none
DC Upgrade from 32-bit to 64-bit

    Question

  • Hi,

    As far as i know there is no upgrade path between Windows 2008 32-bit to 64bit

    So Plan is to setup member Server with Windows 2008 R2 and promote it to DC. After all the initial replications we will then assign FSMO roles to new DC (2008 R2)

    What steps should be taken in order to completely check the health check of this new DC and Forest

    After successful attempt we will demote all DC's with Windows 2008 Standard one by one.


    • Edited by srguy Thursday, January 19, 2017 4:11 AM
    Thursday, January 19, 2017 4:10 AM

Answers

All replies

  • These ones might help.

    https://www.microsoft.com/en-us/download/details.aspx?id=30005

    https://blogs.technet.microsoft.com/askds/2011/03/22/what-does-dcdiag-actually-do/

    https://gallery.technet.microsoft.com/scriptcenter/Active-Directory-Health-709336cd

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, January 19, 2017 4:15 AM
  • Hi

     Follow the steps on the article for migrate;

    http://blogs.msmvps.com/mweber/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2/


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Thursday, January 19, 2017 7:24 AM
  • Have completed the configured the new DC today and found some errors in dcdiag and repadmin /replsum

    its not replicating to newly built DC

    https://drive.google.com/drive/folders/0B6Zbyw2VLdjHaHRwWjliaE9fNkk?usp=sharing

    Replication Summary Start Time: 2017-01-19 17:20:40

    Beginning data collection for replication summary, this may take awhile:
      .....


    Source DSA          largest delta    fails/total %%   error
     ADC               09d.01h:34m:53s    5 /   5  100  (8457) The destination serve
    r is currently rejecting replication requests.
     BDC               08d.22h:21m:36s    5 /   5  100  (8456) The source server is
    currently rejecting replication requests.


    Destination DSA     largest delta    fails/total %%   error
     ADC               08d.22h:21m:39s    5 /   5  100  (8456) The source server is
    currently rejecting replication requests.
     BDC               09d.01h:34m:53s    5 /   5  100  (8457) The destination serve
    r is currently rejecting replication requests.



    Thursday, January 19, 2017 12:22 PM
  • I'd check the route exists and or ports are open between the two.

    https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, January 19, 2017 2:23 PM
  • I'd check the route exists and or ports are open between the two.

    https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396


    didn't get you
    Thursday, January 19, 2017 4:59 PM
  • I'd check that there is a network connection between them and that the ports are open.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, January 19, 2017 5:10 PM
  • OK, Network connection is between them and able to ping each other

    Also checked with AD Replication Status Tool " 

    Orphaned nTDSDSA Objects Found" for new DC

    Thursday, January 19, 2017 5:47 PM
  • Although I have recently added DC in my domain but some how on PDC Emulator (Primary DC), unable to find new DC in Domain Site and Services.

    All secondary DC's are able to list new DC in Site & Services.

    Even my Netlogon Server on Primary DC is getting paused every 4-5 hours and have to manually RESUME it

    I think there are some issues with my configuration but not sure where it is


    • Edited by srguy Thursday, January 19, 2017 6:27 PM
    Thursday, January 19, 2017 6:21 PM
  • Please run;

    Dcdiag /v /c /d /e /s:DCName >c:\dcdiag.log

    (please replace DCName with your Domain Controller name)

    also run;

    ipconfig /all > C:\dc1.txt

    ipconfig /all > C:\dc2.txt

    then put files up on OneDrive and share a link.

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, January 19, 2017 10:19 PM
  • Hi Dave,

    Please find output from all DC's

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRCkYOPlOATNntvh

    BDC - Primary DC with all FSMO Roles
    ADC - Additional Domain Controller in Remote Office
    Transit - New DC in the same site as BDC

    • Edited by srguy Friday, January 20, 2017 3:47 AM
    Friday, January 20, 2017 3:43 AM
  • Looks like the route between the two may have issues

    172.17.10.1 <-> 172.16.0.4

    (also curious that one uses a 16 bit mask while other uses a 24 bit)

     or at least some blocking on the ports listed here.

