locked
problem with Active directory DNS? RRS feed

  • Question

  • Hello

    I've one DC and one ADC. now I want to transfer control to ADC which will act as a DC.

    I've tried with bellow steps:

    I transfered all 5 rules:

    1. schema

    2. domain name

    3. RID

    4. PDC

    5. Infrastructure

    But problem is that, after transferring all rules when I shut down my previous DC , I can't Logon to the NEW DC which I provide control.

    Can anybody tell me is there any problem with my transfer system?

    Tuesday, January 4, 2011 4:05 AM

Answers

  • What error message are you getting?  It sounds like DNS is still pointing to old DC.  Please post IPCONFIG/ALL from your new DC here.

    Also, the result of Netdom Query FSMO command . 

     

     


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    • Marked as answer by Brent Hu Friday, January 7, 2011 7:18 AM
    Tuesday, January 4, 2011 5:27 AM
  • Hello Mahammed,

    Actually any DC in a domain or forest will act as a writeable DC.

    If you shutdown a DC, and it's IP address is being used as a DNS server, then it appears taht will be causing the problem. Please check each machine's IP settings, remove the old one and configure the new DC's DNS address. Also check DHCP Option 006 to configure the new DC.

    If you can respond to Santhosh's requests, that will be helpful, too, to allow us to evaluate your current infrastructure config and make recommendations if needed.

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 5:48 AM
  • Hello,

    make sure the DC is also DNS server and Global catalog server. An available DNS server is required for logon.

    For the terms DC/ADC please keep in mind that all DCs are the same, there is no difference on DCs. The FSMOs provide required functionalities but can be hold from any DC according to some rules.

    If the intention is to remove the DC complete from the domain use also the support tools to check for errors before shutting down:

    dcdiag /v /c /d /e /s:dcname >c:\dcdiag.txt
    repadmin /showrepl dc* /verbose /all /intersite >c:\repl.txt  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
    dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)

    If you have errors shown and as the output will become large, DON'T post them into the thread, please use Windows Sky Drive(with open access!) and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 7:45 AM
  • Follow ALL steps listed in http://technet.microsoft.com/en-us/library/cc755937(WS.10).aspx if your intention is to decommission a domain controller

    hth
    Marcin

    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 1:03 PM

All replies

  • What error message are you getting?  It sounds like DNS is still pointing to old DC.  Please post IPCONFIG/ALL from your new DC here.

    Also, the result of Netdom Query FSMO command . 

     

     


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    • Marked as answer by Brent Hu Friday, January 7, 2011 7:18 AM
    Tuesday, January 4, 2011 5:27 AM
  • Hello Mahammed,

    Actually any DC in a domain or forest will act as a writeable DC.

    If you shutdown a DC, and it's IP address is being used as a DNS server, then it appears taht will be causing the problem. Please check each machine's IP settings, remove the old one and configure the new DC's DNS address. Also check DHCP Option 006 to configure the new DC.

    If you can respond to Santhosh's requests, that will be helpful, too, to allow us to evaluate your current infrastructure config and make recommendations if needed.

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 5:48 AM
  • Hello,

    make sure the DC is also DNS server and Global catalog server. An available DNS server is required for logon.

    For the terms DC/ADC please keep in mind that all DCs are the same, there is no difference on DCs. The FSMOs provide required functionalities but can be hold from any DC according to some rules.

    If the intention is to remove the DC complete from the domain use also the support tools to check for errors before shutting down:

    dcdiag /v /c /d /e /s:dcname >c:\dcdiag.txt
    repadmin /showrepl dc* /verbose /all /intersite >c:\repl.txt  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
    dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)

    If you have errors shown and as the output will become large, DON'T post them into the thread, please use Windows Sky Drive(with open access!) and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 7:45 AM
  • Follow ALL steps listed in http://technet.microsoft.com/en-us/library/cc755937(WS.10).aspx if your intention is to decommission a domain controller

    hth
    Marcin

    • Marked as answer by Brent Hu Friday, January 7, 2011 7:19 AM
    Tuesday, January 4, 2011 1:03 PM
  • Hi

     

    Thanks a lot.

    Sunday, January 16, 2011 9:22 AM
  • Hi Mohammad,

    You are welcome. I hope it's all straightened out. :-)

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    Sunday, January 16, 2011 3:21 PM