Creating New Domain Tree in Existing Forest

[Guest]

We are trying to install a new domain tree within our forest. We currently have a single root domain in our forest e.g. corp.abc.com. We are trying to install a new domain tree corp.xyz.com. We are pointing the machine being promoted to dc of this new tree to our only dcgc for corp.xyz.com. However we are running into issues: firstly, when we run dcpromo and specify 'new domain tree' DNS diagnostics return an error unless we manually create the DNS zone corp.xyz.com. After having done this dcpromo runs for a while and then messages that there is an error replicating directory information and that it cannot find the domain controller for corp.xyz.com. However, we can fully connect to this server, and nslookup shows that DNS is functionin

ANY HELP IS GREATLY APPRECIATED. ARE THERE SOME OTHER CONFIGURATIONS E.G. Creating specific srv records, that are required

Thanks in advanc
Steve

 

[Dmitry Korolyov [MVP]]

Unable to contact DC for corp.xyz.com, but corp.xyz.com is the domain name
for the new domain in the new tree in your forest. Therefore, no DCs should
exist for that domain - you are going to install the first one.
Please provide details here.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

We are trying to install a new domain tree within our forest. We
currently have a single root domain in our forest e.g. corp.abc.com. We are
trying to install a new domain tree corp.xyz.com. We are pointing the
machine being promoted to dc of this new tree to our only dcgc for
corp.xyz.com. However we are running into issues: firstly, when we run
dcpromo and specify 'new domain tree' DNS diagnostics return an error unless
we manually create the DNS zone corp.xyz.com. After having done this
dcpromo runs for a while and then messages that there is an error
replicating directory information and that it cannot find the domain
controller for corp.xyz.com. However, we can fully connect to this server,
and nslookup shows that DNS is functioning

ANY HELP IS GREATLY APPRECIATED. ARE THERE SOME OTHER CONFIGURATIONS E.G.
Creating specific srv records, that are required?

Thanks in advance
Steve

 

[Guest]

Sorry Dmitri - my mistake...the error occurs subsequent to 'investigating forest schema' and states that no domain controller can be found for the existing domain - corp.abc.com...at which point the promotion fails. However, pertinent srv records exist in corp.abc.com...

 

[Dmitry Korolyov [MVP]]

well can you ping the dc for abc.dom domain from the machine you are
dcpromo'ing ? Sounds very much like a DNS configuration issue.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

Sorry Dmitri - my mistake...the error occurs subsequent to 'investigating
forest schema' and states that no domain controller can be found for the
existing domain - corp.abc.com...at which point the promotion fails.
However, pertinent srv records exist in corp.abc.com...

 

[Dmitry Korolyov [MVP]]

Are you trying to install first W2k3 DC for the new domain in your forest
before upgrading the schema first?

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

Yes we can ping. Also nslookup from the machine we are promoting allows
for lookup of records in corp.xyz.com (since it's pointing to the root
controller for DNS)

 

[Guest]

Sorry - it's not helping I keep getting my domains mixed up. We are able to use nslookup from the machine being promoted to view records for corp.abc.com on the root dcgc...

Does the fact that we have to manually create the dns zone for the new domain tree indicate an issue? Once we've created it dcpromo continues for a while and then gives the error about not finding a domain controller in corp.abc.com..

----- Steve wrote: ----

Yes we can ping. Also nslookup from the machine we are promoting allows for lookup of records in corp.xyz.com (since it's pointing to the root controller for DNS

 

[Guest]

The schema was extended for the forest root domain to 2003. Is there an additional process for the new domain controller for the new domain tree?

 

[Dmitry Korolyov [MVP]]

Then it is extremely weird. The error message about being unable to locate a
DC usually indicates an error with DNS configuration, but it seems to be
fine in your case. Are these other DCs for corp.abc.com up and running?
I'll be offline til tomorrow.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

The schema was extended for the forest root domain to 2003. Is there an
additional process for the new domain controller for the new domain tree?

 

[Guest]

No this is only domain controller/gc for the existing domain.

 

[Santhosh Sivarajan]

Make sure Dynamic Updates enabled in "corp.abc.com" and "corp.xyz.com"
zones. Also, make sure DNS sufix name(corp.xyz.com) configured with your
new machine.

Sorry - it's not helping I keep getting my domains mixed up. We are able

to use nslookup from the machine being promoted to view records for
corp.abc.com on the root dcgc...

Does the fact that we have to manually create the dns zone for the new

domain tree indicate an issue? Once we've created it dcpromo continues for
a while and then gives the error about not finding a domain controller in
corp.abc.com...

----- Steve wrote: -----

Yes we can ping. Also nslookup from the machine we are promoting

allows for lookup of records in corp.xyz.com (since it's pointing to the
root controller for DNS)