none
domain.local in Active directory RRS feed

  • Question

  • I have windows 2008 r2 DC with internal DNS namespace of domain.local in Active directory. If install and promote DC with win 2019 server would it accept the internal DC with domain.local or it will break. It seemed to work when I tested the upgrade on internal lab with no internet connection. Hopefully, it would be the same when it is connected external
    Monday, February 10, 2020 3:17 PM

All replies

  • The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
    https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, February 10, 2020 3:21 PM
  • Hello,

    Thank you for posting in our TechNet forum.

    Here are the answers for our questions:

    Q: If install and promote DC with win 2019 server would it accept the internal DC with domain.local or it will break.

    A: As Dave mentioned, the minimum requirement to add a Windows Server 2019 Domain Controller is a Windows Server 2008 functional level. The domain also has to use DFS-R as the engine to replicate SYSVOL. So before we add 2019 DC to the existing domain, we need to ensure the functional level is at least Windows Server 2008, and the SYSVOL folder replication type is DFSR.

    We can check if the SYSVOL folder replication type is DFSR by viewing the following registry on the existing DC.

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DFSR\Parameters\SysVols\Migrating Sysvols\LocalState registry subkey. If this registry subkey exists and its value is set to 3 (ELIMINATED), DFSR is being used. If the subkey does not exist, or if it has a different value, FRS is being used.

    Q: It seemed to work when I tested the upgrade on internal lab with no internet connection. Hopefully, it would be the same when it is connected external

    A: We can add other DCs to existing domain no matter our AD environment is connected to external internet or not.

    Meanwhile, according to your description, we would like to promote Windows server 2019 as other DC. Here are the steps about how to add a new DC to existing domain. We can try the below steps.

    1, Check DC health by running Dcdiag /v and check AD replication by running repadmin/showrepl and repadmin /replsum before joining the new DC.
    2, Join the new server to existing domain. 
    3, Add DNS role and ADDS role and promote the new server as Domain Controller.
    4, Repeat step1 to check AD environment health.

    Hope the information is helpful. If you still have problems, please contact with us. Thank you so much for your time.


    Best regards,
    Hannah Xiong

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, February 11, 2020 8:09 AM
  • Hi,

    Thank you for your time.

    Just checking in to see if the information provided was helpful. And if the replies as above are helpful, we would appreciate you to mark them as answers, please let us know if you would like further assistance.

    Best Regards,
    Hannah Xiong

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, February 13, 2020 1:58 AM
  • I have forgot to mention that I have DFS migrated sysvol. I have domain and forest functional level running in windows 2008 r2

    The only question I was trying to clarify is domain.local is supported for windows 2019 upgrade. I remember few years back Microsoft posting support for domain.local or unregistered security domain expired.

    Friday, February 14, 2020 4:57 PM
  • Generally should be Ok to use. Some other recommendations here.

    https://support.microsoft.com/en-us/help/909264/naming-conventions-in-active-directory-for-computers-domains-sites-and

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, February 14, 2020 5:04 PM