    https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 4:06 AM
  • Hi Dave,

    It's a remote site in a different city. Layer-3 MPLS connectivity has been established among the remote site


    internetsrv # execute ping 172.17.10.1
    PING 172.17.10.1 (172.17.10.1): 56 data bytes
    64 bytes from 172.17.10.1: icmp_seq=0 ttl=251 time=355.3 ms
    64 bytes from 172.17.10.1: icmp_seq=1 ttl=251 time=220.7 ms
    64 bytes from 172.17.10.1: icmp_seq=2 ttl=251 time=280.6 ms
    64 bytes from 172.17.10.1: icmp_seq=3 ttl=251 time=351.0 ms
    64 bytes from 172.17.10.1: icmp_seq=4 ttl=251 time=152.3 ms

    --- 172.17.10.1 ping statistics ---
    5 packets transmitted, 5 packets received, 0% packet loss
    round-trip min/avg/max = 152.3/271.9/355.3 ms


    i mistakenly uncheck DNS while running DCPROMO, is it the issue ??
    • Edited by srguy Friday, January 20, 2017 4:26 AM
    Friday, January 20, 2017 4:20 AM
  • I got that. I'd confirm the ports listed are open between sites.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 4:24 AM
  • Should i provide you output for " Netstat -an" from any DC ??
    Friday, January 20, 2017 4:27 AM
  • i mistakenly uncheck DNS while running DCPROMO, is it the issue ??

    Can you elaborate?

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 4:30 AM
  • I have unchecked DNS settings while running DCPROMO and installed DNS after DCPROMO task is complete

    and now its preventing me to create Forward Lookup

    • Edited by srguy Friday, January 20, 2017 4:37 AM
    Friday, January 20, 2017 4:32 AM
  • I see outbound replication being disabled, some services not started and many other errors that appear to relate to site-to-site connectivity. I think this goes beyond forums scope as to trouble shooting. I'd recommend calling in a support incident or starting over if that's possible.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 4:50 AM
  • Starting over is possible but i need to be sure that only BDC & ADC data is there in Schema otherwise it will again give issues as per my knowledge

    I will have to demote the new DC and can I start over again within minutes or i have to wait for certain period of time before start making Windows 2008 R2 Member server as Domain Controller


    • Edited by srguy Friday, January 20, 2017 4:53 AM
    Friday, January 20, 2017 4:51 AM
  • When you're back to ground zero I'd just test all is error free and health is good before proceeding.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 4:57 AM
  • Hi Dave,

    Please confirm which commands need to be checked again for proper health check of DC

    After demoting TRANSIT, i will only have BDC as primary and ADC as secondary DC

    Friday, January 20, 2017 5:02 AM
  • The dcdiag and replication I mentioned. Along with checking the windows event logs.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, January 20, 2017 5:08 AM
  • HI.

    As per your Issue first you need to be check the replication from both of dc and you shout about both of dc IP addressing and network related setting which you define in your dc and network if everything is fine than you need to be check the dns end may be some little point you are missing.

    One more thing is that AD fsmo replication should be proper replicate  between dc and adc

    You can use repadmin /showrepl command and check the issue if its related to replication

    Thanks

    Mahipal Singh

    Wintel Administrator

    Noida

    Friday, January 20, 2017 5:36 AM
  • Hi Dave,

    Please check the link again,  i have pasted all the updated files :-) 

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRCkYOPlOATNntvh

    After TRANSIT has been gracefully demoted

    While running below command its showing Inbound/outbound enabled, the same is disabled on ADC

    C:\Users\Administrator.DOMAIN>repadmin /options

    Repadmin: running command /options against full DC localhost
    Current DSA Options: IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL

    • Edited by srguy Friday, January 20, 2017 10:26 AM Updated
    Friday, January 20, 2017 6:06 AM
  • Hi Dave,

    Three (3) replications have worked without any error so far with 60 minutes interval

    Friday, January 20, 2017 1:54 PM
  • Hi Dave,

    Please check the link again,  i have pasted all the updated files :-) 

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRCkYOPlOATNntvh

    After TRANSIT has been gracefully demoted

    While running below command its showing Inbound/outbound enabled, the same is disabled on ADC

    C:\Users\Administrator.DOMAIN>repadmin /options

    Repadmin: running command /options against full DC localhost
    Current DSA Options: IS_GC DISABLE_INBOUND_REPL DISABLE_OUTBOUND_REPL

    Looks better. I ran through them rather quickly and notice some system event log issues, group policy errors, IPv6 issues (disabled?) In general I'd work through clearing each of the errors one at a time.

     We also want to see;

             Summary of DNS test results:
    
             
                                                Auth Basc Forw Del  Dyn  RReg Ext
                _________________________________________________________________
                Domain: 
    
                   ADC                          PASS PASS PASS PASS PASS PASS n/a  
                   BDC                       PASS PASS PASS PASS PASS PASS n/a

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.



    Friday, January 20, 2017 2:54 PM
  • Hi Dave,

    Which command should i check for DNS confirmation

    Sunday, January 22, 2017 12:02 PM
  • It's contained in the dcdiag report above.

    Dcdiag /v /c /d /e /s:DCName >c:\dcdiag.log

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Sunday, January 22, 2017 2:23 PM
  • Hi Dave,

    Tried every solution to resolve DNS issues but its not solving, updated DCDIAG

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRCkYOPlOATNntvh

    Monday, January 23, 2017 7:28 AM
  • Hi Dave,

    Tried every solution to resolve DNS issues but its not solving, updated DCDIAG

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRCkYOPlOATNntvh

    What are the current issues?

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, January 23, 2017 3:10 PM
  •    Running enterprise tests on : avanza.pk

          Starting test: DNS

             Test results for domain controllers:

                
                DC: bdc.avanza.pk

                Domain: avanza.pk

                

                      
                   TEST: Authentication (Auth)
                      Authentication test: Successfully completed
                      
                   TEST: Basic (Basc)
                      Microsoftr Windows Serverr 2008 Standard  (Service Pack level: 2.0)

                       is supported

                      NETLOGON service is running

                      kdc service is running

                      DNSCACHE service is running

                      DNS service is running

                      DC is a DNS server

                      Network adapters information:

                      Adapter [00000006] Microsoft Hyper-V Network Adapter:

                         MAC address is 00:15:5D:00:64:00
                         IP Address is static 
                         IP address: 172.16.0.2
                         DNS servers:

                            172.16.0.2 (bdc.avanza.pk.) [Valid]
                            172.17.10.2 (ADC) [Valid]
                            127.0.0.1 (bdc.avanza.pk.) [Valid]
                      The A host record(s) for this DC was found
                      Warning: The AAAA record for this DC was not found
                      [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - avanza.pk]
                      The SOA record for the Active Directory zone was found
                      The Active Directory zone on this DC/DNS server was found primary
                      Root zone on this DC/DNS server was not found
                      
                   TEST: Forwarders/Root hints (Forw)
                      Recursion is enabled
                      Forwarders Information: 
                         202.141.224.34 (<name unavailable>) [Valid] 
                         202.141.229.34 (<name unavailable>) [Valid] 
                         8.8.8.8 (<name unavailable>) [Valid] 
                      
                   TEST: Delegations (Del)
                      Delegation information for the zone: avanza.pk.
                         Delegated domain name: _msdcs.avanza.pk.
                            DNS server: bdc.avanza.pk. IP:172.16.0.2 [Valid]
                      
                   TEST: Dynamic update (Dyn)
                      Test record _dcdiag_test_record added successfully in zone avanza.pk
                      Test record _dcdiag_test_record deleted successfully in zone avanza.pk
                      
                   TEST: Records registration (RReg)
                      Network Adapter [00000006] Microsoft Hyper-V Network Adapter:

                         Matching CNAME record found at DNS server 172.16.0.2:
                         b3809253-f3e3-40d6-aabf-698099a4acbb._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         bdc.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         bdc.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.3a39b9bd-f037-463a-9993-81042ce33e37.domains._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._udp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kpasswd._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.gc._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         gc._msdcs.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         gc._msdcs.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _gc._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.gc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.pdc._msdcs.avanza.pk

                         Matching CNAME record found at DNS server 172.17.10.2:
                         b3809253-f3e3-40d6-aabf-698099a4acbb._msdcs.avanza.pk

                         Matching A record found at DNS server 172.17.10.2:
                         bdc.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.17.10.2: 
                         bdc.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.3a39b9bd-f037-463a-9993-81042ce33e37.domains._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._udp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kpasswd._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.gc._msdcs.avanza.pk

                         Matching A record found at DNS server 172.17.10.2:
                         gc._msdcs.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.17.10.2: 
                         gc._msdcs.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.17.10.2:
                         _gc._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.KHI._sites.gc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.pdc._msdcs.avanza.pk

                         Matching CNAME record found at DNS server 172.16.0.2:
                         b3809253-f3e3-40d6-aabf-698099a4acbb._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         bdc.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         bdc.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.3a39b9bd-f037-463a-9993-81042ce33e37.domains._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._udp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kpasswd._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.gc._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         gc._msdcs.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         gc._msdcs.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _gc._tcp.KHI._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.KHI._sites.gc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.pdc._msdcs.avanza.pk

                   Warning: Record Registrations not found in some network adapters

                   Total query time:0 min. 0 sec.. Total RPC connection

                   time:0 min. 0 sec.

                   Total WMI connection time:0 min. 24 sec. Total Netuse connection

                   time:0 min. 0 sec.

             
                
                DC: ADC.avanza.pk

                Domain: avanza.pk

                

                      
                   TEST: Authentication (Auth)
                      Authentication test: Successfully completed
                      
                   TEST: Basic (Basc)
                      Microsoftr Windows Serverr 2008 Standard  (Service Pack level: 2.0)

                       is supported

                      NETLOGON service is running

                      kdc service is running

                      DNSCACHE service is running

                      DNS service is running

                      DC is a DNS server

                      Network adapters information:

                      Adapter

                      [00000006] Microsoft Virtual Machine Bus Network Adapter:

                         MAC address is 00:15:5D:01:66:08
                         IP Address is static 
                         IP address: 172.17.10.2
                         DNS servers:

                            172.17.10.2 (ADC) [Valid]
                            172.16.0.2 (bdc.avanza.pk.) [Valid]
                      The A host record(s) for this DC was found
                      Warning: The AAAA record for this DC was not found
                      [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - avanza.pk]
                      The SOA record for the Active Directory zone was found
                      The Active Directory zone on this DC/DNS server was found primary
                      Root zone on this DC/DNS server was not found
                      
                   TEST: Forwarders/Root hints (Forw)
                      Recursion is enabled
                      Forwarders Information: 
                         172.16.0.2 (bdc.avanza.pk.) [Valid] 
                      
                   TEST: Delegations (Del)
                      Delegation information for the zone: avanza.pk.
                         Delegated domain name: _msdcs.avanza.pk.
                            DNS server: bdc.avanza.pk. IP:172.16.0.2 [Valid]
                      
                   TEST: Dynamic update (Dyn)
                      Test record _dcdiag_test_record added successfully in zone avanza.pk
                      Test record _dcdiag_test_record deleted successfully in zone avanza.pk
                      
                   TEST: Records registration (RReg)
                      Network Adapter

                      [00000006] Microsoft Virtual Machine Bus Network Adapter:

                         Matching CNAME record found at DNS server 172.17.10.2:
                         d2a08544-f3ef-49e7-a655-37911b4d7a5e._msdcs.avanza.pk

                         Matching A record found at DNS server 172.17.10.2:
                         ADC.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.17.10.2: 
                         ADC.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.3a39b9bd-f037-463a-9993-81042ce33e37.domains._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._udp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kpasswd._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.LHR._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.LHR._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _kerberos._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.gc._msdcs.avanza.pk

                         Matching A record found at DNS server 172.17.10.2:
                         gc._msdcs.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.17.10.2: 
                         gc._msdcs.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.17.10.2:
                         _gc._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.17.10.2:
                         _ldap._tcp.LHR._sites.gc._msdcs.avanza.pk

                         Matching CNAME record found at DNS server 172.16.0.2:
                         d2a08544-f3ef-49e7-a655-37911b4d7a5e._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         ADC.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         ADC.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.3a39b9bd-f037-463a-9993-81042ce33e37.domains._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._udp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kpasswd._tcp.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.LHR._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.LHR._sites.dc._msdcs.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _kerberos._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.gc._msdcs.avanza.pk

                         Matching A record found at DNS server 172.16.0.2:
                         gc._msdcs.avanza.pk

                         Warning: 
                         Missing AAAA record at DNS server 172.16.0.2: 
                         gc._msdcs.avanza.pk
                         [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
                         
                         Matching  SRV record found at DNS server 172.16.0.2:
                         _gc._tcp.LHR._sites.avanza.pk

                         Matching  SRV record found at DNS server 172.16.0.2:
                         _ldap._tcp.LHR._sites.gc._msdcs.avanza.pk

                   Warning: Record Registrations not found in some network adapters

                   Total query time:0 min. 0 sec.. Total RPC connection

                   time:0 min. 1 sec.

                   Total WMI connection time:0 min. 1 sec. Total Netuse connection

                   time:0 min. 0 sec.

