Problems with a new domain tree
Dracula28
Senior MemberMember Posts: 232
I have installed four servers.
1 I installed server01 as the dc of the forest root domain (contoso.com)
2 I installed server02 as the dc of a child domain of the forest root domain (west.contoso.com)
Everything works fine so far.
3 I installed server 03 as the dc of a new domain tree in the forest (northwindtraders.com)
Before installing it I made a manual zone delegation in DNS, as explained by the training kit (lessson 9, by the Ruests, don't like their writing style at all). I first created a new zone for northwindtraders.com, and then created a delegation for server03 in that zone. Then I ran dcpromo on server03, and installed the new domain tree. It installed just fine.
4 On server04, I tried to install a child domain in the new domain tree (east.northwindtraders.com), used enterprise admins credentials to do so
But received an error while running dcpromo (AD DS could not create the object cn=east,cn=partitions,cn=configuration,dc=Contoso,dc=com)
I think its due to server03 not replicating the configuration NC with Server 01. The problem is that if I go into AD Domains and Trusts on Server01 or Server 02, I am not able to check properties of northwindtraders.com domain, or work with in any other way. If I also go into AD sites and services, I am not able to pull anything from Server03.
But on Server03, I am able to pull replication data from Server 01 and Server 02, I am also able to check properties of both contoso.com and east.contoso.com in AD domains and trusts.
What have I done wrong?
1 I installed server01 as the dc of the forest root domain (contoso.com)
2 I installed server02 as the dc of a child domain of the forest root domain (west.contoso.com)
Everything works fine so far.
3 I installed server 03 as the dc of a new domain tree in the forest (northwindtraders.com)
Before installing it I made a manual zone delegation in DNS, as explained by the training kit (lessson 9, by the Ruests, don't like their writing style at all). I first created a new zone for northwindtraders.com, and then created a delegation for server03 in that zone. Then I ran dcpromo on server03, and installed the new domain tree. It installed just fine.
4 On server04, I tried to install a child domain in the new domain tree (east.northwindtraders.com), used enterprise admins credentials to do so
But received an error while running dcpromo (AD DS could not create the object cn=east,cn=partitions,cn=configuration,dc=Contoso,dc=com)
I think its due to server03 not replicating the configuration NC with Server 01. The problem is that if I go into AD Domains and Trusts on Server01 or Server 02, I am not able to check properties of northwindtraders.com domain, or work with in any other way. If I also go into AD sites and services, I am not able to pull anything from Server03.
But on Server03, I am able to pull replication data from Server 01 and Server 02, I am also able to check properties of both contoso.com and east.contoso.com in AD domains and trusts.
What have I done wrong?
Current certs: MCP (210) MCSA (270, 290, 291 and 680) MCTS (680, 640)
Comments
Contoso.com (forest root domian)
west.contoso.com (child domain of forest root domain)
northwindtraders.com (new tree in the contoso.com forest)
east.northwindtraders.com (child domain of northwindtraders.com)
Well, according to the TK the delegation dummy should only replicate domain wide (to all DCS on the forest root domain). But I tried as you suggested as well, without it working. There are several replication errors in dcdiag.
That way Server01 can recognize and validate it.