removing global catalog causes problems

[Parker Race]

I am planning on removing our first domain controller from
our domain. There are two other DCs in the domain and no
other domains exist. I have moved all the FSMO roles off
the server I am retiring and have replicated the global
catalog to another DC.

However it seems that member servers and workstations
have problems finding user objects when the catalog is
removed from the origianls server. Services that use
domain accounts for logon won't start. This only occurs if
the account is in the service dialog using a FQDN such as
(e-mail address removed). If you change it to use the Pre-
windows 2000 compatible format the account is found and
the service starts.

Any ideas?

 

[Herb Martin]

Such is usually a DNS problem -- unless you failed to
let the GC replicate properly first.

You might have hanging DNS records from the old GC/DC
or missing DNS records from the new one.

First step for me would be DCDiag on all of the current
DCs.

And double checking my DNS:

DNS
1) Dynamic for the zone supporting AD
2) All internal DNS client NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC.