locked
ADMT 3.2 ERR2:7711 Unable to retrieve the DNS hostname for the migrated computer The ADSI property cannot be found in the property cache. RRS feed

  • Question

  • Hello,

    I am migrating my exisiting server in to new one with domain split. Please check the attached file and below description if you can point out any possible solution then it would be really great.

    https://docs.google.com/drawings/d/1HmO-a5fkYHsOn4e-jdSglQqIyCuBAdRVd_ZIGEvrQHA/edit?usp=sharing


    Using ADMT 3.2 (revised for 2012R2)

    Config-

    Host - DC01
    OS: 2012R2 (Lab uses eval license)
    Services-
    Domain Controller - EXO.com
    ADDS
    DNS - Configured with reverse lookup and Stub zones (also tried conditional forwarders)
    DHCP - Configured for both subnets
    RAS - Routing service

    Network Hosted on DC01 -
    3 Nic's


    1. 192.168.1.0 - Original Subnet for EXO.com
    2. 127.0.0.1 - Host IP for DC01
    3. 192.168.2.0  - Subnet for Tree domain POS.EXO.com
      Host - POSDC01
      OS: 2012R2 (Lab uses eval license)
      Services -
      Domain controller -POS.EXO.com
      ADDS
      DNS -configured with reverse lookup and Stub zones. (also tried conditional forwarders)


      --------------------------------------------------------------------------------------
      Account configuration:
      EXO.Com -
      Administrator (Enterprise Admin, Schema Admin, Domain Admin)

      POS.Exo.com-
      Administrator: (Domain Admin)

      Notes:  
      I’ve tried both ways with each Administrator configured with all givable permissions to each domain and configured group policy to set each admin with local admin rights to all client computers.

      Configured both domain’s group policy for searching both domains as well.
      --------------------------------------------------------------------------------------
      Preliminary:
      When migrating users and groups I have no issues.

      Problem:
      When Migrating computer accounts from Forest Root Exo.com to sub domain POS.Exo.com I receive an error stating:

      ADMT 3.2 ERR2:7711 Unable to retrieve the DNS hostname for the migrated computer The ADSI property cannot be found in the property cache.

    Thank you!

    Tuesday, November 4, 2014 6:17 PM

Answers

  • Hi Kiran,

    Thanks for your post.

    First of all, could you please let me know if all the domain controllers in the domain are Windows Server 2012 R2?

    If so, the issue you encountered is a known issue. It’s by designed which is the server who has the same name with some other servers in the forest will fail to join domain, and migration will fail when trying to migrate some accounts have the same SPN or UPN as the accounts in the target forest, because one of the new feature in Windows Server 2012 R2 is “SPN and UPN uniqueness”, this feather requires the SPN and UPN must be unique within the entire forest.

    Please refer to the following technet article for the detail information:
    http://technet.microsoft.com/en-us/library/dn535779.aspx

    Here is a workaround to migrate the account who has the duplicate SPN or UPN: introduce a new Windows Server 2008 R2 or Windows Server 2012 DC into that domain, then specify the non-Windows Server 2012 R2 DC when performing migration.

    Hope to hear good news from you soon.

    Best regards,
    Bryan

    • Proposed as answer by Vivian_Wang Friday, December 5, 2014 6:36 AM
    • Marked as answer by Vivian_Wang Wednesday, December 10, 2014 1:23 AM
    Friday, November 28, 2014 8:08 AM

All replies

  • Hi,

    Thanks for your post.

    For the error "ADMT 3.2 ERR2:7711 Unable to retrieve the DNS hostname for the migrated computer The ADSI property cannot be found in the property cache.

    It seems like the name resolution issue.

    Added the Migration account in the user right "Access this computer from Network" on the client machines which are getting migrated.

    Regards.


    Vivian Wang

    Wednesday, November 5, 2014 9:53 AM
  • Thank you very much for quick response.

    By default admin and everyone are part of it and if I change the setting, then it's giving me group policy error.

    Wednesday, November 5, 2014 10:55 PM
  • I am getting below error as well. Could someone please me to resolve the migration issue.

    WinError_8647

    Thursday, November 6, 2014 9:12 PM
  • Hi,

    Sorry for the delay reply.

    The event 2974 lists the value that was blocked and a list of one or more objects that already contain that value.

    For more detail information: 

    http://technet.microsoft.com/en-us/library/dn535779.aspx

    Regards.


    Vivian Wang

    • Proposed as answer by Vivian_Wang Tuesday, November 18, 2014 7:36 AM
    Wednesday, November 12, 2014 7:36 AM
  • Hi,

    Just want to confirm what is the current situation.

    Please feel free to let us know if you need further assistance.

    Regards.


    Vivian Wang

    Monday, November 17, 2014 2:33 AM
  • Hello Vivian,

    Thank you for your response but we are are still in the same situation with the same error. SPN\UPN troubleshooting lead no where. Please let me know if you need any additional details to figure out the error. I really need some solution with this problem.

    Thank you!

    Regards,

    Kiran Patel

    Monday, November 24, 2014 11:34 PM
  • Hi Kiran,

    Thanks for your post.

    First of all, could you please let me know if all the domain controllers in the domain are Windows Server 2012 R2?

    If so, the issue you encountered is a known issue. It’s by designed which is the server who has the same name with some other servers in the forest will fail to join domain, and migration will fail when trying to migrate some accounts have the same SPN or UPN as the accounts in the target forest, because one of the new feature in Windows Server 2012 R2 is “SPN and UPN uniqueness”, this feather requires the SPN and UPN must be unique within the entire forest.

    Please refer to the following technet article for the detail information:
    http://technet.microsoft.com/en-us/library/dn535779.aspx

    Here is a workaround to migrate the account who has the duplicate SPN or UPN: introduce a new Windows Server 2008 R2 or Windows Server 2012 DC into that domain, then specify the non-Windows Server 2012 R2 DC when performing migration.

    Hope to hear good news from you soon.

    Best regards,
    Bryan

    • Proposed as answer by Vivian_Wang Friday, December 5, 2014 6:36 AM
    • Marked as answer by Vivian_Wang Wednesday, December 10, 2014 1:23 AM
    Friday, November 28, 2014 8:08 AM
  • Hi Kiran,

    How are things going? I have not heard back from you in a few days and wanted to check on the
    status of the problem.

    Thanks and I look forward to hearing from you.

    Best regards,
    Bryan

    Tuesday, December 2, 2014 7:44 AM
  • Hi Bryan,

    We need to create new testing environment for the same. We are working on it. I will surely post the status as soon as I am done.

    Thank you very much for your response. Hope it works.

    Have a nice day!

    Regards,

    Kiran Patel

    Tuesday, December 2, 2014 11:25 PM
  • Hi Kiran,

    Thanks for letting me know your process.  I will be standing by with you. Once you have any further questions during your tests, feel free to let me know. I’m happy to help with any questions you may have.

    Hope to hear good news from you soon.

    Best regards,
    Bryan

    Wednesday, December 3, 2014 8:00 AM
  • Hi Kiran,

    Any update? Please feel free to let me know if you have any questions about this case. Thanks.

    Best regards,

    Bryan

    Tuesday, December 9, 2014 8:52 AM