Phantom Domain (bad Win2k dcpromo)

[Fred Madden]

I'm in the process of cleaning up the previous sys admin's
mess and ran into something I haven't been able to figure
out. Basically, when I started at this company, they had
an NT 4.0 domain as their main domain, and a Win2k domain
running which looked like it was an attempt to upgrade
from, and do away with, the NT 4.0 domain.

What appears to have happened, is that the previous sys
admin (I use the term loosely) had no clue that you need
to upgrade an NT 4.0 DC to Win2k in order for this to work
correctly. It appears that he just built a Win2k Server
then dcpromo'd it and tried to add it to the NT 4.0
domain. The result being that they now had two domains;
one called MyDomain, and the Win2k one called MyDomain0.

Since I've been here, I've cleaned this up and now have
one Win2k domain named MyDomain. The problem that I now
have is that when a Win2k Pro machine first boots up and
tries to browse the network, My Network Places lists our
current domain, MyDomain, and the failed dcpromo one of
MyDomain0. With neither one of these being browseable.
If I do a nbtstat -RR, then refresh My Network Places, the
MyDomain0 disapears and MyDomain becomes browseable.

So it would seem like this would be a WINS problem. But
everything on our WINS servers seems fine. Plus they
didn't even have a WINS server setup here until after I
had already done away with the failed DC. (Plus their
only DNS server was the failed Win2k DC.) So it seems
like there was nothing other than the NT 4.0 DC to cache
the existance of the failed Win2k DC.

So I am not sure where it is pulling this old, failed
domain name from, and why it is causing problems. If
anyone has any ideas of how to solve this problem, that
would be great. TIA

 

[Fred Madden]

I finally figured out where the "phantom domain" was
coming from. It turns out that there was a Trust still
set up for it.

I still have the issue where I can't browse the network
until I do either a nbtstat -RR or (which I just figured
out and is easier) click on a mapped drive. Then browsing
works fine. If anyone has an answer for this problem,
that would be cool. (At least now that I've eliminated
the phantom domain problem I can start looking in the
right direction.)

 

[news]

Have you tried running browmon (domainname) ? I would try it on both domain
names... It may be that one or more of the browsers on the network has a
problem, and needs its NETBIOS cache flushed...also, if you didn't have a
WINS server before, I bet all the clients are set to use DNS for WINS
resolution.. try IPCONFIG /flushdns....you may also want to check
c:\winnt\system32\drivers\etc lmhosts and hosts files just for the hell of
it....
if it were me, I would probably run dommon (domainname) on both domains,
pretty much just out of curiosity... let me know what you find, i'm kinda
curious now...

 

[Guest]

Like I said, the phantom domain was caused by a trust
still being in place with it. So once I did away with the
trust, I got rid of the phantom domain.

I also figured out my browsing problem. I always use GP
to turn off the browsing service on everything except my
DCs. Well, I've been playing musical servers here as I
rebuild all the servers while keeping everything up and
running. It turns out that only 1 of my 3 DCs had the
browsing service turned on. So when a user rebooted their
machine, and their log on server was one of the two
without browsing turned on, it would take
a "jumpstart" ,like clicking on a mapped drive, to get
browsing to work.

Which brings up another issue. I thought changes made
through a GP would revert back to the original settings
when taken out of that GP. (assuming they're not custom
changes) Does promoting a machine to a DC somehow bypass
this process?