| Author |
 Topic  |
|
|
dthomas
Seasoned But Casual Onlooker
54 Posts
Status: offline |
 Posted - 05/08/2012 : 08:55:35 AM
|
I have a Windows Server 2003 Active Directory domain controller acting as a secondary internal file server. Our primary servers are running a distribution of Linux. Currently the forest functional level is Windows 2000 and the current domain functional level Windows 2000 mixed. I want to introduce a new Windows Server 2008 R2 Active directory domain controller to the domain. However, I need to raise the functional levels of the forest and the domain to Windows server 2003 level. I went into the Active directory Domains and trusts to raise the forest level, but I got a message saying that "I can't raise the forest level. Either this forest includes domain controllers that are not running the appropriate version of Windows, or one or more domains in the forest are still at the Windows 2000 mixed or Windows 2003 interim functional level". Can someone give some advice on how I can raise the two levels to a Windows server 2003 functional levels. Also, to do it cleanly. Would I first raise the domain functional level and than raise the forest level ? How would clean out the pipes per say before I run the adprep commands? I look forward to any advice.
Thanks in advance, Dan
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/08/2012 : 11:34:51 AM
|
| First, you remove old DC accounts belonging to W2000 or NT4 DC's. A metadata cleanup may be required for that. Then, raise the domain level. Finally, do the forest level. |
Make it as simple as you can, but not simpler -- Albert Einstein |
 |
|
|
dthomas
Seasoned But Casual Onlooker
54 Posts
Status: offline |
Posted - 05/08/2012 : 1:14:01 PM
|
I don't have any Windows Server 2000 or Windows NT servers.
|
|
|
|
myousufali
Welcome Newcomer
2 Posts
Status: offline |
Posted - 05/16/2012 : 04:02:40 AM
|
You need to check there is no replication issues using following commands.
dcdiag /v > c:\dcdiag.txt
repadmin /showrepl dc* /verbose /all /intersite > c:\repl.txt
|
MYousufAli (MCC-2012)
My Blog: http://myousufali.wordpress.com/ |
|
|
|
dthomas
Seasoned But Casual Onlooker
54 Posts
Status: offline |
Posted - 05/16/2012 : 2:53:58 PM
|
By running the commands on last post I got the following:
dcdiag /v > c:\dcdiag.txt
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine scooby, is a DC.
* Connecting to directory service on server scooby.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SCOOBY
Starting test: Connectivity
* Active Directory LDAP Services Check
The host 98d77564-651a-45ec-8b7b-08cbc131ecb6._msdcs.physics.bogus could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(98d77564-651a-45ec-8b7b-08cbc131ecb6._msdcs.physics.bogus) couldn't
be resolved, the server name (scooby.physics.bogus) resolved to the IP
address (xxx.xxx.x.xxx) and was pingable. Check that the IP address
is registered correctly with the DNS server.
......................... SCOOBY failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SCOOBY
Skipping all tests, because server SCOOBY is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
For the partition (DC=ForestDnsZones,DC=physics,DC=bogus) we
encountered the following error retrieving the cross-ref's
(CN=50bd8b7d-933e-4684-950b-7b2be8a850a7,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... ForestDnsZones failed test CrossRefValidation
Starting test: CheckSDRefDom
For the partition (DC=ForestDnsZones,DC=physics,DC=bogus) we
encountered the following error retrieving the cross-ref's
(CN=50bd8b7d-933e-4684-950b-7b2be8a850a7,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... ForestDnsZones failed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
For the partition (DC=DomainDnsZones,DC=physics,DC=bogus) we
encountered the following error retrieving the cross-ref's
(CN=ed3ef63a-4941-4e31-9ad4-b87729eac702,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... DomainDnsZones failed test CrossRefValidation
Starting test: CheckSDRefDom
For the partition (DC=DomainDnsZones,DC=physics,DC=bogus) we
encountered the following error retrieving the cross-ref's
(CN=ed3ef63a-4941-4e31-9ad4-b87729eac702,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... DomainDnsZones failed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
For the partition (CN=Schema,CN=Configuration,DC=physics,DC=bogus)
we encountered the following error retrieving the cross-ref's
(CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... Schema failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
For the partition (CN=Configuration,DC=physics,DC=bogus) we
encountered the following error retrieving the cross-ref's
(CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... Configuration failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : physics
Starting test: CrossRefValidation
For the partition (DC=physics,DC=bogus) we encountered the
following error retrieving the cross-ref's
(CN=PHYSICSLAB2,CN=Partitions,CN=Configuration,DC=physics,DC=bogus)
information:
LDAP Error 0x3a (58).
......................... physics failed test CrossRefValidation
Starting test: CheckSDRefDom
......................... physics passed test CheckSDRefDom
Running enterprise tests on : physics.bogus
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... physics.bogus passed test Intersite
Starting test: FsmoCheck
GC Name: \\scooby.physics.bogus
Locator Flags: 0xe00003fd
PDC Name: \\scooby.physics.bogus
Locator Flags: 0xe00003fd
Time Server Name: \\scooby.physics.bogus
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\scooby.physics.bogus
Locator Flags: 0xe00003fd
KDC Name: \\scooby.physics.bogus
Locator Flags: 0xe00003fd
......................... physics.bogus passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
---------------------------------------------------------------
Than on the second command I get this:
repadmin /showrepl dc* /verbose /all /intersite > c:\repl.txt
repadmin running command /showrepl against server scooby.physics.bogus
Default-First-Site-Name\SCOOBY
DC Options: IS_GC
Site Options: (none)
DC object GUID: 98d77564-651a-45ec-8b7b-08cbc131ecb6
DC invocationID: 98d77564-651a-45ec-8b7b-08cbc131ecb6
==== KCC CONNECTION OBJECTS ============================================
I'm at a loss. Any body out there can help resolve these.
Thanks
|
|
|
|
dthomas
Seasoned But Casual Onlooker
54 Posts
Status: offline |
Posted - 08/10/2012 : 09:32:56 AM
|
Corrected, However, I have a problem. I brought up my windows server 2008 r2 AD. I transferred all my FSMO roles, but when I open up my DNS console the zones aren't there on the new server. How can I force transfer or do I have to wait. Please advise.
Thanks |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4523 Posts
Status: offline |
Posted - 08/10/2012 : 6:27:52 PM
|
| Where is the primary DNS server in DNS forwarders and on the NIC? |
Joe
After everything that has happened during the month of Jan 07, I do believe that pigs fly backwards!
http://whatismyv6.com/ |
|
|
|
aval
Honorable But Hopeless Addict
USA
3288 Posts
Status: offline |
Posted - 08/13/2012 : 9:27:51 PM
|
Still nothing in the DNS console on the new server?
Are you sure your DNS is Active Directory Integrated?
What if you run this command (at the "DOS" command prompt):
dnscmd /enumzones /ds
What displays, if anything?
If the DNS data has not replicated over the week-end, there's most likely a problem. I'll suppose these two domain controllers are in the same site and that replication should be almost instantaneous.
You could force replication with repadmin /syncall:
http://blogs.technet.com/b/askds/archive/2009/07/01/getting-over-replmon.aspx
Assuming your DNS is in one of those Active Directory partitions.
###
BTW, you could try running DCDIAG again, with or without the /v switch (/v or "verbose" just provides a lot more details, useful or not). |
Edited by - aval on 08/13/2012 9:29:54 PM |
|
|
|
dthomas
Seasoned But Casual Onlooker
54 Posts
Status: offline |
Posted - 08/14/2012 : 3:48:56 PM
|
| My forward and reverse lookup zones transferred when I created a secondary zone. The replication isn't Active directory integrated. It's getting its information from a linux bind servers. Another issues is I have two nic's. Ones on a 192.x.x.x network and the other one is on a 10.x.x.x network. How should configure my DNS & Active directory? |
|
|
| |
Topic |
|
|
|
raising forest and domain levels
