Problems with AD System on Primary Domain Server 2003 R2
I have 1 primary catalog AD server, running windows 2003 r2, and multiple member domain servers. I have tried using a few DR imaging tools such as Ghost, ShadowProtect, Livestate to move a primary AD server in my organization for testing. The member servers work fine, once moved onto different hardware ( after network card tweaking and all that) but the main AD server can not start up any AD systems such as DNS and AD services if it starts on its own... If i start this main server up whilst it has access to another member domain server, it starts no problems, however if its alone on the network the AD systems fail! The server starts and i am able to log in with AD credentials however. The issue may have somethign to do with the imaging, but i have spent weeks troubleshooting this with the software vendor and we seem to agree its something to do with this server specificaly. Has anyone ever ran into this kind of thing??
January 10th, 2011 8:42pm

do you want move your domain controller on different hardware ? why ?Edoardo Benussi - Microsoft MVP Management Infrastructure - Systems Administration https://mvp.support.microsoft.com/Profile/Benussi Windows Server Italian Forum Moderator edo[at]mvps[dot]org
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2011 3:11am

I have 1 primary catalog AD server, running windows 2003 r2, and multiple member domain servers. Do you mean you have multiple additional domain controllers ?? The server which is started alone where the Ad is failing becasue it cannot find dns and the fsmo roles holder server. Instead imaging you can do one more thing you may create one more additional domain controller and remove it from the live env and seize the roles after doing this you should never attach you lab server to live network. http://www.virmansec.com/blogs/skhairuddin
January 11th, 2011 4:02am

I have 1 primary catalog AD server, running windows 2003 r2, and multiple member domain servers. Do you mean you have multiple additional domain controllers ?? The server which is started alone where the Ad is failing becasue it cannot find dns and the fsmo roles holder server. "member servers" are not "additional domain controllers"Edoardo Benussi - Microsoft MVP Management Infrastructure - Systems Administration https://mvp.support.microsoft.com/Profile/Benussi Windows Server Italian Forum Moderator edo[at]mvps[dot]org
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2011 4:14am

Hello, using images/snapshots for backup purpose it not supported. To create a lab system see the following articles: http://www.pbbergs.com/windows/articles/TestDomain.html http://blogs.dirteam.com/blogs/jorge/archive/2005/11/19/105.aspx http://blogs.dirteam.com/blogs/jorge/archive/2005/11/19/107.aspx http://technet.microsoft.com/en-us/library/dd981009.aspxBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
January 11th, 2011 4:15am

Thanks for everyones replies: a few notes: There is 1 Primary Domain controller and several other domain controllers that are not the primary ones. This whole exercise is purely for Disaster Recovery Testing. I understand Imaging is not Officially supported, however i use Storage Crafts Shadowprotect which does this brilliantly. The clones server is never connected back to the real network, the whole exercise is done in a virtual environment. The other domain controllers come up using this method of imageing on their own with no problems, however this primary controller fails because it can not find itself in the dns records because no other dns server but itself is up. That is what i think. Im worried that if i power on this server without it connected to the rest of the network it will fail! This issue has only been reveled to me as a sign of the DR testing i have been doing with the cloning
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2011 9:09pm

The other domain controllers come up using this method of imageing on their own with no problems, however this primary controller fails because it can not find itself in the dns records because no other dns server but itself is up. That is what i think. can you post here an ipconfig /all result of this primary domain controller ?Edoardo Benussi - Microsoft MVP Management Infrastructure - Systems Administration https://mvp.support.microsoft.com/Profile/Benussi Windows Server Italian Forum Moderator edo[at]mvps[dot]org
January 12th, 2011 2:33am

Hello, if the imaged DC is also DNS server and the only DNS in the lab it requires more time until it is complete started as AD relies on DNS and as DNS is AD integrated you are in a kind of loop. After a while it should run and all errors in the event viewer should be solved. So please post the complete errors from the event viewer or describe more details about the problem including the ipconfig /all from it. Keep in mind that on the test DC you have to run metadata cleanup according to: http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx Forget the term PDC/BDC as this is not longer existing with the start of DA 10 years ago.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
January 12th, 2011 10:29am

As far as I understand this problem I think I am having the exact same issue. I am also imaging domain controllers (2003 and 2008) and then bringing them up in a virtual enviroment. If I restore the 2003 domain controller and bring it up on its own in the Virtual enviroment it works fine once the IP settings have been set i.e. can access dns, ad etc. If I bring up the 2008 server in the Virtual enviroment on its own I can log on but DNS and AD will not function. The errors in the event log seem to suggest that DNS is waiting for the Active Directory Directory Service to complete so perhaps as Meinolf suggests I just need to leave it.
January 12th, 2011 11:50am

Hello, if the imaged DC is also DNS server and the only DNS in the lab it requires more time until it is complete started as AD relies on DNS and as DNS is AD integrated you are in a kind of loop. After a while it should run and all errors in the event viewer should be solved. So please post the complete errors from the event viewer or describe more details about the problem including the ipconfig /all from it. Keep in mind that on the test DC you have to run metadata cleanup according to: http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx Forget the term PDC/BDC as this is not longer existing with the start of DA 10 years ago. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Hi Thanks, i will try this and wait an hour after it boots before i log in...I odubt this will resolve the issue however..ISSproking is also havign the same issue by the sounds of it. Its this DNS loop
Free Windows Admin Tool Kit Click here and download it now
January 12th, 2011 4:53pm

I can confirm after leaving the system for around 20-25 minutes, DNS and therefore AD started to function properly, thanks Meinolf. For me it seems that this is a Server 2008 thing as if I bring the 2003 domain controller up on its own I do not get the problem. Is there any Microsoft documentation that explains this and why it happens and is there anything that can be done to get around it, not that it is a huge issue.
January 13th, 2011 4:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics