Strange Active Directory issue on 2012 R2 2ND-DC with 2003 R2 PRI-DC

-

i ran issue earlier today haven't seen before. 

current setup 1 forest & 1 domain single domain controller (w2003 r2) has fsmo roles since it's dc in domain ever installed. we're ready decommission old w2003r2 server prepped new machine , installed windows server 2012 r2 on it, patched up. 

done followings:

1. joined new server domain (successful)

2. promoted new server domain controller (successful without errors or warnings)

3. verified dns records have replicated primary dc 2nd dc (successful)

4. verified able access ad services on new domain controller, users, ou's, sites etc. (successful)

5. verified replication of ad objects adding users/ou's/distribution groups on primary dc , see them replicate on , vice-versa (successful)

i waited hour make sure has replicated on , in sync , decided shutdown primary server (domain controller) make sure things functional on new 1 , old dc shutdown wasn't able open of ad services ad domain , trusts, ad users , computers or ad sites , services. window opened domain wasn't listed , neither of related objects. issue here? shouldn't secondary domain controller replica of primary can see objects , make changes sync once primary comes again. i've worked in setups had 2 dc's in 1 domain , able view ad objects , services regardless if 1 of dc not available, same thing in setup 3 dc's. 

if can chime in on great, i'm not sure if i'm missing it's weird.

regards


have made new dc global catalog? see that: https://support.microsoft.com/kb/296882?wa=wsignin1.0

you can check dcs in healthy state , ad replication okay using dcdiag and repadmin commands.

this posting provided no warranties or guarantees , , confers no rights.

ahmed malek

my website link

my linkedin profile

my mvp profile



Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

Motherboard replacement

-
running windows 10 technical preview, need replace motherboard can run the  sysprep  command restoring pc ? or there easier  or more preferred way ? thanks if replace motherboard within same family of chipsets (i.e. intel > intel or amd > amd), should okay restarting pc twice. carey frisch Windows 10 Insider Preview  >  Windows 10 Insider Preview General
Read more

Cannot create Full Text Search catalog after upgrading to V12 - Database is not fully started up or it is not in an ONLINE state

-
in order access new full text search capiblities of sql azure, upgraded our azure sql v12. (a day later), when try create new catalog: create fulltext catalog mycatalog default i following message: msg 9972, level 16, state 100, line 1 database not started or not in online state. try full-text ddl command again after database started , becomes online. hi scott, apologies inconvenience caused you. known issue on service side , fix going included in next update. specific case mitigated, should able use full-text search syntax now. thanks, mihaela Microsoft Azure  >  Azure SQL Database
Read more

Remote Desktop App - Error 0x207 or 0x607

-
hi all, i manage windows 2012 r2 network, including connection broker, session hosts , remote apps virtual servers.  i've used remote desktop app on own android phone, no issues @ - connects published gateway url , can login , access network. we looking move business onto nokia handsets ms operating system (currently on blackberry), not able connect via remote desktop app on nokia lumia handset. setup, per android config , brings remote apps , remote desktop screen, know can connect.  when select remote desktop, shows following process: initiating remote connection securing remote connection certificate can't verified - choose connect it digitally signed cert (digicert sha2), pc name different physical connection broker name (inherited domain name old gov project - can't publish publicly) initiating establishing securing connection error have been 0x207 getting 0x607 a bit baffled, work on android (and ipad @ home using app). assume ms use d...
Read more