我有一台安装了 WinServer 2003 的即将报废的服务器。它是一台域控制器。我使用 Server 2008 r2 创建了一个虚拟机,并迁移了其中的所有角色。但有一个问题。尽管新服务器已启用全局编录选项,但全局编录仍位于旧服务器上。它显示:
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 30.08.2013 18:45:20
Event ID: 1869
Task Category: Global Catalog
Level: Information
Keywords: Classic
User: ANONYMOUS LOGON
Computer: vm-dns2.logstream.local
Description:
Active Directory Domain Services has located a global catalog in the following site.
Global catalog:
\\server.logstream.local
Site:
Default-First-Site-Name
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
<EventID Qualifiers="16384">1869</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>18</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-08-30T14:45:20.007237900Z" />
<EventRecordID>186</EventRecordID>
<Correlation />
<Execution ProcessID="484" ThreadID="604" />
<Channel>Directory Service</Channel>
<Computer>vm-dns2.logstream.local</Computer>
<Security UserID="S-1-5-7" />
</System>
<EventData>
<Data>\\server.logstream.local</Data>
<Data>Default-First-Site-Name</Data>
</EventData>
</Event>
我需要将 GC 放在新服务器上,以便让旧服务器最终消失。有人能帮我吗?
我同意可能存在一些 DNS 问题。如果旧 DC 关闭,新 DC 会说:
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 02.09.2013 12:58:06
Event ID: 1126
Task Category: Global Catalog
Level: Error
Keywords: Classic
User: ANONYMOUS LOGON
Computer: vm-dns2.logstream.local
Description:
Active Directory Domain Services was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200e25
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
<EventID Qualifiers="49152">1126</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>18</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-02T08:58:06.650172500Z" />
<EventRecordID>248</EventRecordID>
<Correlation />
<Execution ProcessID="484" ThreadID="604" />
<Channel>Directory Service</Channel>
<Computer>vm-dns2.logstream.local</Computer>
<Security UserID="S-1-5-7" />
</System>
<EventData>
<Data>3200e25</Data>
<Data>1355</Data>
<Data>The specified domain either does not exist or could not be contacted.</Data>
</EventData>
</Event>
紧接着,出现了 2092 年事件:
此服务器是以下 FSMO 角色的所有者,但认为它无效。对于包含 FSMO 的分区,自重新启动以来,此服务器尚未与其任何伙伴成功复制。复制错误阻止验证此角色。需要联系 FSMO 操作主机的操作将失败,直到此情况得到纠正。FSMO 角色:DC=logstream,DC=local
其他具有自动网络配置的机器显示 DNS 服务器是 192.168.0.1,这是一个路由器
答案1
没关系……全局目录本身不需要从一个 DC“迁移”到另一个。只需将所有域控制器都设为 GC。就是这样。退役作为 GC 的域控制器没有问题。所有域控制器都应该同时成为 GC。