we are running an old Window 2003 Server as Domain Controller (DC2003). To safely migrate to Windows 2008 R2 we added a 2008 R2 (DC2008R2) to the domain as domain controller (adprep etc.).
After dcpromo on DC2008R2 everything seemed to be ok. The new DC appeared under the "Domain Controlelrs" node.
It wasn't checked at this time, if DC2008R2 can REALLY act as domain controller.
Later we tried to shutdown DC2003 and ran into a total mess with non functional Exchange and Team Foundation Services.
After that I got the job to fix...
First i thought it could be an Problem with DC2008R2. So I removed it as Domain Controller and installed a new Windows 2008 R8 Server DC2008R2-2. I ran into similar Problems. I tried a bunch of stuff, but nothign helped. I won't list it, maybe I made an mistake, so I'm willing to redo it with your suggestions.
To have a starting point I tried the best practise analyser whicht ended up with 24 "Compatible" and 26 "Not Compatible" tests. From these 26 tests 19 read the same. (I'm translating from german, so that may to be the exact wording)
Problem: Using the Best Practise Analyser for Active Directory Domain Services (Active Directory Domain Services Best Practices Analyzer, AD DS BPA) no data can be be gathered using the name of the forest and the domain controller DC2008R2-2.
I appreciate any suggestions, this really bothers me.
It sounds like there are either DNS or replication problems. Here are some things to check:
Did you add the new domain controller to the DNS resolvers list on all of your servers?
If not, this is obviously the first thing to fix. Member servers should be configured to query all ADI DNS servers in its site.
Are there replication problems with your DCs?
If you have more than one DC, then they should each use each other for DNS to prevent replication islands. If your DCs are configured to use themselves first for resolution, then in a rapidly changing topology like you describe, replication can fail and all kinds of fun stuff will happen.