Archive for April, 2013

Previous articles in this series contained an introduction to the SYSVOL migration procedure and explained how the Dfsrmig.exe tool can be used for SYSVOL migration. Keeping this background information in mind, we’re now ready to start the actual SYSVOL migration process. This article explains how to migrate replication of the SYSVOL share to the ‘PREPARED’ state. If the term ‘PREPARED state’ draws a blank, head on over to this post for a quick review of the SYSVOL migration process.

Before we begin …

The domain functional level needs to be raised to ‘Windows Server 2008’ domain functional level before SYSVOL migration can commence. Therefore, the first step in the SYSVOL migration process is to upgrade all domain controllers to Windows Server 2008. This can be done in a phased manner. Once all domain controllers have been migrated to Windows Server 2008, the domain administrator is ready to raise the domain functional level to ‘Windows Server 2008’ domain functional level.

In order to raise the domain functional level to ‘Windows Server 2008’:

a)       Open the ‘Microsoft Management Console‘ (MMC).

b)       Navigate to the ‘File‘ menu and select ‘Add/Remove Snap-in…’.

c)       Add the ‘Active Directory Domains and Trusts‘ snap-in.

d)       Select the domain whose functional level is to be raised from the left hand side pane and select ‘Raise domain functional level‘ from the right click menu.

e)       Select ‘Windows Server 2008‘ from the drop down list and click the ‘Raise‘ button to raise your domain functional level to Windows Server 2008.

Figure 1: Raise the domain functional level to ‘Windows Server 2008’. (more…)


Read Full Post »

he File Replication Service (FRS) is used for replicating the contents of the SYSVOL share between Windows domain controllers. However, Windows Server 2008 domain controllers, which are operating in the Windows Server 2008 domain functional level, can use the DFS Replication service for replicating the contents of the SYSVOL share. A new Windows Server 2008 feature makes it possible for administrators to migrate replication of the SYSVOL share from FRS to the more reliable and efficient DFS Replication service.

This series of blog posts describe the procedure for migrating the replication of the SYSVOL share on Windows Server 2008 domain controllers from FRS replication to the DFS Replication service.

NOTE:  The Windows Server 2008 SP2 release includes a couple of important bug-fixes in DFS Replication that address a few customer reported issues in SYSVOL migration. If you plan to migrate replication of the SYSVOL share to DFS Replication, it is highly recommended that you upgrade to Windows Server 2008 SP2 first.
The RTM release of Windows Server 2008 R2 includes these bug fixes.

Why migrate?

The DFS Replication service offers several advantages over the older File Replication Service (FRS). Some of the advantages that accrue from using the DFS Replication service are:

a)       Efficient, scalable and reliable file replication protocol which has been tested extensively to ensure data consistency in multi-master replication scenarios.

b)       Differential replication of changes to files using the Remote Differential Compression (RDC) algorithm, which enhances efficiency in branch office scenarios.

c)       Flexible scheduling and bandwidth throttling mechanisms.

d)       Self-heals from USN journal wraps and database corruptions – end user intervention and monitoring requirement is minimal.

e)       Provides a new UI management tool (MMC snap-in) for ease of administration.

f)        Provides built in health monitoring tools for ease of monitoring deployments.

g)       Improved support for Read Only Domain Controllers.

It is hence highly recommended that customers migrate replication of the SYSVOL share to the DFS Replication service.

Migration – in a nutshell (more…)

Read Full Post »

ou can install the DFS components by using the following procedures.

Installing Windows Server 2008 and DFS

During Setup, follow the on-screen prompts to install Windows Server 2008. Refer to the section “Lab Requirements” earlier in this guide for details about which servers must run Windows Server 2008 and which servers can run Windows Server 2003 R2 or Windows Server 2003 SP1.

After Windows Server 2008 is installed, you can install the DFS components and open the DFS Management snap-in by using the following procedures.


The method below using the Server Manager tool enables you to install DFS as a part of the file server role. This method also installs other file server tools, such as File Server Resource Manager and File Server Management.

To install DFS as part of the file server role

  1. Click Start, point to All Programs, point to Administrative Tools, and then click Server Manager.
  2. In the console tree of Server Manager, right-click the Roles node, and then click Add Roles.
  3. Follow the steps in the Add Roles Wizard, and supply the information described in the following table.
Add Roles Wizard page

What to enter

Before You Begin

Click Next after you verify that the requirements listed on the page have been met.

Select Server Roles

Select the File Services check box.

File Services

Click Next.

Select Roles Services

Select the Distributed File System check box to install both DFS Namespaces and DFS Replication.

To install DFS Namespaces or DFS Replication individually, select the check box that corresponds to the part of DFS that you want to install.

Create a DFS Namespace

Select the Create a namespace later using the DFS Management snap-in in Server Manager check box.


Click Install to install the file server role and DFS.

Installation Progress

This page is automatically replaced by the Installation Results page when installation is completed.

Installation Results

Note any errors, and then click Close to close the wizard.

Use the following procedure if the file server role has already been added.


Read Full Post »

 have two domain controllers both server 2008, and the domain function level has been raised to 2008. We migrated from a single dc running server 2008 previously. If I run :

dcdiag /v /c /d /e /s:win2k8dc1 >c:dcdiag.txt

I receive the following error:

Starting test: VerifyEnterpriseReferences

The following problems were found while verifying various important DN

references. Note, that these problems can be reported because of

latency in replication. So follow up to resolve the following

problems, only if the same problem is reported on all DCs for a given

domain or if the problem persists after replication has had

reasonable time to replicate changes.

[1] Problem: Missing Expected Value

Base Object: CN=WIN2K8DC1,OU=Domain Controllers,DC=JEWELS,DC=LOCAL

Base Object Description: “DC Account Object”

Value Object Attribute Name: msDFSR-ComputerReferenceBL

Value Object Description: “SYSVOL FRS Member Object”

Recommended Action: See Knowledge Base Article: Q312862

[2] Problem: Missing Expected Value

Base Object: CN=WIN2K8DC2,OU=Domain Controllers,DC=JEWELS,DC=LOCAL

Base Object Description: “DC Account Object”

Value Object Attribute Name: msDFSR-ComputerReferenceBL

Value Object Description: “SYSVOL FRS Member Object”

Recommended Action: See Knowledge Base Article: Q312862

LDAP Error 0x20 (32) – No Such Object.

……………………. WIN2K8DC1 failed test (more…)

Read Full Post »

When you try to remove a domain controller from your Active Directory domain by using Dcpromo.exe and fail, or when you began to promote a member server to be a Domain Controller and failed (the reasons for your failure are not important for the scope of this article), you will be left with remains of the DCs object in the Active Directory. As part of a successful demotion process, the Dcpromo wizard removes the configuration data for the domain controller from Active Directory, but as noted above, a failed Dcpromo attempt might leave these objects in place.

You will need the following tool: Ntdsutil.exe, Active Directory Sites and Services, Active Directory Users and Computers.

Also, make sure that you use an account that is a member of the Enterprise Admins universal group.

Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

To clean up metadata

  1. At the command line, type Ntdsutil and press ENTER.



  2. At the Ntdsutil: prompt, type metadata cleanup and press Enter. (more…)

Read Full Post »

Upgrade Domain Controllers From 2008 R2 to Windows Server 2012 April 10


This topic provides background information about Active Directory Domain Services in Windows Server 2012 and explains the process for upgrading domain controllers from Windows Server 2008 or Windows Server 2008 R2. UPGRADE FROM SERVER 2008 R2 TO Windows server 2012

Table of Contents

1.1.1    1

2.    Prerequisites check    2

3.    Prepare the forest    2

1.    Considerations for using Adprep.exe in Windows Server 2012    2

1-1    Install Active Directory Domain Services on Windows Server 2012 with PowerShell    2

2-1    Install Active Directory Domain Services on Windows Server 2012 with Server Manager    2

3-1    Promote a Server to a Domain Controller in Windows Server 2012 with Server Manager    2

4-1    Configure DNS on server    3

2.1.1    Check the Functional level    3

5-1    Change the DHCP setting in the server scope to the new DNS    6

6-1    Transferring the Root FSMO    6

3.1.1    Transferring the Domain-Specific Roles: RID, PDC, and Infrastructure Master    6

4.1.1    Transferring the Domain Naming Master role    7

5.1.1    Transferring the Schema Master Role    7

6.1.1    Transferring the Schema Master Role    7

7-1    Move a DHCP Database to another Server    8

7.1.1    Add the DHCP ROLE    8

8-1    Back up the DHCP database (at the source server)    8

8.1.1    Export DHCP    8

9-1    Install the DHCP server service on the server that is running Windows Server 2012    8

9.1.1    Import the DHCP database    9

10-1    Authorize the DHCP server    9

10.1.1    After installing and removing Roles    9

11-1    Refrences    9

  1. Prerequisites check (more…)

Read Full Post »

Applies To: Windows Server 2008 R2

DHCP provides context-specific icons to dynamically represent the state of console objects. Objects include the DHCP servers, clients, scopes, and option types that are used and managed in the console.

General usage of console icons


Read Full Post »

%d bloggers like this: