One thing to take into consideration, is if this is the 1st DC in your
domain. If it is, it contains a special Recovery Agent Certificate for
EFS that allows you to de-crypt users EFS file in your domain as long as
those users in your domain are using an EFS certificate obtained from
your CA (if you have one). I would make sure this certificate is backed
up if this is the 1st DC that you promoted in your domain.
This article explains this more and is geared for Server 2008, but it
also applies for Server 2003:
http://technet.microsoft.com/en-us/l.../cc755157.aspx
--
Elan Shudnow
http://www.shudnow.net
"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:. com:
> Hello jbrid,
>
> Did you also configure FORWARDERS on the new DC? Are all clients configured
> to use the new domain DNS also?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
>
> > Hello Meinolf-
> >
> > I followed your steps you you wrote in post #2 of this thread.
> > Everything worked well. I thank you for the information.
> >
> > There is one remaining issue that I have.
> >
> > This morning I shutdown my old server (DC1) to ensure that the new
> > server (DC2) could function on its own. Unfortunately it failed the
> > test. DNS is only working if DC1 is up. While it was down I could
> > connect to http://64.233.167.99 (Google) but could not connect to
> > www.google.com or any website without typing the IP address. Both DC's
> > are Windows Server 2003.
> >
> > Before migrating I confirmed that DNS on DC1 was an Active directory
> > integrated zone. I also confirmed that the DNS zones were replicated
> > to DC2 because they appeared in the DNS management console on DC2.
> >
> > I am seeing that 3 days ago I had several Event 4004's in the DNS
> > Server event log.
> >
> > After running netdiag on DC2, I see this DNS error:
> >
>
> >> DNS test . . . . . . . . . . . . . : Passed
> >> [WARNING] Cannot find a primary authoritative DNS server for
> >> the name
> >> '[dc2].XXX.local.'. [ERROR_TIMEOUT]
> >> The name '[dc2].ted.local.' may not be registered in DNS.
> >> [WARNING] Cannot find a primary authoritative DNS server for
> >> the name
> >> '[dc2].XXX.local.'. [ERROR_TIMEOUT]
> >> The name '[dc2].ted.local.' may not be registered in DNS.
> >> [WARNING] The DNS entries for this DC cannot be verified right
> >> now on DNS
> >> server 192.168.254.254, ERROR_TIMEOUT.
> >> PASS - All the DNS entries for DC are registered on DNS server
> >> '192.168.0.129' and other DCs also have some of the names registered.
> >> PASS - All the DNS entries for DC are registered on DNS server
> >> '192.168.0.128' and other DCs also have some of the names registered.
>
> > IPCONFIG of DC1:
> >
>
> >> C:\Program Files\Support Tools>ipconfig /all
> >>
> >> Windows IP Configuration
> >>
> >> Host Name . . . . . . . . . . . . : [dc1]
> >> Primary Dns Suffix . . . . . . . : XXX.local
> >> Node Type . . . . . . . . . . . . : Unknown
> >> IP Routing Enabled. . . . . . . . : Yes
> >> WINS Proxy Enabled. . . . . . . . : No
> >> DNS Suffix Search List. . . . . . : XXX.local
> >> Ethernet adapter LAN:
> >>
> >> Connection-specific DNS Suffix . :
> >> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> >> Ethernet
> >> Physical Address. . . . . . . . . : 00-0E-7F-F3-87-7F
> >> DHCP Enabled. . . . . . . . . . . : No
> >> IP Address. . . . . . . . . . . . : 192.168.0.128
> >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >> Default Gateway . . . . . . . . . :
> >> DNS Servers . . . . . . . . . . . : 192.168.0.128
>
> > IPCONFIG of DC2 (also is gateway to the internet)
> >
>
> >> C:\Program Files\Support Tools>ipconfig /all
> >>
> >> Windows IP Configuration
> >>
> >> Host Name . . . . . . . . . . . . : [dc2]
> >> Primary Dns Suffix . . . . . . . : XXX.local
> >> Node Type . . . . . . . . . . . . : Unknown
> >> IP Routing Enabled. . . . . . . . : Yes
> >> WINS Proxy Enabled. . . . . . . . : No
> >> DNS Suffix Search List. . . . . . : XXX.local
> >> domain.invalid
> >> Ethernet adapter Local Area Connection:
> >>
> >> Connection-specific DNS Suffix . :
> >> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> >> Ethernet
> >> Physical Address. . . . . . . . . : 00-19-B9-FE-08-34
> >> DHCP Enabled. . . . . . . . . . . : No
> >> IP Address. . . . . . . . . . . . : 192.168.0.129
> >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >> Default Gateway . . . . . . . . . :
> >> DNS Servers . . . . . . . . . . . :
> >> 192.168.0.129192.168.0.128
> >> Ethernet adapter Local Area Connection 3:
> >> Connection-specific DNS Suffix . : domain.invalid
> >> Description . . . . . . . . . . . : Speedstream Ethernet USB
> >> Adapter
> >> Physical Address. . . . . . . . . : 00-0B-23-D6-EA-2A
> >> DHCP Enabled. . . . . . . . . . . : Yes
> >> Autoconfiguration Enabled . . . . : Yes
> >> IP Address. . . . . . . . . . . . : 192.168.254.1
> >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >> Default Gateway . . . . . . . . . : 192.168.254.254
> >> DHCP Server . . . . . . . . . . . : 192.168.254.254
> >> DNS Servers . . . . . . . . . . . : 192.168.254.254
> >> Lease Obtained. . . . . . . . . . : Monday, August 18, 2008 8:32:29
> >> AM
> >> Lease Expires . . . . . . . . . . : Tuesday, January 19, 2038
> >> 3:14:07 AM
>
> > I suspect that the IP Properties may be wrong. What should this be,
> > keeping in mind that my goal is to eliminate DC1 completely.
> >
> > DC1:Primary DNS = ?Secondary DNS = ?
> > DC2:Primary DNS = ?Secondary DNS = ?
> > I am also suspecting that DC1 should now have a Default Gateway
> > defined now that it is not the gateway to the internet anymore. But,
> > it does not seem like that would cause this issue.
> >
> > http://forums.techarena.in
> >
Similar Threads
Linear Mode
