我正在尝试将 DC 从 Windows Server 2003 SBS 迁移到 Windows Server 2016。当我尝试将 Server 2016 升级为域控制器时,问题就开始了。我在“先决条件检查”步骤中收到以下错误消息:
Verification of outbound replication failed. Error reading the NTDS settings on replication source domain controller server.mydomain.local. Domain controller data not found for the specified Active Directory domain controller
在森林里有一个空的子域和一个有故障的辅助 DC(安装它的计算机很久以前就丢失了)。我在帮助下清理了这些东西,ntdsutil但无济于事。虽然dcdiag现在几乎干净了:
Command Line: "dcdiag.exe /v /c /d /e"
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine SERVER, is a DC.
* Connecting to directory service on server SERVER.
SERVER.currentTime = 20201022103523.0Z
SERVER.highestCommittedUSN = 12822731
SERVER.isSynchronized = 1
SERVER.isGlobalCatalogReady = 1
* Collecting site info.
* Identifying all servers.
SERVER.currentTime = 20201022103523.0Z
SERVER.highestCommittedUSN = 12822731
SERVER.isSynchronized = 1
SERVER.isGlobalCatalogReady = 1
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=1
pszRootDomain=mcad.local
pszNC=
pszRootDomainFQDN=DC=mcad,DC=local
pszConfigNc=CN=Configuration,DC=mcad,DC=local
pszPartitionsDn=CN=Partitions,CN=Configuration,DC=mcad,DC=local
iSiteOptions=0
dwTombstoneLifeTimeDays=60
dwForestBehaviorVersion=2
HomeServer=0, SERVER
SERVER: pServer[0].pszName=SERVER
pServer[0].pszGuidDNSName=12a36ed6-9156-4bb8-9d8a-f523bd78ff47._msdcs.mcad.local
pServer[0].pszDNSName=SERVER.mcad.local
pServer[0].pszDn=CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
pServer[0].pszComputerAccountDn=CN=SERVER,OU=Domain Controllers,DC=mcad,DC=local
pServer[0].uuidObjectGuid=12a36ed6-9156-4bb8-9d8a-f523bd78ff47
pServer[0].uuidInvocationId=46209efa-f56d-4587-b190-36daf538829a
pServer[0].iSite=0 (Default-First-Site-Name)
pServer[0].iOptions=1
pServer[0].ftLocalAcquireTime=0c27e930 01d6a85f
pServer[0].ftRemoteConnectTime=0bf56780 01d6a85f
pServer[0].ppszMasterNCs:
ppszMasterNCs[0]=DC=ForestDnsZones,DC=mcad,DC=local
ppszMasterNCs[1]=DC=DomainDnsZones,DC=mcad,DC=local
ppszMasterNCs[2]=CN=Schema,CN=Configuration,DC=mcad,DC=local
ppszMasterNCs[3]=CN=Configuration,DC=mcad,DC=local
ppszMasterNCs[4]=DC=mcad,DC=local
SITES: pSites[0].pszName=Default-First-Site-Name
pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
pSites[0].pszISTG=CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
pSites[0].iSiteOption=0
pSites[0].cServers=1
NC: pNCs[0].pszName=ForestDnsZones
pNCs[0].pszDn=DC=ForestDnsZones,DC=mcad,DC=local
pNCs[0].aCrInfo[0].dwFlags=0x00000201
pNCs[0].aCrInfo[0].pszDn=CN=053f2400-35fe-4529-a535-d8d649587484,CN=Partitions,CN=Configuration,DC=mcad,DC=local
pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.mcad.local
pNCs[0].aCrInfo[0].iSourceServer=0
pNCs[0].aCrInfo[0].pszSourceServer=(null)
pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[0].aCrInfo[0].bEnabled=TRUE
pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[0].aCrInfo[0].pszNetBiosName=(null)
pNCs[0].aCrInfo[0].cReplicas=-1
pNCs[0].aCrInfo[0].aszReplicas=
NC: pNCs[1].pszName=DomainDnsZones
pNCs[1].pszDn=DC=DomainDnsZones,DC=mcad,DC=local
pNCs[1].aCrInfo[0].dwFlags=0x00000201
pNCs[1].aCrInfo[0].pszDn=CN=fc0257f3-c228-4082-8647-08354ec0dd25,CN=Partitions,CN=Configuration,DC=mcad,DC=local
pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.mcad.local
pNCs[1].aCrInfo[0].iSourceServer=0
pNCs[1].aCrInfo[0].pszSourceServer=(null)
pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
pNCs[1].aCrInfo[0].bEnabled=TRUE
pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[1].aCrInfo[0].pszNetBiosName=(null)
pNCs[1].aCrInfo[0].cReplicas=-1
pNCs[1].aCrInfo[0].aszReplicas=
NC: pNCs[2].pszName=Schema
pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=mcad,DC=local
pNCs[2].aCrInfo[0].dwFlags=0x00000201
pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=mcad,DC=local
pNCs[2].aCrInfo[0].pszDnsRoot=mcad.local
pNCs[2].aCrInfo[0].iSourceServer=0
pNCs[2].aCrInfo[0].pszSourceServer=(null)
pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[2].aCrInfo[0].bEnabled=TRUE
pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[2].aCrInfo[0].pszNetBiosName=(null)
pNCs[2].aCrInfo[0].cReplicas=-1
pNCs[2].aCrInfo[0].aszReplicas=
NC: pNCs[3].pszName=Configuration
pNCs[3].pszDn=CN=Configuration,DC=mcad,DC=local
pNCs[3].aCrInfo[0].dwFlags=0x00000201
pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=mcad,DC=local
pNCs[3].aCrInfo[0].pszDnsRoot=mcad.local
pNCs[3].aCrInfo[0].iSourceServer=0
pNCs[3].aCrInfo[0].pszSourceServer=(null)
pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
pNCs[3].aCrInfo[0].bEnabled=TRUE
pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[3].aCrInfo[0].pszNetBiosName=(null)
pNCs[3].aCrInfo[0].cReplicas=-1
pNCs[3].aCrInfo[0].aszReplicas=
NC: pNCs[4].pszName=mcad
pNCs[4].pszDn=DC=mcad,DC=local
pNCs[4].aCrInfo[0].dwFlags=0x00000201
pNCs[4].aCrInfo[0].pszDn=CN=MCAD,CN=Partitions,CN=Configuration,DC=mcad,DC=local
pNCs[4].aCrInfo[0].pszDnsRoot=mcad.local
pNCs[4].aCrInfo[0].iSourceServer=0
pNCs[4].aCrInfo[0].pszSourceServer=(null)
pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
pNCs[4].aCrInfo[0].bEnabled=TRUE
pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000 pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
pNCs[4].aCrInfo[0].pszNetBiosName=(null)
pNCs[4].aCrInfo[0].cReplicas=-1
pNCs[4].aCrInfo[0].aszReplicas=
5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, mcad,
1 TARGETS: SERVER,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
Failure Analysis: SERVER ... OK.
* Active Directory RPC Services Check
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Replications
* Replications Check
DC=ForestDnsZones,DC=mcad,DC=local has 10 cursors.
DC=DomainDnsZones,DC=mcad,DC=local has 9 cursors.
CN=Schema,CN=Configuration,DC=mcad,DC=local has 10 cursors.
CN=Configuration,DC=mcad,DC=local has 10 cursors.
DC=mcad,DC=local has 9 cursors.
* Replication Latency Check
DC=ForestDnsZones,DC=mcad,DC=local
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=mcad,DC=local
Latency information for 8 entries in the vector were ignored.
8 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=mcad,DC=local
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=mcad,DC=local
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=mcad,DC=local
Latency information for 8 entries in the vector were ignored.
8 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... SERVER passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... SERVER passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=mcad,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... SERVER passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SERVER.
* Security Permissions Check for
DC=ForestDnsZones,DC=mcad,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=mcad,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=mcad,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=mcad,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=mcad,DC=local
(Domain,Version 2)
......................... SERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\SERVER\netlogon
Verified share \\SERVER\sysvol
......................... SERVER passed test NetLogons
Starting test: Advertising
The DC SERVER is advertising itself as a DC and having a DS.
The DC SERVER is advertising as an LDAP server
The DC SERVER is advertising as having a writeable directory
The DC SERVER is advertising as a Key Distribution Center
The DC SERVER is advertising as a time server
The DS SERVER is advertising as a GC.
