Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Errors trying to add second domain controller to new 2008 r2 domain

Status
Not open for further replies.
acl03

acl03

MIS
Jun 13, 2005
1,077
US
Building a new domain from scratch, 2008 R2 SP1. I build one server, promote it to a new DC/DNS with no problems.

When I add the second DC/DNS I am getting DNS failures and replication does not get set up correctly.

When I try to replicate, I get "RPC server is unavailable" errors.

This domain is just in testing right now, but I have never worked with 2008 r2 AD. Is there anything I should be doing aside from installing AD on one (new domain) and then the other (existing domain)? There are no firewalls between these servers, should be wide open.

Thanks.

Thanks,
Andrew

[smarty] Hard work often pays off over time, but procrastination pays off right now!
 
Sort by date Sort by votes
How long are you waiting? It takes a while for replication to finish, etc.

If you run dcdiag and netdiag from each, they should point so what's going on. I've found googling the errors that they spit out to be quite informative.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
Thanks for the reply, Pat. I was on vacation, and I did let the replication attempt to finish for about a week while I was gone, still the same thing. Under Sites & Service, each server should show a connection from one to the other, yet not all of them are there still.
I did run dcdiag and attempt to solve the problem with the results, which are below, for server 1 (the first one I built) and even further below for server 2:

Code: 
Directory Server Diagnosis
Performing initial setup:
   Trying to find home server...
   Home Server = cehespdc1
   * Identified AD Forest. 
   Done gathering initial info.
Doing initial required tests
      Testing server: Default-First-Site-Name\CEHESPDC1
      Starting test: Connectivity
         ......................... CEHESPDC1 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\CEHESPDC1
      Starting test: Advertising
         ......................... CEHESPDC1 passed test Advertising
      Starting test: FrsEvent
         ......................... CEHESPDC1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems. 
         ......................... CEHESPDC1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... CEHESPDC1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... CEHESPDC1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... CEHESPDC1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... CEHESPDC1 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... CEHESPDC1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... CEHESPDC1 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... CEHESPDC1 passed test ObjectsReplicated
      Starting test: Replications
         ......................... CEHESPDC1 passed test Replications
      Starting test: RidManager
         ......................... CEHESPDC1 passed test RidManager
      Starting test: Services
         ......................... CEHESPDC1 passed test Services
      Starting test: SystemLog
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 04/21/2011   08:07:48
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
         ......................... CEHESPDC1 passed test SystemLog
      Starting test: VerifyReferences
         ......................... CEHESPDC1 passed test VerifyReferences
   
   
   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation
   
   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation
   
   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
   
   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
   
   Running partition tests on : cehtier2
      Starting test: CheckSDRefDom
         ......................... cehtier2 passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... cehtier2 passed test CrossRefValidation
   
   Running enterprise tests on : cehtier2.mycompany.com
      Starting test: LocatorCheck
         ......................... cehtier2.mycompany.com passed test
         LocatorCheck
      Starting test: Intersite
         ......................... cehtier2.mycompany.com passed test
         Intersite

Thanks,
Andrew

[smarty] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
Code: 
Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = CEHESPDC2
   * Identified AD Forest. 
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\CEHESPDC2
      Starting test: Connectivity
         The host
         c2a345a6-a750-4fbf-b16c-54933c48fcf4._msdcs.cehtier2.mycompany.com
         could not be resolved to an IP address. Check the DNS server, DHCP,
         server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... CEHESPDC2 failed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\CEHESPDC2
      Skipping all tests, because server CEHESPDC2 is not responding to
      directory service requests.
   
   
   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation
   
   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation
   
   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
   
   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
   
   Running partition tests on : cehtier2
      Starting test: CheckSDRefDom
         ......................... cehtier2 passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... cehtier2 passed test CrossRefValidation
   
   Running enterprise tests on : cehtier2.mycompany.com
      Starting test: LocatorCheck
         ......................... cehtier2.mycompany.com passed test
         LocatorCheck
      Starting test: Intersite
         ......................... cehtier2.mycompany.com passed test
         Intersite

Thanks,
Andrew

[smarty] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
624
goombawaho
goombawaho
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
375
DTGMI
DTGMI
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
193
ADB100
ADB100
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
383
microsGuy16
microsGuy16
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
496
fredmartinmaine
fredmartinmaine

Part and Inventory Search

Sponsor

Back
Top