Announcement

Collapse
No announcement yet.

CAN'T DCPROMO ON OLD WIN2K8 AD

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • CAN'T DCPROMO ON OLD WIN2K8 AD

    I have two AD's AD1 (win 12 serv) and AD2 (win 2k8 ). I manually moved all 5 FSMO roles over to AD1 but when I run dcpromo on AD2 I get the middle error (see pic). I've have tried numerous of Google posts but nothing seems to work. Trying to avoid "force"...not sure if that's my only option left...
    Attached Files
    Last edited by biggles77; 19th August 2015, 06:13. Reason: Fix 8) smilie issue

  • #2
    On AD2, make sure you configure its primary DNS server as AD1 and have no other DNS servers configured on the NIC. Then try demoting again.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      should I un-install DNS on AD2? AD1 is the prime DNS server...

      Comment


      • #4
        No need. If you still have devices pointing to it then you should configure the forwarder on AD2 to point to AD1.
        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          ugh, still same error.

          Comment


          • #6
            When was the 2012 server installed? Have you verified replication has taken place?
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              is it ok to run metadata on just ad2?

              Comment


              • #8
                As Jeremy has said have you ensured that replication is working and have you given it enough time to replicate after moving the FSMO roles? You can always force replication and then try dcpromo again.
                A recent poll suggests that 6 out of 7 dwarfs are not happy

                Comment


                • #9
                  I moved all FSMO roles 3 days ago...rebooted both AD's after MS updates. ran; repadmin /syncall /adeP on both AD's no errors.
                  Last edited by bigalusn; 13th August 2015, 16:00.

                  Comment


                  • #10
                    What happens when you use

                    netdom query fsmo

                    from a command prompt on both servers?
                    A recent poll suggests that 6 out of 7 dwarfs are not happy

                    Comment


                    • #11
                      I get the correct results on both AD's, all FSMO point to AD1.

                      Comment


                      • #12
                        Check the DFS, File Replication, and DNS event logs on both servers. Also run dcdiag and netdiag on both servers.
                        Regards,
                        Jeremy

                        Network Consultant/Engineer
                        Baltimore - Washington area and beyond
                        www.gma-cpa.com

                        Comment


                        • #13
                          hmm dcdiag on AD2, sysvol can be the issue. AD1 all clean results.



                          Attached Files

                          Comment


                          • #14
                            just tried this:
                            1. Open the Windows registry editor “regedit”.
                            2. Navigate to “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetserv ices Dfs”.
                            3. Add NTDS to the list of “DependOnService”.
                            4. Create a DWORD with the name “DelayedAutostart” and give it a value of 1.
                            5. This forces the DFS Namespace service wait until Active Directory has been initialized.

                            also ran this on both ad: Move-ADDirectoryServerOperationMasterRole -Identity "DC1" -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,Domain NamingMaster,PDCEmulator -Force

                            Ok, third update on this issue. I just tried to run a metadata cleanup and I got this error message; ***error: the connected server will not remove its own metadat
                            Last edited by bigalusn; 13th August 2015, 19:15.

                            Comment


                            • #15
                              If this were my forest, I would do the following:
                              1. Take a full backup of the domain controller "AD1" using Windows Server Backup
                              2. Seize the remaining role to the AD1: PS C:\> Move-ADDirectoryServerOperationMasterRole -Identity "AD1" -OperationMasterRole InfrastructureMaster
                              3. Power down AD2 and diskwipe it. (once you seize a role this DC cannot come back online)
                              4. Clean up metadata after AD2 has been removed
                              5. Rebuild AD2 and promote it as an additional DSA in your forest.
                              Rules of life:
                              1. Never do anything that requires thinking after 2:30 PM
                              2. Simplicity is godliness
                              3. Scale with extreme prejudice


                              I occasionally post using a savantphone, so please don't laugh too hard at the typos...

                              Comment

                              Working...
                              X