Migration to 2008 Domain Domain Controller

-

please assist,

i have setup new 2008 r2 domain controller in our enviroment, transferred fsmo roles domain controller, setup machine advertise ntp. when dcdiag find following problems. environment has 2 more domain controllers running server 2003 standard, 1 of old pdc, gc, dns , seconday domain controller dns, not gc. need add 1 windows server 2012 dc mix , later decommission server 2003 dc's.  can 1 please have taken on environment , not sure previous guy did, there orignally had dc died long long while ago.

please see dcdiag results below , assist in clearing errors. thanks.

directory server diagnosis

performing initial setup:
   trying find home server...
   home server = mdskzumldc1
   * identified ad forest.
   done gathering initial info.

doing initial required tests

   testing server: default-first-site-name\mdbkzumlartdev
      starting test: connectivity
         ......................... mdbkzumlartdev passed test connectivity

   testing server: default-first-site-name\mdvkzudc4
      starting test: connectivity
         ......................... mdvkzudc4 passed test connectivity

   testing server: default-first-site-name\mdskzumldc1
      starting test: connectivity
         ......................... mdskzumldc1 passed test connectivity

doing primary tests

   testing server: default-first-site-name\mdbkzumlartdev
      starting test: advertising
         ......................... mdbkzumlartdev passed test advertising
      starting test: frsevent
         ......................... mdbkzumlartdev passed test frsevent
      starting test: dfsrevent
         ......................... mdbkzumlartdev passed test dfsrevent
      starting test: sysvolcheck
         ......................... mdbkzumlartdev passed test sysvolcheck
      starting test: kccevent
         ......................... mdbkzumlartdev passed test kccevent
      starting test: knowsofroleholders
         ......................... mdbkzumlartdev passed test
         knowsofroleholders
      starting test: machineaccount
         ......................... mdbkzumlartdev passed test machineaccount
      starting test: ncsecdesc
         ......................... mdbkzumlartdev passed test ncsecdesc
      starting test: netlogons
         ......................... mdbkzumlartdev passed test netlogons
      starting test: objectsreplicated
         ......................... mdbkzumlartdev passed test objectsreplicated
      starting test: replications
         ......................... mdbkzumlartdev passed test replications
      starting test: ridmanager
         ......................... mdbkzumlartdev passed test ridmanager
      starting test: services
            invalid service type: rpcss on mdbkzumlartdev, current value
            win32_own_process, expected value win32_share_process
         ......................... mdbkzumlartdev failed test services
      starting test: systemlog
         warning event occurred.  eventid: 0x825a000e
            time generated: 05/27/2013   09:25:27
            (event string (event log = system) not retrieved, error
            0x13d)
         ......................... mdbkzumlartdev passed test systemlog
      starting test: verifyreferences
         ......................... mdbkzumlartdev passed test verifyreferences

   testing server: default-first-site-name\mdvkzudc4
      starting test: advertising
         ......................... mdvkzudc4 passed test advertising
      starting test: frsevent
         ......................... mdvkzudc4 passed test frsevent
      starting test: dfsrevent
         ......................... mdvkzudc4 passed test dfsrevent
      starting test: sysvolcheck
         ......................... mdvkzudc4 passed test sysvolcheck
      starting test: kccevent
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:02:59
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:02:59
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:02:59
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:07:59
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:08:00
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:08:00
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:13:00
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:13:00
            event string: active directory domain services failed create
         error event occurred.  eventid: 0xc0000470
            time generated: 05/27/2013   10:13:00
            event string: active directory domain services failed create
         ......................... mdvkzudc4 failed test kccevent
      starting test: knowsofroleholders
         ......................... mdvkzudc4 passed test knowsofroleholders
      starting test: machineaccount
         ......................... mdvkzudc4 passed test machineaccount
      starting test: ncsecdesc
         ......................... mdvkzudc4 passed test ncsecdesc
      starting test: netlogons
         ......................... mdvkzudc4 passed test netlogons
      starting test: objectsreplicated
         ......................... mdvkzudc4 passed test objectsreplicated
      starting test: replications
         ......................... mdvkzudc4 passed test replications
      starting test: ridmanager
         ......................... mdvkzudc4 passed test ridmanager
      starting test: services
            invalid service type: rpcss on mdvkzudc4, current value
            win32_own_process, expected value win32_share_process
         ......................... mdvkzudc4 failed test services
      starting test: systemlog
         ......................... mdvkzudc4 passed test systemlog
      starting test: verifyreferences
         ......................... mdvkzudc4 passed test verifyreferences

   testing server: default-first-site-name\mdskzumldc1
      starting test: advertising
         ......................... mdskzumldc1 passed test advertising
      starting test: frsevent
         ......................... mdskzumldc1 passed test frsevent
      starting test: dfsrevent
         ......................... mdskzumldc1 passed test dfsrevent
      starting test: sysvolcheck
         ......................... mdskzumldc1 passed test sysvolcheck
      starting test: kccevent
         warning event occurred.  eventid: 0x800004c4
            time generated: 05/27/2013   10:10:38
            event string:
            ldap on secure sockets layer (ssl) unavailable @ tim
e because server unable obtain certificate.
         ......................... mdskzumldc1 passed test kccevent
      starting test: knowsofroleholders
         ......................... mdskzumldc1 passed test knowsofroleholders
      starting test: machineaccount
         ......................... mdskzumldc1 passed test machineaccount
      starting test: ncsecdesc
         ......................... mdskzumldc1 passed test ncsecdesc
      starting test: netlogons
         ......................... mdskzumldc1 passed test netlogons
      starting test: objectsreplicated
         ......................... mdskzumldc1 passed test objectsreplicated
      starting test: replications
         ......................... mdskzumldc1 passed test replications
      starting test: ridmanager
         ......................... mdskzumldc1 passed test ridmanager
      starting test: services
         ......................... mdskzumldc1 passed test services
      starting test: systemlog
         warning event occurred.  eventid: 0x8000001d
            time generated: 05/27/2013   10:10:23
            event string:
            key distribution center (kdc) cannot find suitable certificate
 to use smart card logons, or kdc certificate not verified. sma
rt card logon may not function correctly if problem not resolved. cor
rect problem, either verify existing kdc certificate using certutil.exe
 or enroll new kdc certificate.
         warning event occurred.  eventid: 0x00009016
            time generated: 05/27/2013   10:10:38
            event string:
            no suitable default server credential exists on system. wi
ll prevent server applications expect make use of system default cre
dentials accepting ssl connections. example of such application th
e directory server. applications manage own credentials, such the
internet information server, not affected this.
         warning event occurred.  eventid: 0x00009016
            time generated: 05/27/2013   10:10:38
            event string:
            no suitable default server credential exists on system. wi
ll prevent server applications expect make use of system default cre
dentials accepting ssl connections. example of such application th
e directory server. applications manage own credentials, such the
internet information server, not affected this.
         ......................... mdskzumldc1 passed test systemlog
      starting test: verifyreferences
         ......................... mdskzumldc1 passed test verifyreferences

 


   running partition tests on : forestdnszones
      starting test: checksdrefdom
         ......................... forestdnszones passed test checksdrefdom
      starting test: crossrefvalidation
         ......................... forestdnszones passed test
         crossrefvalidation

   running partition tests on : domaindnszones
      starting test: checksdrefdom
         ......................... domaindnszones passed test checksdrefdom
      starting test: crossrefvalidation
         ......................... domaindnszones passed test
         crossrefvalidation

   running partition tests on : schema
      starting test: checksdrefdom
         ......................... schema passed test checksdrefdom
      starting test: crossrefvalidation
         ......................... schema passed test crossrefvalidation

   running partition tests on : configuration
      starting test: checksdrefdom
         ......................... configuration passed test checksdrefdom
      starting test: crossrefvalidation
         ......................... configuration passed test crossrefvalidation

   running partition tests on : mdd-bcx
      starting test: checksdrefdom
         ......................... mdd-bcx passed test checksdrefdom
      starting test: crossrefvalidation
         ......................... mdd-bcx passed test crossrefvalidation

   running enterprise tests on : mdd-bcx.root
      starting test: locatorcheck
         ......................... mdd-bcx.root passed test locatorcheck
      starting test: intersite
         ......................... mdd-bcx.root passed test intersite

c:\users\nivendran.nair>netdom query /domain:mdd-bcx.root fsmo
schema master               mdskzumldc1.mdd-bcx.root
domain naming master        mdskzumldc1.mdd-bcx.root
pdc                         mdskzumldc1.mdd-bcx.root
rid pool manager            mdskzumldc1.mdd-bcx.root
infrastructure master       mdskzumldc1.mdd-bcx.root
command completed successfully.

niven nair

hi,

as after deep review have seen have 3 dc's , 2 of them running windows server 2k3 , 1 running 2k8 r2. please confirm details below:

existing scenario:

3 dcs

1) windows server 2k8 holding roles

2) windows server 2k3 not holding role

3) windows server 2k3 not holding role

and want decommission both 2k3 servers , create 1 server of win 2k12?

please confirm above details.

thanks,

akshay v

akshay vithalkar
(mcts) | windows server 2008 r2 server virtualization
(mcts) | windows server 2008 r2 network infrastructure,configuration
(mcts) | windows server 2008 r2 active directory, configuration
(mcitp)| windows server 2008 server administrator
(mcsa) | windowsserver2008;



Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more

DFSR RPC replication errors 5014 1726 with large files over VPN

-
i have similar issue ryan in reply http://social.technet.microsoft.com/forums/en-gb/winserverfiles/thread/6d49fd71-2236-4fcb-9763-bf1c03459ee8 cited below. start additional thread here because other 1 related windows server 2003 (r2) , i'm (as ryan) on windows 2008 r2 x64. here first of post ryan: i've got same problem on 2008 r2 dfsr server.  the spoke server has 2x intel 1 gigb on-board nics in active/standby teamed configuration. the hub server (running on vmware using 10gbit vmnet3 nic driver) logs dfsr event 5014 every 2-15mins (usually around 5mins). the spoke server not log event. replication running slowly. initial sync/replication. had re-configure replication folder because of lost dfsr database on spoke server.  could teamed nic on spoke causing error on host? a note: last time did initial sync on folder processed @ 30k files , hour. time it's doing few hundred and hour. another note: hub server has several replication groups , conne...
Read more

ADFS 3.0 Event ID 4625 | An Error occurred During Logon | Status: 0xC000035B

-
we're getting these random errors on our adfs security logs, how can track down generating them? an account failed log on. subject: security id: null sid account name: - account domain: - logon id: 0x0 logon type: 3 account logon failed: security id: null sid account name: account domain: failure information: failure reason: an error occured during logon. status: 0xc000035b sub status: 0x0 process information: caller process id: 0x0 caller process name: - network information: workstation name: - source network address: - source port: - detailed authentication information: logon process: kerberos authentication package: kerberos transited services: - package name (ntlm only): - key length: 0 event generated when logon request fails. generated on computer access attempted. subject fields indicate account on local system requested logon. commonly service such server service, or local process such ...
Read more