• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Trying to add a 2nd DC

D

DrSpock

Member
I currently have an old DC running AD and Exchange. We have built a new server and i'm trying to promote the new server to be a 2nd DC in my network. Then i'll slowly switch it to be the primary and demote the old server.

My problelm is that i cannot add the new server as a DC because it can't find the domain. If i run dcpromo, i get this error...

The domain "xyz.net" is not an Active Directory domain, or an Active Directory domain controller for the domain could not be contacted.
Click to expand...

I get this error after i fill in the username, password, and domain. Now, if i type in xyz and click next, it works, but i get an error at the end. So, obviously, i have a dns issue here. I have tried everything, so here is what i already know...

1. I do NOT have a single-label domain error. If i look at the computer name, it says that the domain is xzy.net
2. I do NOT have a disjointed namespace. The full computer name is xxx.xyz.net and the domain is xyz.net
3. The dns of the new server is pointed to the ip address of the old server
4. The new computer is a member of the domain
5. Under my dns in the old computer, i do not have any SRV records, but i do have A, SOA, and NS. *Potential problem?*
6. Under my dns in the old computer, the forward lookup zone is xxx.xyz.net

So i have pretty much tried everything. Please, if you have any solutions that i can try please post. I really need to get the new server promoted to a DC. Thanks for your help.

*EDIT*
And for clairity sakes...

The old computer = Current DC that will be replaced
The new computer = Computer that i'm trying to promote.
 
That didn't work either, but i'm getting a new error.....(maybe from checking the box or something i did while playing with it)

The wizard cannot gain access to the list of domains in the forest. This condition may be caused by a DNS lookup problem. ......
Click to expand...
 
5. Under my dns in the old computer, i do not have any SRV records, but i do have A, SOA, and NS. *Potential problem?*
Click to expand...

Yes.

6. Under my dns in the old computer, the forward lookup zone is xxx.xyz.net
Click to expand...

This is your real problem. Your forward lookup zone needs to be xyz.net, not xxx.xyz.net which is the FQDN of the domain controller. Delete the existing zone and create a new Active Directory integrated zone called xyz.net. Make sure dynamic updates are enabled on the new zone.

Then verify that the old DC is pointing to itself for primary DNS. You should not have an alternate configured. Then run the following commands:

ipconfig /flushdns
ipconfig /registerdns
net stop netlogon & net start netlogon
 
I have tried this and i still get the same error message. I put in the srv records for _tcp and _udp and i stil can't get it to work. Do you guys have anything else i can try?

If i can't get this to work, then i'll have to redo everything. If i got an idenitical server setup and then unplugged the old one and plugged in the new one, would i have a problem with users loggin into the new server? I know there are 5 FSMO roles that would have a new server. Would i have to readd each user to the new server?
 
After playing around with it, my new server is able to see my domain. Thanks a lot for your help on that one. Now i have a new error.
The opertain failed becasue: Failed to modify the necessary properties for the machine account SERVER$ "Access is denied"
Click to expand...
I get this when it tries to install the AD settings on my new server. Any Ideas?

*EDIT* SERVER$ = the new server
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top