Hello patrick,
Please post the complete error from event viewer.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
> Hello Meinolf,
>
> Sorry that I got one more question about DNS settng. I've try the DNS
> setting according your suggestion. I also put DNS in registry as
> DependentService of Netlogon.
>
> I did the test as below:
> - All DC DNS setting: preferred itself, second other DC.
> - Shutdown all AD (just for testing)
> - Start AD05, "Netlogon" error was found in event viewer.
> - But when I only put set the primary DNS (ad05 itself), and reboot,
> no
> "netlogon" error found.
> Is it a normal?
>
> Thanks for your help
>
> Patrick
>
> "Meinolf Weber" wrote:
>
>> Hello patrick,
>>
>> You can. Do you use DHCP, it's easier to change the DHCP scope
>> settings for the clients to use only the new ones. And the servers i
>> would change to the staying DNS servers, so that AD01 is not longer
>> used for resolving. I would configure like this:
>>
>> AD05 preferred itself, second AD06
>> AD06 preferred itself, second AD05
>> AD01 preferred itself, second AD05
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>>> Hello Meinolf,
>>>
>>> May I have one more question about DNS?
>>>
>>> Right now, all machine's DNS setting are pointing to AD01. Any
>>> problem that if I change AD05's IP to AD01's IP after I demote AD01?
>>>
>>> Because I don't want to change any user pc and member server dns
>>> setting, do you think it is possible?
>>>
>>> Thanks a lot.
>>>
>>> Patrick
>>>
>>> "Meinolf Weber" wrote:
>>>
>>>> Hello patrick,
>>>>
>>>> Good luck and keep in mind to backup the machines and data BEFORE.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>>> Hello Meinolf,
>>>>>
>>>>> Thanks for your fast response and details explaination. I think
>>>>> the problem can be solved according to your info. You are very
>>>>> helpful really.
>>>>>
>>>>> I'll try the whole migrate process again and update the result
>>>>> soon.
>>>>>
>>>>> Thanks & best regards,
>>>>>
>>>>> Patrick
>>>>>
>>>>> "Meinolf Weber" wrote:
>>>>>
>>>>>> Hello patrick,
>>>>>>
>>>>>> see inline.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers
>>>>>> no rights.
>>>>>>> Hi Meinolf,
>>>>>>>
>>>>>>> After demote AD01, I just delte the AD01 container IN "AD Sites
>>>>>>> and
>>>>>>> services"-> "Default-First-Sites-Name"->"Servers"--AD01"
>>>>>>> Then no more group policy errors found on any machine that i
>>>>>>> logon.
>>>>>> Fine.
>>>>>>
>>>>>>> AD01 is a first install DC, it is something bound to first
>>>>>>> insatall DC?
>>>>>>>
>>>>>> The only thing you have to look, is moving NOT seizing the 5 FSMO
>>>>>> roles to another DC. If you have an Exchange server youb have to
>>>>>> look that the Recipients update services are pointing to one of
>>>>>> the other DC's.
>>>>>>
>>>>>>> I'll try to remove DC completely according to your doc?
>>>>>>>
>>>>>> If you mean this one
>>>>>> (http://support.microsoft.com/?kbid=555846&SD=tech),
>>>>>> that's only for orphaned DC's. After the demotion the machine
>>>>>> should automatically
>>>>>> move from DC OU to the computers container. If this is the case,
>>>>>> then the
>>>>>>
>>>>>> machine is only a member server, which can just be deleted like a
>>>>>> normal
>>>>>>
>>>>>> computer account. Before deleting this object give time for
>>>>>> replication between
>>>>>>
>>>>>> all DC's that they also update theire databases about the removed
>>>>>> DC. And
>>>>>>
>>>>>> you should also check with dcdiag and netdiag for errors.
>>>>>>
>>>>>> Also replmon to check replication between the DC's can be useful
>>>>>> now:
>>>>>>
>>>>>> http://technet2.microsoft.com/window...ary/691910f2-a
>>>>>> 6a 7- 4ced-984e-972aec2cbdd21033.mspx?mfr=true
>>>>>>
>>>>>> If all looks good, delete it.
>>>>>>
>>>>>>> Thanks again
>>>>>>>
>>>>>>> Patrick
>>>>>>>
>>>>>>> "Meinolf Weber" wrote:
>>>>>>>
>>>>>>>> Hello patrick,
>>>>>>>>
>>>>>>>> Seems that your removal with ntdsutil was not complete. Also
>>>>>>>> possible that they come back after rolling back AD01. Check
>>>>>>>> with that article again, if they will NEVER come back.
>>>>>>>> http://support.microsoft.com/?kbid=555846&SD=tech
>>>>>>>>
>>>>>>>> Also check again that the FSMO roles are on AD05 or AD06 and
>>>>>>>> that both machines are GC's. Just to be sure that AD01 is
>>>>>>>> completely ready for the removal.
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>>
>>>>>>>> Meinolf Weber
>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>> warranties,
>>>>>>>> and
>>>>>>>> confers
>>>>>>>> no rights.
>>>>>>>>> yes, that 2 DC object are in DC OU.
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>> Patrick
>>>>>>>>>
>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>
>>>>>>>>>> Hello patrick,
>>>>>>>>>>
>>>>>>>>>> Are the objects in computers container or DC OU?
>>>>>>>>>>
>>>>>>>>>> Best regards
>>>>>>>>>>
>>>>>>>>>> Meinolf Weber
>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>> warranties,
>>>>>>>>>> and
>>>>>>>>>> confers
>>>>>>>>>> no rights.
>>>>>>>>>>> Hi Meinolf,
>>>>>>>>>>>
>>>>>>>>>>> Because that 2 DC were out of order, I just use ntdsutil to
>>>>>>>>>>> remove it. DNS records are removed. Computer object still
>>>>>>>>>>> there.
>>>>>>>>>>>
>>>>>>>>>>> Thanks
>>>>>>>>>>>
>>>>>>>>>>> Patrick
>>>>>>>>>>>
>>>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello patrick,
>>>>>>>>>>>>
>>>>>>>>>>>> And they are not longer visible in DNS and AD? So now you
>>>>>>>>>>>> are more or less at the point before removing AD01?
>>>>>>>>>>>>
>>>>>>>>>>>> Best regards
>>>>>>>>>>>>
>>>>>>>>>>>> Meinolf Weber
>>>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>>>> warranties,
>>>>>>>>>>>> and
>>>>>>>>>>>> confers
>>>>>>>>>>>> no rights.
>>>>>>>>>>>>> ad02 and adtest had been removed by ntdsutil (not by
>>>>>>>>>>>>> dcpromo)
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>
>>>>>>>>>>>>> Patrick
>>>>>>>>>>>>>
>>>>>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hello patrick,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> You have to machines ad02 and adtest. Are they still
>>>>>>>>>>>>>> active or removed?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Best regards
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Meinolf Weber
>>>>>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>>>>>> warranties,
>>>>>>>>>>>>>> and
>>>>>>>>>>>>>> confers
>>>>>>>>>>>>>> no rights.
>>>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Below are the reuslt again that I ran netdiag and dcdiag
>>>>>>>>>>>>>>> on AD05
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --------------------
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> DCDIAG RESULT
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>>>> /s:ad01
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>>>> ......................... AD01 passed test Connectivity
>>>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>>>> ......................... AD01 passed test Replications
>>>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>>>> ......................... AD01 passed test NCSecDesc
>>>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>>>> ......................... AD01 passed test NetLogons
>>>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>>>> ......................... AD01 passed test Advertising
>>>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>>>> ......................... AD01 passed test RidManager
>>>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>>>> MachineAccount
>>>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>>>> ......................... AD01 passed test Services
>>>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>>>> ......................... AD01 passed test frssysvol
>>>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>>>> ......................... AD01 passed test kccevent
>>>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>>>> ......................... AD01 passed test systemlog
>>>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>>>> ......................... hkcec.nws passed test
>>>>>>>>>>>>>>> Intersite
>>>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>>>> ......................... hkcec.nws passed test
>>>>>>>>>>>>>>> FsmoCheck
>>>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>>>> /s:ad05
>>>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>>>> ......................... AD05 passed test Connectivity
>>>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>>>> ......................... AD05 passed test Replications
>>>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>>>> ......................... AD05 passed test NCSecDesc
>>>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>>>> ......................... AD05 passed test NetLogons
>>>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>>>> ......................... AD05 passed test Advertising
>>>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>>>> ......................... AD05 passed test RidManager
>>>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>>>> MachineAccount
>>>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>>>> ......................... AD05 passed test Services
>>>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>>>> ......................... AD05 passed test frssysvol
>>>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>>>> ......................... AD05 passed test kccevent
>>>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>>>> ......................... AD05 passed test systemlog
>>>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>>>> ......................... hkcec.nws passed test
>>>>>>>>>>>>>>> Intersite
Similar Threads
