Migrating Active Directory - new DC can't be joined
I'm migrating an old Windows Server 2003 AD hosted on a VM to a new one based on Windows Server 2016 (also on a VM).
The Server 2003 (let's call it OLD-AD) was the only Domain Controller. Now I'm migrating this server by installing Active Directory on a new server (let's call it NEW-AD) and adding it as a Domain Controller.
So I followed this step-by-step guide : https://blogs.technet.microsoft.com/canitpro/2014/04/01/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012-r2/ Except I didn't dcpromo OLD-AD yet to remove it as a DC.
It seems to work (rough translation of the message, our workstations/servers are not in english) :
$> nltest /dclist:mydomain.local
Get the list of domain controllers of « mydomain.local » from « \\OLD-
AD.mydomain.local ».
OLD-AD.mydomain.local [DS] Site : Default-First-Site
NEW-AD.mydomain.local [PDC] [DS] Site : Default-First-Site
But when I shut down OLD-AD, I'm not able to contact a DC for authentification anymore.
Also, this doesn't work :
$> nltest /dcname:mydomain.local
NetGetDCName failed : Status = 2453 0x995 NERR_DCNotFound
I have no idea where to look to get more informations and diagnose this issue. Any pointers will be appreciated !
I've seen this error before. It has nothing to do with your migration procedure. I've reproduced the error then ran it slightly differently with success. Run command like this instead and it will work:
nltest /dcname:mydomain
See example screenshot below:
- Print Local Group Members in PowerShell 5.0
- Get current computer's distinguished name in powershell without using the ActiveDirectory module
- Best PowerShell method to get the current Active Directory Site name of the local computer
- NetBIOS domain of computer in PowerShell
- How to connect to Active Directory via LDAPS in C#?
- How do I restrict Apache/SVN access to specific users (LDAP/file-based authentication)?
- unresolved external symbol IID_IADs?
- Web API 2 Controller isn't picking up IPrincipal.User.Identity.Name
- How to get all groups that a user is a member of?
- Why am I getting 'System.__ComObject' from my LDAP property?
- PowerShell Find Members of Two Specific AD Groups
- C# Cannot connect to AD using LDAPS
- Get users that are 'memberof' a group
- Login failed for user identified principal
- How to make requests to local-hosted Azure Devops Server pats API?
- Powershell Foreach Get-ADGroupMember on Array of Group Names Not Returning Consistent Results
- Execute a RESTAPI request from Powershell using the credentials of the user logged into the windows machine(AD Credential's)
- How to automatically update data from outlook to sql using c#, When someone rejects my meeting request it should be updated to my database
- Is there a canonical place to store arbitrary key/value pairs in Active Directory
- Change Identity Source for Azure Accounts and Groups
- Is context need to be closed explicity in LDAP connection pooling
- Keycloak adapter not able retrieve current username from windows AD logged-in user
- Reset Active Directory password using Python and ldap3
- Get user's non-truncated Active Directory groups from command line
- Import Data issue from CSV to AD
- Renaming Azure Active Directory
- Enumerate all users including SIDs
- PowerShell Out-GridView result
- How to get list of Active Directory group names beginning with "ABC_" in PowerShell?
- Web-based LDAP Browser