             
             Summary of test results for DNS servers used by the above domain

             controllers:

             

                DNS server: 172.16.0.2 (bdc.avanza.pk.)

                   All tests passed on this DNS server

                   Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered 
                   DNS delegation for the domain  _msdcs.avanza.pk. is operational on IP 172.16.0.2

                   Total query time:0 min. 0 sec., Total WMI connection

                   time:0 min. 0 sec.

                   
                DNS server: 172.17.10.2 (ADC)

                   All tests passed on this DNS server

                   Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered 
                   Total query time:0 min. 0 sec., Total WMI connection

                   time:0 min. 0 sec.

                   
                DNS server: 202.141.224.34 (<name unavailable>)

                   All tests passed on this DNS server

                   Total query time:0 min. 0 sec., Total WMI connection

                   time:0 min. 1 sec.

                   
                DNS server: 202.141.229.34 (<name unavailable>)

                   All tests passed on this DNS server

                   Total query time:0 min. 0 sec., Total WMI connection

                   time:0 min. 1 sec.

                   
                DNS server: 8.8.8.8 (<name unavailable>)

                   All tests passed on this DNS server

                   Total query time:0 min. 0 sec., Total WMI connection

                   time:0 min. 21 sec.

                   
             Summary of DNS test results:

             
                                                Auth Basc Forw Del  Dyn  RReg Ext
                _________________________________________________________________
                Domain: avanza.pk

                   bdc                          PASS WARN PASS PASS PASS WARN n/a  
                   ADC                          PASS WARN PASS PASS PASS WARN n/a  
             
             Total Time taken to test all the DCs:0 min. 28 sec.

             ......................... avanza.pk passed test DNS
    Tuesday, January 24, 2017 3:52 AM
  • Hi Dave,

    Appreciate if you can guide me where is the issue in DNS so it can be resolved.

    Thursday, January 26, 2017 4:02 AM
  • To be honest I've lost track of where things were at with this. If you're still having issues then you may want to clean install the new server and try again but do not change things like IPv6. It should just work out-of-box without issue. After clean install, patch it fully (also verify servicing health https://support.microsoft.com/en-us/kb/947821), join existing domain, add active directory domain services and promote again.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Thursday, January 26, 2017 4:17 AM
  • Hi Dave,

    DNS Warnings are coming on existing DC's. I haven't promoted any DC since last week after which problem started occuring and eventually have to demote the newly created DC :-(

    Thursday, January 26, 2017 1:16 PM
  • Ok, how many existing DCs and what errors are reported? Do not paste an logs in thread as it makes for unreadable post. Logs should be put on OneDrive and link shared in post.

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.



    Thursday, January 26, 2017 1:49 PM
  • Hi Dave,

    Please find the output of dcdiag.exe /v /c /d /e /s:BDC

    https://1drv.ms/f/s!AmfFZ6z8rN2ogRB6MrHXzVyJd5Z-

    Friday, January 27, 2017 6:26 AM
  • You might work through this one.

    https://technet.microsoft.com/en-us/library/cc816833(v=ws.10).aspx

    and also work through the system event log errors.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Proposed as answer by Wendy JiangModerator Monday, January 30, 2017 8:17 AM
    • Marked as answer by srguy Wednesday, February 8, 2017 6:02 AM
    Friday, January 27, 2017 3:02 PM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, January 30, 2017 8:18 AM
    Moderator
  • You might work through this one.

    https://technet.microsoft.com/en-us/library/cc816833(v=ws.10).aspx

    and also work through the system event log errors.

     

    As per the above link all is working fine but faced some issues with Netlogon service as it was Paused 1-2 times a week on BDC

    Is it normal ??

    How can i clear WARN messages from below outout

       Summary of DNS test results:

             
                                                Auth Basc Forw Del  Dyn  RReg Ext
                _________________________________________________________________
                Domain: avanza.pk

                   bdc                          PASS WARN PASS PASS PASS WARN n/a  
                   ADC                          PASS WARN PASS PASS PASS WARN n/a  

    • Edited by srguy Wednesday, February 8, 2017 6:08 AM
    Wednesday, February 8, 2017 6:05 AM
  • Glad to hear it's working. This one might also help.

    https://social.technet.microsoft.com/wiki/contents/articles/17741.dcdiag-for-dns-test-details-explained.aspx

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Wednesday, February 8, 2017 1:52 PM