Share via

Upgrading my 2012 server enviroment to 2019 - error

Hugh Lancaster 0 Reputation points
2024-07-18T16:21:07.0766667+00:00

Prior to installing 2019 DC into a 2012 environment, I followed all protocols ensure DFS was working correctly, Dcdiag showed no errors. Installed 2019 updated with all updates. Promoted the 2019 server to a DC and now getting these errors:

Directory Server Diagnosis

Performing initial setup:

Trying to find home server...

Home Server = Tncsd-19-DC

  • Identified AD Forest.

Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\Tncsd-19-DC

  Starting test: Connectivity

     ......................... Tncsd-19-DC passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\Tncsd-19-DC

  Starting test: Advertising

     Warning: DsGetDcName returned information for \\Tncsd3v.Tncsd.net, when we were trying to reach Tncsd-19-DC.

     SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

     ......................... Tncsd-19-DC failed test Advertising

  Starting test: FrsEvent

     ......................... Tncsd-19-DC passed test FrsEvent

  Starting test: DFSREvent

     There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL

     replication problems may cause Group Policy problems. 

     ......................... Tncsd-19-DC failed test DFSREvent

  Starting test: SysVolCheck

     ......................... Tncsd-19-DC passed test SysVolCheck

  Starting test: KccEvent

     ......................... Tncsd-19-DC passed test KccEvent

  Starting test: KnowsOfRoleHolders

     ......................... Tncsd-19-DC passed test KnowsOfRoleHolders

  Starting test: MachineAccount

     ......................... Tncsd-19-DC passed test MachineAccount

  Starting test: NCSecDesc

     ......................... Tncsd-19-DC passed test NCSecDesc

  Starting test: NetLogons

     Unable to connect to the NETLOGON share! (\\Tncsd-19-DC\netlogon)

     [Tncsd-19-DC] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..

     ......................... Tncsd-19-DC failed test NetLogons

  Starting test: ObjectsReplicated

     ......................... Tncsd-19-DC passed test ObjectsReplicated

  Starting test: Replications

     ......................... Tncsd-19-DC passed test Replications

  Starting test: RidManager

     ......................... Tncsd-19-DC passed test RidManager

  Starting test: Services

     ......................... Tncsd-19-DC passed test Services

  Starting test: SystemLog

     A warning event occurred.  EventID: 0x00000018

        Time Generated: 07/18/2024   10:51:19

        Event String:

        Time Provider NtpClient: No valid response has been received from domain controller Tncsd3v.Tncsd.net after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. The error was: The client fails authenticating a response with a bad signature. 

     ......................... Tncsd-19-DC passed test SystemLog

  Starting test: VerifyReferences

     ......................... Tncsd-19-DC passed test VerifyReferences

Running partition tests on : DomainDnsZones

  Starting test: CheckSDRefDom

     ......................... DomainDnsZones passed test CheckSDRefDom

  Starting test: CrossRefValidation

     ......................... DomainDnsZones passed test CrossRefValidation

Running partition tests on : ForestDnsZones

  Starting test: CheckSDRefDom

     ......................... ForestDnsZones passed test CheckSDRefDom

  Starting test: CrossRefValidation

     ......................... ForestDnsZones passed test CrossRefValidation

Running partition tests on : Schema

  Starting test: CheckSDRefDom

     ......................... Schema passed test CheckSDRefDom

  Starting test: CrossRefValidation

     ......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration

  Starting test: CheckSDRefDom

     ......................... Configuration passed test CheckSDRefDom

  Starting test: CrossRefValidation

     ......................... Configuration passed test CrossRefValidation

Running partition tests on : Tncsd

  Starting test: CheckSDRefDom

     ......................... Tncsd passed test CheckSDRefDom

  Starting test: CrossRefValidation

     ......................... Tncsd passed test CrossRefValidation

Running enterprise tests on : Tncsd.net

  Starting test: LocatorCheck

     ......................... Tncsd.net passed test LocatorCheck

  Starting test: Intersite

     ......................... Tncsd.net passed test Intersite
Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,614 questions
Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,571 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,637 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 21,436 Reputation points Microsoft Vendor
    2024-07-22T13:29:40.7733333+00:00

    Hello Hugh Lancaster,
    Thank you for posting in Q&A forum.

    Here are a few steps you can take to troubleshoot this issue:

    1.Please check if the forest functional level and domain functional level.

    The minimum requirement to add one a domain controller of 2019 Windows Server is a Windows Server 2008 functional level. The domain also has to use DFS-R as the engine to replicate SYSVOL.

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

    2.Please check whether the Netlogon and SYSVOL are shared on new 2019 Domain Controller.
    Please run net share on this new DC and check it.

    3.Now please check AD replication status by running commands below on PDC in the domain.

    repadmin /showrepl >C:\rep1.txt

    repadmin /replsum >C:\rep2.txt

    repadmin /showrepl * /csv >c:\repsum.csv

    4.Check Network Connectivity:

    Ensure that new DC is online and has network connectivity. Ping it and check if it responds.

    5.Verify DNS Configuration:

    Make sure new DC has the correct DNS server settings. -

    6.Check AD Sites and Services Configuration:

    Ensure that new DC is correctly placed in an Active Directory site with proper subnet associations.

    7.Check Services: Confirm that all necessary AD-related services are running on new DC.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.