Hi,
I am in the process of increasing our forest functional level to Windows 2003 from Windows 2000 as part of a domain cleanup.
We have 1 SBS2003 server, 1 Windows 2008 and 2 2008 R2 servers and the plan is to install another DC with Windows 2012 and promote to primary domain controller, demote the SBS2003 and 2008 servers leaving us with the 3 servers.
However, I have ran DCDIAG and fixed just about all the errors prior to upping the forest level, the only issue left is related to DNS. I ran the DCDIAG from the SBS2003 server (our current PDC) and got the following results:
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: domain.com
FS1 PASS WARN n/a
n/a n/a n/a n/a
IHDC1 PASS PASS PASS PASS WARN PASS
n/a
sbsrv PASS PASS PASS PASS WARN PASS
n/a
FS2 PASS WARN n/a
n/a n/a n/a n/a
.........................domain.com passed test DNS
Both FS1 and FS2 (2008 R2 servers) also report the following
The SOA record for the Active Directory zone was found
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)
[Error details: 5 (Type: Win32 - Description: Access is denied.)]
Should I be concerned about this prior to increasing the functional level or am I ok to just proceed?
All other DCDIAG tests are passed ok..
Checking the DNS management on any of the other servers, other than the sbs server, I can view and connect to each DNS server and replication works fine as does resolution. From the SBS server I cannot connect to the 2008 r2 servers through the DNS management console. I can ping them by name and IP address.
Just to add they are part of an NLB cluster managing ADFS, but the cluster uses a secondary NIC on a different IP address.
Regards
Drac