Why can’t the Win2003 Server connect to the Win2008 PDC anymore after a minor network change ? (FRS problem?)

active-directorywindows-server-2003windows-server-2008

I've got a win 2003 server running a TFS server, and a Win 2008 server acting as a PDC.

A few days ago, I changed my DHCP and DNS server (which used to be the win 2008 server) to a Cisco Router.
Since then, I've not been able to log in on my TFS server, which keeps complaining that my domain doesn't exists.

I've run dcdiag from my local Admin account to debug :

dcdiag /v /s:MYPDC /u:MYDOMAIN\Brann /p:*

Which returned me this error:

     * Active Directory LDAP Services Check
         The host 95cb8ce0-ecb1-43e3-87aa-e4ce74fe6._msdcs.MYDOMAIN could not be  resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         ......................... MYPDC  failed test Connectivity

I changed my DHCP server to use MYPDC as the primary DNS server again, and this error stopped appearing

I restarted the server, confident that the issue was solved, but now I'm getting this :

   Starting test: VerifyReferences
      Some objects relating to the DC IDS-SERVER have problems:
         [1] Problem: Missing Expected Value
          Base Object: CN=MYPDC,OU=Domain Controllers,DC=MYDOMAIN
          Base Object Description: "DC Account Object"
          Value Object Attribute Name: frsComputerReferenceBL
          Value Object Description: "SYSVOL FRS Member Object"
          Recommended Action: See Knowledge Base Article: Q312862

      ......................... IDS-SERVER failed test VerifyReferences

I've tried troubleshooting File Replication service as suggested in Q312862, but I'm stuck at the beginning :

C:\Documents and Settings\Administrator>ntfrsutl ds TFS
ERROR - Cannot bind w/authentication to computer, TFS; 000006d9 (1753)
ERROR - Cannot bind w/o authentication to computer, TFS; 000006d9 (1753)
ERROR - Cannot RPC to computer, TFS; 000006d9 (1753)

C:\Documents and Settings\Administrator>ntfrsutl ds MYPDC
ERROR - Cannot RPC to computer, MYPDC; 000006d2 (1746)

Any ideas on what to try next?
Btw, other Vista computers on this domain can login just fine.

Best Answer

I changed my DHCP and DNS server

Just a thought ...

Did you move all of your service records (SRV) when you switched to the new DNS server? Active Directory really needs those records to operate. Without the SRV records you have no way of telling clients where your LDAP and Kerberos servers are (which is your PDC/GC).

Oh ... and was your TFS using DHCP?

Related Topic