Tuesday, October 14, 2008 2:18 PMI have been implementing more and more 2008 servers, and of which, we have implemented a few 2008 Active Directory servers. I have also decided to start implementing IPv6 and at least allowing Server 2008 servers and Vista workstations to communicate with one another via IPv6. I have also finished consolidating file shares from 3 different filers into a single DFS namespace and all shared off new Server 2008 file servers.
Today I ran the "dfsdiag /testdcs" command, and it listed some errors that indicate all of our 2003 Active Directory servers do not properly recognize the IPv6 subnets that I created in the Sites and Services on the new 2008 Active Directory servers. The older 2003 AD servers return the site name as NULL for the IPv6 subnets.
I thought the error was understandable considering I had not attempted to install the IPv6 protocol on the 2003 AD servers yet. So I installed it one of them, configured the IPv6 addresses and route via netsh, and finally rebooted for good measure. After the reboot I noticed immediately that the NETLOGON service generated 3 error messages (one for each of our 3 IPv6 subnets) stating that the syntax was invalid for the names of those subnets. I tested the "dfsdiag /testdcs" again as well, which that 2003 AD still reports as unable to determine the site name for the IPv6 subnets.
I am concerned about Vista workstations querying AD for the closest DFS file server to communicate with, hitting the older 2003 AD servers, and receiving incorrect results due to them not recognizing the IPv6 subnets. I will likely push faster for the complete replacement of our older 2003 AD servers due to this concern, especially as one of the three sites currently does not have a Server 2008 AD server and yet has a few Vista workstations now.
Should the 2003 AD servers be able to recognize the IPv6 subnets and site names? Or am I missing an update that does not show up on Microsoft Updates that should allow them to?
The one that groks it all...
Friday, October 17, 2008 2:46 PM
I don't have an answer for you but I am curious, do you have a particular reason for enabling ipv6 on these machines?
I generally disable ipv6 on all the servers I deploy unless I have a specific reason to enable (so far I haven't had a reason). I have however ran into some problems with disabling ipv6 in 08 particularly with exchange 07.
But it seems I have fewer problems with ipv6 disabled.
http://www.chrislooney.com MCITP: Enterprise Administrator (Server 2008), MCSE: Security 2003/2000, MCSE: Messaging 2003/2000, MCITP: Exchange 2007, MCTS:SharePoint 2007 (Admin, and Develop), MCTS: SQL 2005, MCDBA, MCAD, MCDST, MCSA, CCNA, CCSP, Security+, OCDBA