promote additional DC on Windows R2

Discussion in 'Active Directory' started by kwyap, Feb 22, 2007.

  1. kwyap

    kwyap Guest

    Hi,

    I have a fresh installted Windows 2003 Server Standard R2, after promote it
    as a additional DC, the SYSVOL and NETLOGON are not shared. Is this a known
    issue for Windows R2?
    Thank you for viewing... much appreciate for any idea.


    Regards
     
    kwyap, Feb 22, 2007
    #1
    1. Advertisements

  2. kwyap

    Jorge Silva Guest

    Hi
    Make sure that DNS is properly configured, I can give you 1 sample
    suggestion, but it's up you to define what best suits in your scenario:

    Assuming that you have DNS AI. (Active directory integrated)
    *On the Additional DC
    - Install DNS service
    - Make sure that the DC points to an existing updated DNS on Preferred DNS
    NIC properties. Also make sure that the existing DNS server allows dynamic
    updates.
    - Type ipconfig /registerdns from cmd.
    - Restart netlogon service.
    - Force replication in ADSS.
    - Check if the DNS zone is already transferred to the Additional DC.
    - If yes, point the server to itself under NIC DNS Preferred, and use the
    secondary DNS to point to other existing DNS in your network.
    - Rn dcdiag and netdiag from cmd, and make sure that evrything is ok.
    DONE.


    --

    I hope that the information above helps you.
    Have a Nice day.
    Jorge Silva
    MCSE
     
    Jorge Silva, Feb 22, 2007
    #2
    1. Advertisements

  3. kwyap

    kwyap Guest

    I've found this error message (ERR1) in FRS event log. DNS manage to
    resolve the UPN of both DC. Currently the second DC's DNS is pointing to the
    first created DC. On the other DC, i've found another message (ERR2)

    ERR1
    Event Type: Warning
    Event Source: NtFrs
    Event Category: None
    Event ID: 13508
    Date: 2/22/2007
    Time: 1:01:31 PM
    User: N/A
    Computer: D0248
    Description:
    The File Replication Service is having trouble enabling replication from
    \\d0309.sssb.com to D0248 for c:\windows\sysvol\domain using the DNS name
    \\d0309.sssb.com. FRS will keep retrying.
    Following are some of the reasons you would see this warning.

    [1] FRS can not correctly resolve the DNS name \\d0309.sssb.com from this
    computer.
    [2] FRS is not running on \\d0309.sssb.com.
    [3] The topology information in the Active Directory for this replica has
    not yet replicated to all the Domain Controllers.

    This event log message will appear once per connection, After the problem
    is fixed you will see another event log message indicating that the
    connection has been established.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: d5 04 00 00

    (ERR2)
    Event Type: Error
    Event Source: NtFrs
    Event Category: None
    Event ID: 13568
    Date: 2/22/2007
    Time: 12:10:26 PM
    User: N/A
    Computer: D0309
    Description:
    The File Replication Service has detected that the replica set "DOMAIN
    SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.

    Replica set name is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
    Replica root path is : "c:\windows\sysvol\domain"
    Replica root volume is : "\\.\C:"
    A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to
    read from the NTFS USN journal is not found. This can occur because of one
    of the following reasons.

    [1] Volume "\\.\C:" has been formatted.
    [2] The NTFS USN journal on volume "\\.\C:" has been deleted.
    [3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can
    truncate the journal if it finds corrupt entries at the end of the journal.
    [4] File Replication Service was not running on this computer for a long
    time.
    [5] File Replication Service could not keep up with the rate of Disk IO
    activity on "\\.\C:".
    Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1
    will cause the following recovery steps to be taken to automatically recover
    from this error state.
    [1] At the first poll, which will occur in 5 minutes, this computer will be
    deleted from the replica set. If you do not want to wait 5 minutes, then run
    "net stop ntfrs" followed by "net start ntfrs" to restart the File
    Replication Service.
    [2] At the poll following the deletion this computer will be re-added to
    the replica set. The re-addition will trigger a full tree sync for the
    replica set.