......................... SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
Role Domain Owner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
Role PDC Owner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
Role Rid Owner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
......................... SERVER passed test KnowsOfRoleHolders
Starting test: RidManager
ridManagerReference = CN=RID Manager$,CN=System,DC=mcad,DC=local
* Available RID Pool for the Domain is 8109 to 1073741823
fSMORoleOwner = CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
* SERVER.mcad.local is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN=RID Set,CN=SERVER,OU=Domain Controllers,DC=mcad,DC=local
* rIDAllocationPool is 7609 to 8108
* rIDPreviousAllocationPool is 5109 to 5608
* rIDNextRID: 5461
......................... SERVER passed test RidManager
Starting test: MachineAccount
Checking machine account for DC SERVER on DC SERVER.
* SPN found :LDAP/SERVER.mcad.local/mcad.local
* SPN found :LDAP/SERVER.mcad.local
* SPN found :LDAP/SERVER
* SPN found :LDAP/SERVER.mcad.local/MCAD
* SPN found :LDAP/12a36ed6-9156-4bb8-9d8a-f523bd78ff47._msdcs.mcad.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/12a36ed6-9156-4bb8-9d8a-f523bd78ff47/mcad.local
* SPN found :HOST/SERVER.mcad.local/mcad.local
* SPN found :HOST/SERVER.mcad.local
* SPN found :HOST/SERVER
* SPN found :HOST/SERVER.mcad.local/MCAD
* SPN found :GC/SERVER.mcad.local/mcad.local
......................... SERVER passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... SERVER passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... SERVER passed test OutboundSecureChannels
Starting test: ObjectsReplicated
SERVER is in domain DC=mcad,DC=local
Checking for CN=SERVER,OU=Domain Controllers,DC=mcad,DC=local in domain DC=mcad,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local in domain CN=Configuration,DC=mcad,DC=local on 1 servers
Object is up-to-date on all servers.
......................... SERVER passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... SERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... SERVER passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... SERVER passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... SERVER passed test systemlog
Starting test: VerifyReplicas
......................... SERVER passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=SERVER,OU=Domain Controllers,DC=mcad,DC=local and backlink on
CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=SERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mcad,DC=local
and backlink on CN=SERVER,OU=Domain Controllers,DC=mcad,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=SERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=mcad,DC=local
and backlink on
CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mcad,DC=local
are correct.
......................... SERVER passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... SERVER passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC SERVER for domain mcad.local in site Default-First-Site-Name
Checking machine account for DC SERVER on DC SERVER.
* SPN found :LDAP/SERVER.mcad.local/mcad.local
* SPN found :LDAP/SERVER.mcad.local
* SPN found :LDAP/SERVER
* SPN found :LDAP/SERVER.mcad.local/MCAD
* SPN found :LDAP/12a36ed6-9156-4bb8-9d8a-f523bd78ff47._msdcs.mcad.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/12a36ed6-9156-4bb8-9d8a-f523bd78ff47/mcad.local
* SPN found :HOST/SERVER.mcad.local/mcad.local
* SPN found :HOST/SERVER.mcad.local
* SPN found :HOST/SERVER
* SPN found :HOST/SERVER.mcad.local/MCAD
* SPN found :GC/SERVER.mcad.local/mcad.local
[SERVER] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... SERVER passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : mcad
Starting test: CrossRefValidation
......................... mcad passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... mcad passed test CheckSDRefDom
Running enterprise tests on : mcad.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... mcad.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\SERVER.mcad.local
Locator Flags: 0xe00001fd
PDC Name: \\SERVER.mcad.local
Locator Flags: 0xe00001fd
Time Server Name: \\SERVER.mcad.local
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\SERVER.mcad.local
Locator Flags: 0xe00001fd
KDC Name: \\SERVER.mcad.local
Locator Flags: 0xe00001fd
......................... mcad.local passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: SERVER.mcad.local
Domain: mcad.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003 for Small Business Server (Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000010] Realtek RTL8139/810x Family Fast Ethernet NIC:
MAC address is 00:0E:0C:3E:56:EB
IP address is static
IP address: 192.168.1.1
DNS servers:
127.0.0.1 (server.mcad.local.) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
195.162.32.5 (<name unavailable>) [Valid]
217.25.208.6 (<name unavailable>) [Valid]
217.25.209.2 (<name unavailable>) [Valid]
77.88.8.1 (<name unavailable>) [Valid]
77.88.8.8 (<name unavailable>) [Valid]
8.8.8.8 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: mcad.local.
