Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DCPROMO Problems 4

Status
Not open for further replies.
gscheepers

gscheepers

IS-IT--Management
Jan 21, 2002
150
US
Hi everyone,

I'm trying to build a DC from scratch as our master DC went bust without us having a nice system state backup!

Half way through the process I get the following message:

The operation failed because:

The Directory Service failed to create the server object for CN=NTDS Settings,CN=FNDDCHQ,CN=Servers,CN=Stratford,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=NET on server SECONDDC.MYDOMAIN.NET. Please ensure the network credentials provided have sufficient access to add a replica.

"Could not find the domain controller for this domain. "

My brain's starting to hurt! I sure hope someone will be able to help me! What better way to start the weekend!?!

Thanks,

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Sort by date Sort by votes
Sounds like you're trying to install a second domain controller and it's looking for the first DC and can't find it (and as you said, it's gone). Are you selecting the option to install a "Domain controller for a new domain?" Even though you had a domain in place, you still will need to create a whole new domain, since your other DC is "bust." You will also need to create a new domain tree, new forest, etc. This is, of course, only if you have no other domain controller present. And it appears that way from the error you got, or if your intention is to add another DC to a domain where you have a DC, it can't get to the DC for some reason.
 
Upvote 0 Downvote
Hi,

The DC I'm trying to connect to is at a remote site. I've promoted this DC to RID, PDC and Infrastructure masters. Could it be that the connection to the site's to slow?

If I create a whole new domain, does this mean I'll have to rejoin each and every PC/server again? I've got about a 1000 pc's/laptops around the UK.

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
I cant clear this thing:
You dont have any DC now, and you are trying to install a new one?
Why would the new one want to conenct to the old one, if It doesnt exist?!
please clear these things.
If you still have the old DC working, I think its a DNS issue. check this thing as well..

Oded Shafran,
Network Administrator
 
Upvote 0 Downvote
Hi Oded,

At HQ I had 2 DC's - the master (which failed due to hardware problem) and a backup (which has serious DNS problems. (Not a very good picture is it!) At another site (in Bristol) I've got a DC which works without any problems. At the moment everyone's logging on via this DC - very slow as it's over a WAN connection.

I'm trying to build a new DC for HQ from the DC in Bristol. I did a netdiag on the DC in Bristol and all the tests passes.

Thanks for your advise so far.

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
if you promoted the Bristol DC to be master, and it gives you the error of WHO THE HELL IS THE MASTER DC?
then its probably DNS related issue...
i'd suggest you to check the DC in Bristol to see if it is configured currectly...

Oded Shafran,
Network Administrator
 
Upvote 0 Downvote
theres no master with win2000...are they on the same domain or different domains, and is the other domain a win2000 domain as well...

and what happened to the 2nd domain controller at HQ, or is it a NT4 BDC (which would explain why you called the 2000 server a master)

do you have a firewall between them, if so you need to enable all the right ports for directory replication
 
Upvote 0 Downvote
Yes there's master in 2000domain. which controls the whole forest... you must have one of these.
(and i dont mean PDC)...


Oded Shafran,
Network Administrator
 
Upvote 0 Downvote
Hi,

The domain is fully Win2K. Thw second domain controler here at HQ has massive DNS problems, which is why I'm trying to re-create a new DC from the Bristol site.

As far as I know the firewall's got the correct ports open. Wednesday evening, I managed to create a new DC from Bristol, BUT, at 5am Thursday morning (as I was tidying up loose ends in DNS) the DNS settings just suddenly 'disappeared' infront of my eyes. I was stunned. Since then DNS has been messed up big time. I managed to salvage the DNS settings on the Bristol DC, but I'm still getting the same error as above.

Thans for the advise so far...

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
what kind of DNS zones?? ad integrated?.

what kind of site links going over to bristol? T1, T3

replication does have probs over a WAN line sometimes

generally best practice to make replicas in the site that they will be replicas of, in other words, ship it to bristol and let them set it up and replicate it there
 
Upvote 0 Downvote
It's a T1. To be honest - I have had the feeling that it might be the connection between the sights that's to slow at times. I have to say that it takes forever to actually connect to the Bristol DC while attempting the DCPROMO. It goes as far as the second "configuring the server account" and then bombs out.

