Jorge --- Re: root forest AD DC crashed

  • Thread starter Thread starter Krishna
  • Start date Start date
K

Krishna

Jorge,
Trying to promote DC2 to DC under exisiting domain and get below error:
"The domain DC1 is not an active directory domain, or an active directory
controller for the domain could not be contacted.". This error results when
username, password and domainname is inputed at Network credentials under
"additional domain controller for an existing domain".
 
I guess you meant when promoting DC2 stand-alone to DC and making it part of
exisiting domain then I need to provide username, password and domain name
of DC1 correct? if yes, then that is what I have done and I get that error.
 
I followed the setup process you have previously mentioned here.
I have a root forest dc1.
Now trying to setup dc2 as part of exisiting domain or exisiting forest. Per
your recommendation I adding it as part of exisiting domain.
 
To make things more clear let's invent some names....
Location A -> physical location A
Location B -> physical location B
Site A -> AD site for location A
Site B -> AD site for location B
DC1 -> domain controller 1 (with DNS, WINS, DHCP)
DC2 -> domain controller 2 (with DNS, WINS, DHCP)

REMARK: these names and others are just for this message so that things are
more clear. (use you own names as you like)

For location A install a fresh W2K3 server with SP1. In this case its name
will be DC1
Also install DNS, WINS and DHCP
Give DC1 it own IP address
As preferred DNS for DC1 enter the IP of DC1
As alternate DNS for DC1 enter the IP of DC2
As WINS server enter the IP of DC1

For location B install a fresh W2K3 server with SP1. In this case its name
will be DC2
Also install DNS, WINS and DHCP
Give DC2 it own IP address
As preferred DNS for DC2 enter the IP of DC2
As alternate DNS for DC2 enter the IP of DC1
As WINS server enter the IP of DC2

Promote DC1 from a stand-alone server to a DC and have it configure DNS for
you during DCPROMO.
Create a new AD forest and a new AD domain
For the DNS name of the AD domain you could choose something like
COMPANY.LOCAL (or something similar)
For the NetBIOS name of the AD domain you could choose something like
COMPANY (it is best this is the same as the most left part of the DNS name
of the AD domain)
Make the DC also a GC (afterwards)
For AD configure the following stuff:
Create a site for location A --> e.g. Site A (or rename the default one)
Create a site for location B --> e.g. Site B
Site A and Site B should be linked by the Default IP Site link (you can
rename as you wish or you can leave it as is)
Create AD subnet definitions for subnets within location A and assign those
to Site A
Create AD subnet definitions for subnets within location B and assign those
to Site B
DC1 should be in Site A

Promote DC2 from a stand-alone server to a DC and have it configure DNS for
you during DCPROMO.
Use an EXISTING forest and an EXISTING domain!!!
Make the DC also a GC (afterwards)
DC2 should be in Site B

For DNS yo are ready to go

For WINS:
* On DC1 configure DC2 as a push/pull replication partner
* On DC2 configure DC1 as a push/pull replication partner

For DHCP:
* On DC1 configure the necessary DHCP scopes for location A to distribute
IPs and DHCP options like DNS Name (e.g. COMPANY.LOCAL), like Default
Gateway, like DNS servers (1st= IP DC1 and 2nd = IP DC2), like WINS servers
(1st= IP DC1 and 2nd = IP DC2)
* On DC2 configure the necessary DHCP scopes for location B to distribute
IPs and DHCP options like DNS Name (e.g. COMPANY.LOCAL), like Default
Gateway, like DNS servers (1st= IP DC2 and 2nd = IP DC1), like WINS servers
(1st= IP DC2 and 2nd = IP DC1)
* Create a user account in AD for DHCP, just a simple user account, nothing
special. Configure DHCP to use that account for the registrations in DNS
when using DDNS

Perform additional configuration as necessary!

To prevent rebuilding this again in the future. Fully backup both servers
using a supported backup mechanism and tool! (No images!!!) If a third party
backup and restore tool is expensive just use NTBACKUP to backup to tape or
to file. If you backup to file make sure the backup are also stored on
ANOTHER server!

From the orphaned domain, migrate everything needed (users, groups,
computers, etc.) to the new domain

This should help you on your way. Good luck!


--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
 
Promote DC2 from a stand-alone server to a DC and have it configure DNS
for
you during DCPROMO.
Use an EXISTING forest and an EXISTING domain!!!
Click to expand...

This is where I get that error
 
Hi,



I'd suggest checking carefully the DNS configuration on the stand-alone
server, which is about to become DC. Than check, which DNS servers points
the stand-alone server to. Than check whether the DNS servers "know" about
the domain the "stand-alone" is going to join by checking whether DNS
servers have all required SRV records ( _tcp ) for the mentioned domain. In
addition check the DNS communication ( port 53 Tcp/Udp ) from your
stand-alone server to the DNS servers.



And one additional thing. If your ActiveDirectory namespace doesn't
corespond to the DNS namespace, you have to enter the AD domain name (not
DNS domian name) in the domian field during DCpromo.



Regards

Dominik
 
rebuilt the m/c again ... working.... in terms of DC1, DC2
yet to work towards other configs
 
Back
Top