DNS misconfiguration? That's easy if not familiar with AD/DNS and have not
looked into the documentation or taken any courses on it, which with all due
respect, I highly recommend to everyone if this is the case.
DCPROMO is not working probably for a number of reasons:
**************************************
1. SRV records have not been registered under the zone. This is what dcpromo
is "looking" for when you select a demotion.
2. Possible single label DNS domain name (such as "domain" instead of the
required format of "domain.com"). This will thwart DNS registration with the
latest service pack. Besides, it's not RFC compliant for a domain name since
it doesn't follow the hierachal DNS tree.
3. Registration problems can also occur if you have an incorrect or missing
Primary DNS Suffix on the DC. Netlogon uses that to "find" that zone name in
DNS to register it;s info into. If it is not the same name as the AD DNS
Domain name, then that will cause it too.
4. You are referencing your ISP's DNS servers in your IP properties on the
DC and your clients. This is a no-no in AD. You need to ONLY point to your
own DNS server and it's recommended to use a forwarder for efficient
Internet resolution.
**************************************
Depending on your scenario, you may be able to fix this. There is also a
new update for DCPROMO to allow a switch called "/forceremoval" to be used:
332199 - Using the DCPROMO -FORCEREMOVAL Command to Force the Demotion of
Active Directory Domain Controllers:
http://support.microsoft.com/?id=332199,
But this does NOT fix your original problem. The problem MUST be fixed or
this does not mean anything.
Here's a repost of something I posted the other day for someone else that I
was trying to help with which may/will apply to your scenario. It also
provides some links you can read up on AD's requirements and such:
==================================
First thing I would check and make absolutely sure that you do NOT have any
external DNS servers in all of your machines' IP properties. This is
problematic with AD.
During many domain
communication and functions, the clients and DCs query the DNS server for
the location of domain services and resources, which is what the SRV records
store. If using an ISP's DNS in your IP properties, then numerous numerous
errors will abound, one of which long logon times or cannot logon, will
occur. So what's happening probably is that they maybe trying to query the
external DNS for that domain name's LDAP services, which it does not have an
answer for, so the need to point to your own DNS that's hosting the AD zone
is essential in an AD infrastructure, no matter how small.
So, if using an external DNS or the Netware DNS, they need to be removed and
only use your own internal DNS. To achieve efficient Internet resolution (if
required if not using Proxy), then suggested to configure a forwarder
Here's how to configure a forwarder. If the option is grayed out, delete the
root zone. This will show how:
http://support.microsoft.com/?id=300202
Here's more info on DNS and AD's requirements:
http://support.microsoft.com/?id=291382
Here's an AD and DNS troubleshooting guide:
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp
How to configure a DC with a single label DNS domain name"
http://support.microsoft.com/?id=300684
(notice this is just a bandaid because XP pro clients will not be able to
use a single label name in a domain and will have numerous problems
accessing domain resources due to this).
======================================
If you like, you can go ahead and get the update for DCPROMO. If you would
like us to help out to fix the current issue, we would first need to see:
1. An unedited ipconfig /all
2. The actual AD DNS domain name (as it shows up in ADUC).
3. The name of the zone in DNS
4. Have you enabled dynamic updates on the zone?
Thanks
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
)