Saturday 8 March 2014

Server 2012 R2 Active directory 'dcpromo' site lookup uses IP6 instead of IP4?

Swapping out a physical hardware Head Office DC onto new hardware, the old Server 2008 R2 was dcpromo'd down - and removed from the domain and new 2012 R2 put in it's place and dcpromo'd up. As dcpromo no longer exists in Server 2012 I suppose we should say 'promoted to a DC'.

Things went wrong as the new HO DC used a Remote Site DC as its logonserver etc, and the AD had not replicated the information about the new DC to the remote site. This created a mess that needed tidying up - another story.

The main question was why the new HO DC did not use another HO DC after reboot for logons etc. Why had it gone off to a remote DC?

My colleague started looking through the dcpromo logs and found that this server was unable to work out what site the server was in. This data had not changed for years and indeed the site subnet was correct...on IP4.

There was no site subnet entry for IP6. A site subnet entry for IP6 was added in Active Directory Sites and Services and the promotion retried after tidying up, and all went perfectly.

The relationship/usage of IP4 and IP6 in different parts of Windows has never been effectively documented, and it appears that at sometime this code was changed from using IP4 site lookup to IP6.

There are 2 things to take from this dcpromo:
1) Always leave time for AD replication to happen between each part of the DC promotion process if you can afford to
2) Fill in IP6 site subnets if using Server 2012 R2

If you really want/need to speed up intra site replication beyond the 15 minute minimum limit allowed by the Windows GUI then read this article:
http://blogs.technet.com/b/qzaidi/archive/2010/09/23/enable-change-notifications-between-sites-how-and-why.aspx