We are experiencing a problem with converting our Server 2008 r2 to an AD domain controller.
Previously:
1 Windows Server 2003, running Active Directory, DNS, DHCP for the LAN.
1 Server 2008 r2 running Voicemail, Print, E-mail servers only.
This setup worked fine.
Now:
We installed active directory on the new server, updated the 2003 server to be compatible, and thus have 2 Domain Controllers for the domain.
New server experiences a problem where it randomly begins having DNS issue which prevent it from resolving our Local Network name, or being able to be browse any web pages. This disables all of our voicemail, printing, and emailing for the whole office until we get it connected to our network name again. However, internet access and local network access for all office users is uninterrupted.
Problem is temporarily remedied by restarting the computer, changing LAC settings to obtain ip/dns automatically and then changing back to static ip settings, or just disabling the adapter and re-enabling it. Sometimes a combination of all these is needed to get the server to communicate with our network properly again and restore services.
The DNS Server Role WAS installed on the new server but in attempts to isolate the problem we uninstalled it, and the problem still occurs. DHCP is not installed on the new server either, only AD, voicemail, print, email.
The Internet configurations:
old server: Primary DNS server is itself, with the DNS server service configured to forward DNS requests to external openDNS servers.
new server: Primary DNS server IP is the OLD server, the same configuration used on all computers in our office which works fine for all except this server.
Again, the connection could work for hours or sometimes days before randomly breaking and then having to go through these steps to fix it. Any help would be GREATLY appreciated, as we simply don’t know what is wrong with the configuration.
How to Upgrade Domain Controllers to Windows Server 2008 or Windows Server 2008 R2
http://technet.microsoft.com/en-us/library/ee522994(WS.10).aspx
For your convenience, I have list some general steps for your reference.
Since the following operation have potential damage to Active Directory database, it is highly suggested that you’d better perform a full backup of Active Directory (System State) firstly. Also it is better to test the following procedure in a similar lab environment first.
General Steps:
=============
1. Verify the new server’s TCP/IP configuration has been pointed to the current DNS server.
2. Make the new server become a member server of the current Windows Server 2003 domain first.
3. Upgrade the Windows Server 2003 forest schema to Windows Server 2008 schema with the “adprep /forestprep” command on old server.
Please run the “adprep.exe /forestprep” command from the Windows Server 2008 installation disk on the schema master. To do this, insert the Windows Server 2008 installation disk, and then type the following command:
Drive:\sources\ADPREP\adprep.exe /forestprep
4. Upgrade the Windows 2003 domain schema with the “adprep /domainprep” command on old server.
Please run the “adprep.exe /domainprep” command from the Windows Server 2008 installation disk on the infrastructure master. To do this, insert the Windows Server 2008 installation disk, and then type the following command:
Drive:\sources\ADPREP \adprep.exe /domainprep
5. Insert Windows Server 2008 Installation Disc in the new server.
6. Run “dcpromo” on new server to promote it as an additional domain controller in existing Windows 2003 domain, afterwards you may verify the installation of Active Directory.
Please refer to:
How to Verify an Active Directory Installation in Windows Server 2003
http://support.microsoft.com/kb/816106
7. Verify the new server’s TCP/IP configuration has been pointed to current DNS server.
8. Enable Global Catalog on new server and manually Check Replication Topology and afterwards manually trigger replication (Replicate Now) to synchronize Active Directory database between 2 replicas.
Please note: It will some time to replicate GC between DC, please wait some time with patience.
9. Disable Global Catalog on the old DC.
10. Transfer all the FSMO roles from the old DC to the new DC.
Please refer to:
How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/kb/324801
11. Verify that the old DNS Server Zone type is Active Directory-Integrated. If not, please refer to:
How To: Convert DNS Primary Server to Active Directory Integrated
http://support.microsoft.com/kb/816101
Note: Active Directory Integrated-Zone is available only if DNS server is a domain controller.
12. Install DNS component on new server and configure it as a new DNS Server (Active Directory Integrated-Zone is preferred). All the DNS configuration should be replicated to the new DNS server with Active Directory Replication.
13. Make all the clients change TCP/IP configuration to point to new server as DNS.
14. You may configure TCP/IP on all the clients, or adjust DHCP scope settings to make them use the new DNS server.
Please note: It is a good practice to make the old DC offline for several days and check whether everything works normally with the new server online. If so, you may let the old DC online and run DCPROMO to demote it.
Hope it helps.
Are there any event id’s in the Event Log? Have you noticed any patterns as to when it happens? Is the DNS service running when this occurs? If not it may be crashing for some reason.
Tony