying that DSGetDCName returned information for \\Server2003.Domain.Local, when we were trying to reach Server2008. Server is not responding or is not considered suitable.
    The FrsEvent test says that, "There are warning or error events within the last 24 hours after the SysVol has been shared. Failing SysVol replication problems may cause Group Policy problems.
    It also fails the NCSecDesc test, saying that NT Authority\Enterprise Domain Controllers don't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDNSZone,DC=Domain,DC=Local
    The NetLogons test fails, saying, "Unable to connect to the NetLogon share! (\\Server2008\NetLogon) [Server2008] A net use of LSAPolicy operation failed with error 67, the network name cannot be found.
    The SystemLog test notes a failure to apply Group Policy Shortcuts, Internet Settings, and Drive Maps settings.

    Help is greatly appreciated, as I am quickly exhausting my Google-Fu abilities.

  • #2
    Currently, I am trying to demote Server2008, because I am thinking it would be more ideal and easier to just retry Domain Controller promotion and have an environment where Server2008 started off as a working Domain Controller rather than a situation where Server2008 started off as a malfunctioning Domain Controller that had to be fixed just to operate correctly in the first place. I am having difficulties with this too, though.

    If Server2008 never began Advertising correctly upon promotion, then nothing should be relying on it for any Domain Controller functionality, yes? Currently, all Floating Single-Master Operation roles are held by Server2003 as I have transferred them back as part of my efforts to get this to work. So if I can't gracefully demote Server2008, I am thinking to forcefully demote it. DCDiag on Server2003 reports success on all tests, and the Domain functional level is 2003, so I expect that Server2003 could perhaps "get over" the sudden loss of Server2008's Domain Controller status rather easily.


    • #3
      Good practice when you have a failed / failing DC is to
      a) try a clean demote from the machine in question - if that works there should be no difficulty in re-promoting it later
      If not
      b) do a metadata cleanup and remove the problem machine from the domain, flatten and reinstall the OS (do not attempt to rejoin / repromote the original OS) then try again
      Good luck

      Can I check, did you extend the AD schema before introducing the 2008 DC?
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd

      ** Remember to give credit where credit is due and leave reputation points where appropriate **