Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Trying to replace an old DC

Status
Not open for further replies.
Timhi

Timhi

Technical User
Apr 28, 2008
33
US
Hi.

I have 3 DC's in 2 geographical sites. Site1 has 2 DC's (one with all FSMO roles and the other as primary DNS/DHCP); site2 has one DC (secondary DNS/DHCP).

I am replacing a 10 year old 2000 DC in site2 with a new 2003 DC. The DC was running DHCP, WINS, and DNS with an AD-integrated zone. So I install those services on the new server, copy DHCP database, turn it on, copy DNS over, replicate WINS; then remove the old DC from DNS/WINS replication and removed it from the nameservers tab for DNS.

Everything works fine for the most part, except when I turn the old DC off to test the effect. In site1 and site2, when I try to join a computer to the domain, it says "domain controller not found". This only happens about half the time.

I am also running Unity in site1. The logonserver for Unity is the DC in site1. It can get everywhere on the network, except when I try to edit a user in Unity (it looks at Active Directory), it says "cannot find domain controller".

Why is a server that is logged onto a completely seperate DC having trouble contacting it?

Could this happen because I simply turned off the server (as a test) instead of demoting it? I would think that once a server has a logonserver, it won't lose contact with it.

Sorry about the long post, it's just kind of a complicated issue.

Thanks!
 
Sort by date Sort by votes
Sounds like you need to make the new box a GC. Also sounds like your AD Sites and Services isn't setup correctly.

Did you clear out all records for the DC in DNS? It sounds like you're not using AD integrated DNS.

Pat Richard MVP
 
Upvote 0 Downvote
The new box is a GC. I just disabled GC on the old box, will that take awhile to come into play? DNS is AD-integrated; both the old server and the new server SRV records are in "_LDAP._TCP.dc._msdcs.domainname". Should I manually delete the old server's SRV records from there so clients don't find it?

Thanks.
 
Upvote 0 Downvote
So it was probably the GC. After I stopped advertising the old DC, stuff connected to the new DC. Thanks.

Only other (weird) problem I am having is computers in that domain can log in, but the network is veerry slow. It sits at the "applying profile settings" for about 5 minutes and it takes about 2 minutes to pull up network settings.
 
Upvote 0 Downvote
That's likely a DNS issue. What DNS server are they pointing to?

BTW - Don't manually remove DNS entries until after you've demoted the DC and removed it from the domain. IF the records still exist after a little while you should manually delete them.

Pat Richard MVP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
420
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
432
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
142
DrB0b
DrB0b
andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
208
RRankin355
RRankin355
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
243
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top