R
Rob Livermore
I figure it's best if you have the "full-scope" of the
issue than to only give bits and pieces here and there.
With that being said...
I upgraded company xyz over the weekend from NT 4.0 Domain
to W2K Domain.
NT 4.0 Domain structure
Server A - PDC - OS NT 4.0
Server B - member server - OS W2K
Server C - BDC (demoted from PDC prior to upgrade)
W2K Domain structure
Server A - FSMO
Server B - DC (via dcpromo)
When I attempted to dcpromo Server B after Upgrading
Server A ran into errors - would not allow promo. Problem
was caused by the domain name not being changed from xyz
to xyz.com prior to running upgrade. Found MS Kb article
that gave Registry hack to fix issue.
Problem now is - I can not manually synchronize the DC
with Server A (via AD sites and services) - receive
error: "Access is Denied". I can however add a user
account on Server B and it will replicate to Server A.
Also of importance - on a client PC: If I attempt to add
a domain user via Control Panel receive the following
error: Trust relationship between the workstation and the
primary domain failed. The workaround is to add a LMHOST
file on the local PC and point it to ServerA.
On Server B event viewer reports:
Event ID: 16650 - SAM - allocator failed to initialize
properly.
Event ID: 5774 - NETLOGON - Registration of DNS
record '_kerberos_tcp.Default...dc_msdcs.twt.com
ServerB.xyz.com' failed. DNS operation refused.
I ran netdiag /test:dsgetdc and recv'd
sysvol has not completely replicated. Machine not working
as a DC.
ran dcdiag /test:replications and recv'd skipping all
tests because ServerB is not responding to DS requests.
DNS appears to be working fine. Since environment is
legacy - tested and confirmed WINS works.
I have researched/reviewed several articles regarding the
issues we are experiencing but am unable to really nail
down where the problem lies. All of the problems are
pointing to a DNS issue but I'm not able to determine
what/where is causing the issue. Servers and clients are
able to resolve both forward and reverse lookups.
Any insight you might be able to give is appreciated.
issue than to only give bits and pieces here and there.
With that being said...
I upgraded company xyz over the weekend from NT 4.0 Domain
to W2K Domain.
NT 4.0 Domain structure
Server A - PDC - OS NT 4.0
Server B - member server - OS W2K
Server C - BDC (demoted from PDC prior to upgrade)
W2K Domain structure
Server A - FSMO
Server B - DC (via dcpromo)
When I attempted to dcpromo Server B after Upgrading
Server A ran into errors - would not allow promo. Problem
was caused by the domain name not being changed from xyz
to xyz.com prior to running upgrade. Found MS Kb article
that gave Registry hack to fix issue.
Problem now is - I can not manually synchronize the DC
with Server A (via AD sites and services) - receive
error: "Access is Denied". I can however add a user
account on Server B and it will replicate to Server A.
Also of importance - on a client PC: If I attempt to add
a domain user via Control Panel receive the following
error: Trust relationship between the workstation and the
primary domain failed. The workaround is to add a LMHOST
file on the local PC and point it to ServerA.
On Server B event viewer reports:
Event ID: 16650 - SAM - allocator failed to initialize
properly.
Event ID: 5774 - NETLOGON - Registration of DNS
record '_kerberos_tcp.Default...dc_msdcs.twt.com
ServerB.xyz.com' failed. DNS operation refused.
I ran netdiag /test:dsgetdc and recv'd
sysvol has not completely replicated. Machine not working
as a DC.
ran dcdiag /test:replications and recv'd skipping all
tests because ServerB is not responding to DS requests.
DNS appears to be working fine. Since environment is
legacy - tested and confirmed WINS works.
I have researched/reviewed several articles regarding the
issues we are experiencing but am unable to really nail
down where the problem lies. All of the problems are
pointing to a DNS issue but I'm not able to determine
what/where is causing the issue. Servers and clients are
able to resolve both forward and reverse lookups.
Any insight you might be able to give is appreciated.