Question : Need help to figure out this Active Directory issue on a new domain with Netlogon issues, in the midst of migration

We just rolled out a new domain, on Window 2008 R2, with 2 domain controllers (FSMO split between them and both GCs, and both AD-integrated DNS servers), an Exchange server, and a member server. (We only have this weekend to finish this.) We are about to migrate the desktops to the new domain, from the old domain (which was Windows 2000). We migrated Active Directory to an intermediate DC, because the the new one had the same NetBIOS name as the old one, and we couldn't form a trust. (I tried... which was probably silly.) But this didn't seem to cause any issues. It just didn't form a trust. So, we migrated AD to another DC, and then planned to repeat the process to move it to the new one... now that part isn't the issue. It will probably be fine. But as we booted up the new AD servers, the old AD servers were still on the network, on the same subnet. Didn't think about it being an issue. It wasn't before. But maybe I missed something. They took a long time to boot up and complained about not being able to get that NetBIOS name. (Saw that before. Wasn't an issue when this network was tested again, in its own room.) But now we seem to have an issue. (I took the old DCs offline, and rebooted these ones but we still have an issue). There are some references in here to the old domain... we never had a trust with it, so this is strange...
1)
There are some worrisome event log errors:
---
Source: DNS Client events Event ID: 1014
Name resolution for the name _ldap.tcp.dc._msdcs.<domain>.local timed out after none of the configured DNS servers responded.
---
Source: DfsSvc Event ID 14550
The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
---
Source: DNS Client events Event ID: 1014
Name resolution for the name _ldap.tcp.<domain>.local timed out after none of the configured DNS servers responded.
---
Source: NETLOGON Event ID: 5721
The session setup to the Windows NT or Windows 2000 Domain Controller <old_domain_DC> for the domain <NetBIOS_name_of_New_domain> failed because the Domain Controller did not have an account <NetBIOS_name_new_DC$> needed to set up the session by this computer <new_DC_name>

ADDITIONAL DATA
If this computer is a member of or a Domain Controller in the specified domain, the aforementioned account is a computer account for this computer in the specified domain. Otherwise, the account is an interdomain trust account with the specified domain.
---
Source: NETLOGON Event ID: 5513
The computer <desktop_on_old_domain> tried to connect to the server <new_DC> using the trust relationship established by the <NetBIOSname_newDomain>. However, the computer lost the correct security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship.

{the above appears with a number of different hostnames of computers from the network on the old domain.}
---
Source: GroupPolicy Event ID: 1058
The processing of Group Policy failed. Windows attempted to read the file \\<new_domain>.local\sysvol\<new_domain>.local\Policies\{<long_GUID>}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
---
Source: NETLOGON Event ID: 3096
The primary Domain Controller for this domain could not be located
---
Source: Winlogon Event ID: 6006
The winlogon notification subscriber <GPClient> took 361 second(s) to handle the notification event (CreateSession).

{The events tend to just repeat themselves}
2)
It seems to me that the Netlogon folder should have a scripts folder... it doesn't now. The policies and other expected objects seem to be under Sysvol\<domain> though.

I would really appreciate it if someone could help us out. We have the weekend to get this fixed, and we had a complete network ready to deploy. Just had to migrate the old users and computers. It could be pretty uncomfortable come Monday if this issue isn't cleared up. I wish I could grant more points, but anyone who can help is a hero to us, FWIW. Thanks in advance.

Answer : Need help to figure out this Active Directory issue on a new domain with Netlogon issues, in the midst of migration

i had a client that went thru adding new servers to a new domain, but we chose to just power off the old servers, bring up the new servers set them up, same netbios name (not my recommendation), recreate the users, then join all the workstations. it was fine because the old domain never saw the new domain.

now i think your dns records are kinda trashed, and now you need to decide: fix it, back out, cut and run

given the time crunch and invested past, i really think you'll do well to call microsoft product support, get them live on the phone and have them fix it. you'll usually get started right away, and they won't hang up until it's done. only down side is, it costs $250. at this point that's well worth it though.

Random Solutions

iframed page to finish without being in an iframe

List box child menu

Debugging an ASP.NET web application?

How do I add an external DNS route to point to an interal IP

Use an unbound column from a combo box

Interpretation of load average vs. CPU utilization

aspx page not loading image at run time....

VBA syntax to include a specific directory and a selected file

Generate report/query from sample data