Home > Ask the Windows Experts > From the Archives: Active Directory Questions & Answers > Our DC is not allowing us to add an ADC to our domain
Ask The Win IT Expert: Questions & Answers
EMAIL THIS

Our DC is not allowing us to add an ADC to our domain

Paul Hinsberg EXPERT RESPONSE FROM: Paul Hinsberg

Pose a Question
Other Win IT Categories
Meet all Win IT Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 10 June 2005
Our Windows 2000 server is configured as a DC with DNS and DHCPserver. I tried to add an ADC to our domain but DC is not allowing me to do this. An "Access Denied" error always shows up. I tried all the articles on the knowledge base but am still having the problem. I didn't have the system state data backup. Now I am planning to implement a new Windows 2000 server with the same domain name and server name with DNS and DHCP. I want to migrate all the users, groups, ou and ACl, SID to the new server. I tried using the ADMT tool but it is not allowing me to copy this information to the same domain name. Please help me out.

>
You will not be able to copy the user from the old to the new domain since the domain names are the same. However, you are likely to still be able to repair the problem with the existing domain. It is highly likely that the problem with the existing domain is one of the following:

  1. The fully qualified domain name of the machine does not match the domain name. That is, if you run IPCONFIG /ALL on the DC you will see a FQDN of server.company.com, and if you look at the domain name in Active Directory User and Computers you will see MYcompany.com. Thus, the machine is unable to find itself. Since this is a Windows 2000 domain (likely upgraded from a Windows NT 4.0 domain) you are in pretty bad shape. You might consider upgrading to Windows 2003 and then using the domain rename tool to rename the server's FQDN. Alternatively, if you have a backup of the NT 4.0 domain (if that is where this all originated) you can restore that, fix the FQDN and then upgrade to Windows 2000 again.

  2. You have a DNS issue. That's right, if the DNS is unable to locate all of the SRV (server records) you can get odd results. Run the DCDIAG.exe on the server and see what the results are.

  3. Someone has put a second domain with the same name on the same network. This will lead to all sorts of confusion for the client systems, and any system that is attempting to locate the server. DCDIAG.exe should offer a clue as to whether this is the case.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Windows IT White Papers including Change Management, Cost Management and Problem Management
HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT Downloads
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 1999 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts