AD from 2000 to 2003

[juicejug]

I have a 2000 set up with AD with name domain.local

When I try to connect my new 2003 box and dcpromo as an additional
controller, it fails stating srv reasons. On the 2000 box, when I run
netdiag /fix, it causes fatal errors. I also ran dcdiag with errors.
I realize this problem looks related to the single-label, however the
domain we use is also the same as the domain name for the web site
which is hosted by external web hosts (due to bandwidth reasons).

The reason for this upgrade is so that we can also run exchange server
on site (which is being hosted by the web host now).

What is my best method for allowing all parts to work?

 

[Herb Martin]

I have a 2000 set up with AD with name domain.local

When I try to connect my new 2003 box and dcpromo as an additional
controller, it fails stating srv reasons.

Which DNS server is this 2003 box using? (It must use
strictly the internal DNS server [set] which is able to
resolve your DCs etc.)

Also, have you performed ADPrep for both /ForestPrep and
/DomainPrep? This is required before introducing the first
Win2003 DC into a Win2000 Domain.

On the 2000 box, when I run
netdiag /fix, it causes fatal errors. I also ran dcdiag with errors.

And this was my next suggestion: You need to run DCDiag on
every DC and fix those errors.

DNS problems are the usual reason for failure to authenticate
and to replicate which includes DCPromo.

I realize this problem looks related to the single-label,

Not at all since you listed the Domain name with two labels:

domain.local

however the
domain we use is also the same as the domain name for the web site
which is hosted by external web hosts (due to bandwidth reasons).

Not if you are using .local -- if you aren't using that then it
was misleading to say domain.local and not domain.com.

You should NOT however define the A record with the DOMAIN
name in the internal DNS server for the zone that supports AD --
the DCs use this record.

You may still contact the Web server using the www or other
prefix however, just not the bare domain name.

The reason for this upgrade is so that we can also run exchange server
on site (which is being hosted by the web host now).
What is my best method for allowing all parts to work?

You could start by putting the Win2003 Server CD in the
Win2000 box and letting it help you DCPromo that but my
FIRST goal would be a clean DCDiag on every DC.

 

[juicejug]

message

I have a 2000 set up with AD with name domain.local

When I try to connect my new 2003 box and dcpromo as an additional
controller, it fails stating srv reasons.

Which DNS server is this 2003 box using? (It must use
strictly the internal DNS server [set] which is able to
resolve your DCs etc.)

Also, have you performed ADPrep for both /ForestPrep and
/DomainPrep? This is required before introducing the first
Win2003 DC into a Win2000 Domain.

On the 2000 box, when I run
netdiag /fix, it causes fatal errors. I also ran dcdiag with

errors.

And this was my next suggestion: You need to run DCDiag on
every DC and fix those errors.

DNS problems are the usual reason for failure to authenticate
and to replicate which includes DCPromo.

I realize this problem looks related to the single-label,

Not at all since you listed the Domain name with two labels:

domain.local

however the
domain we use is also the same as the domain name for the web site
which is hosted by external web hosts (due to bandwidth reasons).

Not if you are using .local -- if you aren't using that then it
was misleading to say domain.local and not domain.com.

You should NOT however define the A record with the DOMAIN
name in the internal DNS server for the zone that supports AD --
the DCs use this record.

You may still contact the Web server using the www or other
prefix however, just not the bare domain name.

The reason for this upgrade is so that we can also run exchange server
on site (which is being hosted by the web host now).
What is my best method for allowing all parts to work?

You could start by putting the Win2003 Server CD in the
Win2000 box and letting it help you DCPromo that but my
FIRST goal would be a clean DCDiag on every DC.


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

--
juicejug
------------------------------------------------------------------------
Posted via http://www.webservertalk.com
------------------------------------------------------------------------
View this thread: http://www.webservertalk.com/message1688112.html
*

The problem is when I run dcdiag. There is only one DC. Here is the
output when I run dcdiag on that server:

Testing server: Default-First-Site-Name\DCSERVER
Starting test: Connectivity
DCSERVER's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(d20b1a9e-4917-4a9b-9de8-1db3ef216810._msdcs.domain.local)
couldn't be resolved, the server name (DCSERVER) resolved to
the IP
address (192.168.1.30) and was pingable. Check that the IP
address is
registered correctly with the DNS server.
......................... DCSERVER failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DCSERVER
Skipping all tests, because server DCSERVER is
not responding to directory service requests

Running enterprise tests on : domain.local
Starting test: Intersite
......................... domain.local passed test Intersite
Starting test: FsmoCheck
......................... domain.local passed test FsmoCheck

Thanks

 

[Herb Martin]

The problem is when I run dcdiag. There is only one DC.

Expected if the second failed DCPromo.

You didn't bother to answer most of my questions, like what
are the DNS servers listed for the NEW DC on it's "NIC->
IP Properties (and given the error below on the existing server
too.)

They must use STRICTLY the Internal DNS server set --
in your case the existing DNS-DC likely.

Posting your "IPConfig /all" for each would be a good idea.

Here is the output when I run dcdiag on that server:

The following is an INCOMPLETE DCDiag but the problem
looks to be declared right below:

Testing server: Default-First-Site-Name\DCSERVER
Starting test: Connectivity
DCSERVER's server GUID DNS name could not be resolved to an
IP address.
Check the DNS server, DHCP, server name, etc

Right above: You have DNS issues with the existing server.

Testing server: Default-First-Site-Name\DCSERVER
Skipping all tests, because server DCSERVER is
not responding to directory service requests

Likely more DNS issues so start here and post your IPConfig /all
from both DCs if you still have trouble....


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

message

I have a 2000 set up with AD with name domain.local

When I try to connect my new 2003 box and dcpromo as an additional
controller, it fails stating srv reasons.

Which DNS server is this 2003 box using? (It must use
strictly the internal DNS server [set] which is able to
resolve your DCs etc.)

Also, have you performed ADPrep for both /ForestPrep and
/DomainPrep? This is required before introducing the first
Win2003 DC into a Win2000 Domain.

On the 2000 box, when I run
netdiag /fix, it causes fatal errors. I also ran dcdiag with

errors.

And this was my next suggestion: You need to run DCDiag on
every DC and fix those errors.

DNS problems are the usual reason for failure to authenticate
and to replicate which includes DCPromo.

I realize this problem looks related to the single-label,

Not at all since you listed the Domain name with two labels:

domain.local

however the
domain we use is also the same as the domain name for the web site
which is hosted by external web hosts (due to bandwidth reasons).

Not if you are using .local -- if you aren't using that then it
was misleading to say domain.local and not domain.com.

You should NOT however define the A record with the DOMAIN
name in the internal DNS server for the zone that supports AD --
the DCs use this record.

You may still contact the Web server using the www or other
prefix however, just not the bare domain name.

The reason for this upgrade is so that we can also run exchange server
on site (which is being hosted by the web host now).
What is my best method for allowing all parts to work?

You could start by putting the Win2003 Server CD in the
Win2000 box and letting it help you DCPromo that but my
FIRST goal would be a clean DCDiag on every DC.


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

--
juicejug
------------------------------------------------------------------------
Posted via http://www.webservertalk.com
------------------------------------------------------------------------
View this thread: http://www.webservertalk.com/message1688112.html
*

Thanks