It started out nicely. One of my projects at work is the upgrade of our Active Directory forest. We started the upgrade last week when we did the forestprep and domainprep of the root domain to accomodate the Windows Server 2000 r2 servers we were replacing the w2k servers with. Today we were going to start replacing servers.
First I wanted to put an extra DC in place - just in case. So we added a w2k3 server to the domain and used dcpromo to promote it to a DC. No problems at all. Well none I didn't expect. Time to replace a w2k server.
Logged into one of the root DCs and moved the fsmo roles. Smooth. Too many gui's to use but it went as planned. Logged into the DC I was replacing and demoted it to a simple server, removed it from the domain, and shut it down. We removed it from the rack and slid the replacement machine in. Brought it up and I let the junior admins run on their own. They had done the first server earlier in the day and I expected the same results.
Wrong. Tried promoting the server with the firewall enabled (ntfrs doesn't work well when it can't talk to the other DCs) - bad. Restarted with firewall disabled and the process which had taken ~3 minutes earlier in the day was going on 45 minutes. Started investigating and the network was gone. The datacom guys investigated and the spigot was live. Hmmm. Ended up canceling the process and rebooting the server. Grr Argg!
Turns out the dcpromo process was started with the machine running as a non-domain member. I've never done it that way so it's my first thought as to the problem. I've also got a AD object to delete as canceling the promotion left it behind.
Oh - the network connection was fine after the reboot. Hmmmmmmm
Too long a day to end this way. I need to recharge.
`
Wednesday, August 16, 2006
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment