Upgraded NT4 PDC to Win2K resulted in disjointed domain

[Cat1]

HELP!

I recently upgraded our single domain controller (NT4 + Exchange 5.5) to Windows 2000 - have resulted in MS Q257623 problem where my namespace doesn't match!
I have an additional Win2K box which i wanted to promote to 2nd DC and move exchange onto (& upgrade to exchange 2K). This won't connect as the AD & DNS is wrong on the upgraded server.
I have no working backups to restore old NT4 OS.
What is the best way to fix this!!?!! Do i create new forest/exchange site & create new user accounts & move mailboxes over?? Company with 25 users, so re-creating accounts not too much of a nightmare...
WHAT IS THE BEST THING TO DO??

 

[shawnfv]

This happened to me and another worker also. We were able to do what the article said we couldn't do. Make sure all of your DNS pointers on the DC are correct. Go to the registry folder that the article discusses. Add the key and in the two places you see the name listed wrongly, change it what it should say. I would then stop and then start the DNS services. Open the manage menu under the My Conputer icon. If it worked you will see on the Identification tab the correct domain name, and a the warning icon at the bottom of the screen telling that these changes won't take place until the system is restarted.
I would make a backup copy of the Registry before you do this, just to be safe. If it works you will have no more problems with the BDC. I hope that this helps.

 

[Cat1]

when you say 'make sure all of your DNS pointers on the DC are correct', does this mean i should have anything additional in DNS??
At the moment i only have 1 SOA record (for external.com) 2 NS records (for domain.external.com & external.com) and 1 A record (IP of DC) - should i be adding anything else??
In My Computer options are greyed out, so can't change anything there (this is the only DC in the domain).
Also, in the MS article it says that adding the SyncDomainWithMembership key on a server upgraded from NT4 to Win2K won't work..... in your experience it does?
PS: Thanks for the quick reply- may just save my life!!!

 

[Cat1]

Ignore my previous post - i have just made the changes that you advised & everything is now working like a dream!
Thanks - phew!!

 

[shawnfv]

Glad that it worked for you. We tried it as a last ditch effort, and wouldn't you know, it was the only thing that DID work.

 

[aaguilar]

Do Either of you still have the original article as MS has taken it of the site. I have adisjointed domain and this is my last resort.

Any help would be geatly appriciated

Thanx

 

[shawnfv]

Heres the KB article. Copied it out of my Technet CD Hope it helps.
Method 1 is what I was referring to in my first post. It's worked the couple times that I've used it, even though the article says it won't. Also change the name to show the correct ones in the other 2 places you see it.




======================================================================
-------------------------------------------------------------------------------
The information in this article applies to:

- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
-------------------------------------------------------------------------------

IMPORTANT: This article contains information about editing the registry.
Before you edit the registry, make sure you understand how to restore it if
a problem occurs. For information about how to do this, view the "Restoring
the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help
topic in Regedt32.exe.

SYMPTOMS
========

After you promote a domain controller (DC), the Domain Name System (DNS) suffix
of your computer name may not match the domain name that the DC belongs to.
After a server has been promoted to a DC, it is not possible to rename the
computer on the Network Identification tab. Also, you may receive NETLOGON
events in the System Log with ID:5781 or other error messages that indicate a
failure to dynamically register DNS records.

CAUSE
=====

This behavior (disjoint namespace) can occur when the "Change primary DNS suffix
when domain membership changes" check box is not selected (checked) before the
promotion. When a domain suffix is set, the "Change primary DNS suffix when
domain membership changes" check box is not selected in an upgrade from
Microsoft Windows NT 4.0.

RESOLUTION
==========

WARNING: Using Registry Editor incorrectly can cause serious problems that may
require you to reinstall your operating system. Microsoft cannot guarantee that
problems resulting from the incorrect use of Registry Editor can be solved. Use
Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and
Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete
Information in the Registry" and "Edit Registry Data" Help topics in
Regedt32.exe. Note that you should back up the registry before you edit it. If
you are running Windows NT or Windows 2000, you should also update your
Emergency Repair Disk (ERD).

To resolve this issue, use one of the following appropriate methods:

Method 1
--------

After you upgrade to Microsoft Windows 2000, but before you run dcpromo and
obtain the Active Directory Installation Wizard, add the following values to the
following registry key:

Value name: SyncDomainWithMembership
Value type: REG_DWORD
Value: 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

Note: This process will not work on a server that was an NT 4.0 PDC\BDC and
upgraded to Windows 2000.

Method 2
--------

If you have already promoted to a domain controller, use the Active Directory
Installation Wizard to demote to a member server. Click to select the "Change
primary DNS suffix when domain membership changes" check box, and then run
dcpromo to promote back to a domain controller.

NOTE: You can also prevent this problem by upgrading to Windows 2000 by using a
Windows 2000 Service Pack 1 (SP1) slipstream installation point. However,
applying Windows 2000 SP1 after the upgrade does not resolve this issue.

CAUTION: Exercise caution if you determine that this process is necessary on an
existing Windows 2000-based domain. The process of running dcpromo to remove the
computer from a domain, and then re-creating an Active Directory domain results
in a total loss of all the computer account information and user account
information for the domain. You must manually re-create all user account
information and computer account information after using this process.

MORE INFORMATION
================

For additional information, click the article number below to view the article
in the Microsoft Knowledge Base:

Q262376 Computer Name Does Not Match the Windows 2000 Domain Name After
Upgrade

 

[aaguilar]

IT WORKED. I changed the name in the two places and added the reg key. The AD started working. I was then able to replicate to another DC. Trash the original and reload it.

Thanx For You Help

MA