Question : New 2008 server has messed up DNS

I have just added a 2008 server to the domain, which has 2003 servers. I made the 2008 the DC and GC for the domain and transferred all the FSMO roles to the server. I have noticed now that DNS on the 2 other servers is not working properly and services that worked before such as Backup Exec, RouteOne etc are now not authenticated. Also, users dialling in via VPN to connect to the AS400 and to pick up email via OWA or OMA cannot authenticate.

Obviously this is not a good situation.

Can anybody help please?
Let me know if there is any specific data that would help.

Answer : New 2008 server has messed up DNS

Did you run DCPromo on the Exchange server when you were taking the other DCs out? I assume you demoted the rest of the domain controllers?

Where does BackupExec live?

DNS is unlikely to be really messed but, but I do need to know which DNS servers everything is configured to use. Given that the 2008 system is the only DC now it is imperative that everything you expect to use AD only uses the 2008 server for DNS.

The delegation needs fixing too. Open up the DNS console on the 2008 server, select the greyed out version of _msdcs beneath tools.co.uk. You'll see a number of NS Records associated with that, they need to point to the 2008 server and probably don't right now. Right click on the _msdcs folder (the grey one again) and open it's properties. Select the Name Servers tab, add the 2008 server to the list, and remove anything / everything else.

Restart the NetLogon service on the 2008 server then check the event log for errors about updating DNS.

Chris