    WARNING: During the recovery process data in the replica tree may be
    unavailable. You should reset the registry parameter described above to 0 to
    prevent automatic recovery from making the data unexpectedly unavailable if
    this error condition occurs again.

    To change this registry parameter, run regedit.

    Click on Start, Run and type regedit.

    Expand HKEY_LOCAL_MACHINE.
    Click down the key path:
    "System\CurrentControlSet\Services\NtFrs\Parameters"
    Double click on the value name
    "Enable Journal Wrap Automatic Restore"
    and update the value.

    If the value name is not present you may add it with the New->DWORD Value
    function under the Edit Menu item. Type the value name exactly as shown
    above.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
     
    kwyap, Feb 23, 2007
    #3
  4. kwyap

    Jorge Silva Guest

    Is the d0309 online?
    or it was the old DC name and you add it again with the same name?
    How did you remove that server last time?
    also check these 2:
    http://support.microsoft.com/kb/315457/en-us
    http://support.microsoft.com/kb/316790/en-us

    --

    I hope that the information above helps you.
    Have a Nice day.
    Jorge Silva
    MCSE

     
    Jorge Silva, Feb 23, 2007
    #4
  5. kwyap

    kwyap Guest

    Jorge Silva
    The server was promoted with another hostname. It was Windows 2K Server. The
    DC was demoted by normal procedure (dcpromo) without any errors.

    Regards

     
    kwyap, Feb 23, 2007
    #5
  6. kwyap

    Jorge Silva Guest

    Is the d0309 online? Does the d0309 exists?
    If not remove any reference in DNS to that server and also perform metadata
    cleanup for that server.
    Also make sure that doesn't exist un ADSS.
    --

    I hope that the information above helps you.
    Have a Nice day.
    Jorge Silva
    MCSE

     
    Jorge Silva, Feb 23, 2007
    #6
  7. kwyap

    kwyap Guest

    Jorge,
    Thanks for your replying.
    The D0309 is on line. I had tried metadata cleanup, but no rubbish record
    being found.
    What is the reason could cause the SYSVOL and NETLOGON not shared after
    pomoted as DC?


     
    kwyap, Feb 23, 2007
    #7
  8. kwyap

    Jorge Silva Guest

    Could have many different reasons check:
    http://support.microsoft.com/kb/257338/en-us

    --

    I hope that the information above helps you.
    Have a Nice day.
    Jorge Silva
    MCSE

     
    Jorge Silva, Feb 23, 2007
    #8
  9. kwyap

    kwyap Guest

    Jorge,

    Thanks for the link given. It's useful for me to know more in depth.
    For your opinion, could the problem caused by the existing DC? From the log
    ERR2, JRNL_WRAP_ERROR occurs on the old DC. Please check here for the FRS
    event

    http://www.microsoft.com/technet/pr...irectory/maintain/opsguide/part1/adogd11.mspx

    The DC was scheduled to run "Chkdsk /f" once a week, this could cause the
    JRNL_WRAP ERROR.

    Regards,
    kwyap

     
    kwyap, Feb 26, 2007
    #9
  10. kwyap

    kwyap Guest

    Jorge,

    The error has been resolved, these are my steps

    1. Stop the ntfrs service on both DC, Resize the journal size on first DC
    HKLM\System\CSS\Services\NTFRS\Parameters\
    add a DWORD, name it "Ntfrs Journal size in MB", set the value "512" as
    decimal
    more info, check http://support.microsoft.com/kb/292438/ and
    http://support.microsoft.com/kb/221111/

    2. Perform authoritative restore on first DC, non authoritative restore on
    newly promted DC
    after performing authoritative restore on my first DC, and non
    authoritative restore on newly promoted DC.
    more info, check http://support.microsoft.com/kb/290762

    3. Start ntfrs service on first DC, secondly start the ntfrs service on
    newly promoted DC


    Regards,
    kwyap

     
    kwyap, Feb 28, 2007
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.