Delegated domain name: _msdcs.mcad.local.
DNS server: server.mcad.local. IP:192.168.1.1 [Valid]
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone mcad.local.
Test record _dcdiag_test_record added successfully in zone mcad.local.
Test record _dcdiag_test_record deleted successfully in zone mcad.local.
TEST: Records registration (RReg)
Network Adapter [00000010] Realtek RTL8139/810x Family Fast Ethernet NIC:
Matching A record found at DNS server 192.168.1.1:
SERVER.mcad.local
Matching CNAME record found at DNS server 192.168.1.1:
12a36ed6-9156-4bb8-9d8a-f523bd78ff47._msdcs.mcad.local
Matching DC SRV record found at DNS server 192.168.1.1:
_ldap._tcp.dc._msdcs.mcad.local
Matching GC SRV record found at DNS server 192.168.1.1:
_ldap._tcp.gc._msdcs.mcad.local
Matching PDC SRV record found at DNS server 192.168.1.1:
_ldap._tcp.pdc._msdcs.mcad.local
Total query time:0 min. 0 sec.. Total RPC connection time:0 min. 0 sec.
Total WMI connection time:4 min. 11 sec. Total Netuse connection time:0 min. 0 sec.
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 192.168.1.1 (server.mcad.local.)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
Delegation to the domain _msdcs.mcad.local. is operational
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
DNS server: 195.162.32.5 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 41 sec.
DNS server: 217.25.208.6 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 42 sec.
DNS server: 217.25.209.2 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 42 sec.
DNS server: 77.88.8.1 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 41 sec.
DNS server: 77.88.8.8 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 41 sec.
DNS server: 8.8.8.8 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Total query time:0 min. 0 sec., Total WMI connection time:0 min. 41 sec.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: mcad.local
SERVER PASS PASS PASS PASS PASS PASS n/a
Total Time taken to test all the DCs:4 min. 12 sec.
......................... mcad.local passed test DNS
除了复制测试的部分:
Starting test: Replications
* Replications Check
DC=ForestDnsZones,DC=mcad,DC=local has 10 cursors.
DC=DomainDnsZones,DC=mcad,DC=local has 9 cursors.
CN=Schema,CN=Configuration,DC=mcad,DC=local has 10 cursors.
CN=Configuration,DC=mcad,DC=local has 10 cursors.
DC=mcad,DC=local has 9 cursors.
* Replication Latency Check
DC=ForestDnsZones,DC=mcad,DC=local
Latency information for 9 entries in the vector were ignored.
9 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... SERVER passed test Replications
但我不知道如何解释这些结果,也不知道这些结果是否是错误。欢迎任何帮助!
答案1
虽然可以直接从 2003 年迁移到 2016 年(但不能从 2019 年迁移,因为需要Windows Server 2008 功能级别),我记得小型企业服务器(SBS)完全不同,进行一些调整可能会造成一些不必要的负担。使用 SBS 许可,您只能在环境中拥有一台 Windows Server,这违反了拥有至少两个域控制器的所有其他建议,这也可能是您的迁移无法按预期进行的原因。
您当前的环境和方法至少面临三个挑战:
- 从 2003 年到 2016 年是一次巨大的飞跃。
- 从 SBS 迁出。
- 您正在使用的
.local域名是不建议。
除非绝对不可能从头开始创建新的 Windows AD 并迁移数据而不是当前的 AD 域,否则我建议安装一个带有公开注册ad.example.com子域的新 AD。由于 SBS 是为拥有 25 到 50 个工作站的小型公司设计的,因此在这样的小型环境中,这应该不是一项不可能完成的任务。
答案2
最有可能是由于复制目标上的 RPC 端口关闭所致。请确保端口已打开/未被过滤。
答案3
似乎无法直接从 Server 2003 升级到 Server 2016。我首先设法升级到 Server 2008 R2。然后我进行了 FRS 到 DFS 迁移(没有此步骤就无法升级到 Server 2016)并提升了域和林级别。最后我升级到了 Server 2016。