Thanks for your advice so far...

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
Can you physically take the new machine to where the other servers are, do the job, then take it back home? Good luck.

Glen A. Johnson
Johnson Computer Consulting
MCP W2K



Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"Study not to know more, but better."
Lucius Annaeus Seneca (2 BC-65AD); Roman philosopher.


 
Upvote 0 Downvote
Sounds like you need to consolidate your AD roles onto the one functioning DC... RID master, PDC Master, Infrastructure Master, Operations Master, Global Catalog, and NTfrs replication, must be all functioning on at least one consolidated DC. If there are DC's that are not working, make sure they are not the acting controller for any of the above AD related services, and do DCpromo to remove them from your forest.
Once everything is working on one server, then promote your seconary site machines again using DCpromo, check that they are happy, and then configure your site replication.
 
Upvote 0 Downvote
Hi,

I managed to do a DCPROMO from the Bristol site, but I've got a few problems on the server since the replication.

1. Event ID: 13514 NTFrs

The File Replication Service may be preventing the computer MYDC from becoming a domain controller while the system volume is being initialized with data from another domain controller and then shared as SYSVOL.

Type "net share" to check for the SYSVOL share. The File Replication Service has stopped preventing the computer from becoming a domain controller once the SYSVOL share appears.

The initialization of the system volume can take some time. The time is dependent on the amount of data in the system volume, the availability of other domain controllers, and the replication interval between domain controllers.

The initialization of the system volume can be bypassed by first typing regedt32 and setting the value of SysvolReady to 1 and then restarting the Netlogon service.

WARNING - BYPASSING THE SYSTEM VOLUME INITIALIZATION IS NOT RECOMMENDED. Applications may fail in unexpected ways.

The value SysvolReady is located by clicking on HKEY_LOCAL_MACHINE and then clicking on System, CurrentControlSet, Services, Netlogon, and Parameters.

The Netlogon service can be restarted by typing "net stop netlogon" followed by "net start netlogon".

2. Event ID: 1000 Userenv

Windows cannot obtain the domain controller name for your computer network. Return value (59).

I'd really appreciate your help on these!

Many thanks for all your help so far!


Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
Upvote 0 Downvote
This may be a long shot, but I had the exact above error and I had reinstalled and moved DCs serveral times but I could never get the replica to start and that exact error would always occur, saying that the FRS and SysVOL were preventing the replication. I won't get into the reasons why, but are there any values inside the following registry key of the newest DC?

HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ NTFRS \ Sysvol






"In space, nobody can hear you click..."
 
Upvote 0 Downvote
Hi Red,

Nope - no values inside the registry key.

Gerhard Scheepers

"Great souls have wills; feeble ones only wishes..."
 
Upvote 0 Downvote
Well.. like I said, it was a long shot.

But, if there is nothing written in that key, then your initial DCPROMO and replication should of at least occured once. In other words, you should have c:\WINNT\SYSVOL\ in the newest DC. If so, then keep up the work with the other posts about DNS issues.



"In space, nobody can hear you click..."
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

amanua
  • Locked
  • Question
Event ID 13508 Sysvol replication problems
Replies
0
Views
216
amanua
amanua
DTracy
  • Locked
  • Question
DCPromo failure
Replies
1
Views
371
DTracy
DTracy
merang
  • Locked
  • Question
tcl array problems
Replies
0
Views
168
merang
merang
stergiosnik
  • Locked
  • Question
Windows Server 2003 microsoft update problems
Replies
1
Views
175
ShackDaddy
ShackDaddy
mbtransport
  • Locked
  • Question
Frustrating SP2 Install Problems
Replies
0
Views
152
mbtransport
mbtransport

Part and Inventory Search

Sponsor

Back
Top