Forum Discussion
"The security database has not been started" after promote new DC
SRVASA-DC01 has the RRAS role installed.
SRVASA-DC03 has the RRAS role installed.
Multi homing a domain controller will always cause no end to grief for active directory domain DNS. Remove RRAS role and if its still needed then stand up dedicated member servers for this role. I did not look at other files since these are show stoppers. After correcting these problems if issues persist then put up a new set of files to look at.
(please don't forget to mark helpful replies)
Hi Dave Patrick
I've disabled RRAS role in both DC and didn't work.
After, I demoted SRVASA-DC04 and create a new VM called SRVASA-DC02 and promote to a DC but didn't work too.
Please find the logs below
https://1drv.ms/u/s!Am8pbgsXRHYGiNxGCTpBO7GmtSzzAw?e=PuMcRk
Thanks for helping.
Link is broken. This item might have been deleted, expired, or you might not have permission to view it. Contact the owner of this item for more information.
- new link: https://1drv.ms/u/s!Am8pbgsXRHYGiNxGJfi3_djRITXsZg?e=5NWPjo
- SRVASA-DC01 has multiple ip addresses which will cause no end to confusion
- SRVASA-DC02 should also have own static (192.168.1.250) ip address listed for DNS
- SRVASA-DC03 should also have own static (192.168.2.250) ip address listed for DNS
- Also check the route betwwen 192.168.1.254 <-> 192.168.2.254 exists and doesn't block required ports
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts
- SRVASA-DC02 has many KDC errors so I'd check the event logs for more details and correct problems