Announcement

Collapse
No announcement yet.

can join or make dcpromo to make addition domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • can join or make dcpromo to make addition domain

    Hi everyone, I have a domain in windows server 2003 R2, I need to to make addition domain controller for replace failed one .. face this problem and another thing user who use winxp need to enter them password twice to make them login . in event viewer for domain i got those errors ID ( 4521-event-id-40960 ). plz i need help here it big mess for me
    Last edited by mohykk; 11th September 2017, 22:59.

  • #2
    Is there a DC available? If not then you will need to restore from a backup.

    Comment


    • #3
      The error message simply says that the computer you're trying to promote is unable to reach the required AD services on the remaining DC(s).

      As you can see from the error message text, it seems it was able to locate a single DC. Questions:

      - Is this the correct DC?
      - Is it online?
      - If you try to ping it, does the name resolve to the correct IP address?
      - Can you successfully ping it?

      Comment


      • #4
        Was the failed DC the FSMO holder? If so, suggest you do a metadata cleanup and seize the FSMOs to the surviving DC, then dcpromo the new one
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Originally posted by Ser Olmy View Post
          The error message simply says that the computer you're trying to promote is unable to reach the required AD services on the remaining DC(s).

          As you can see from the error message text, it seems it was able to locate a single DC. Questions:

          - Is this the correct DC?
          - Is it online?
          - If you try to ping it, does the name resolve to the correct IP address?
          - Can you successfully ping it?
          yes it online i ping it ... nslookup as well ...when i try to dcpromo new addition domain give me those message

          Comment


          • #6
            Originally posted by Ossian View Post
            Was the failed DC the FSMO holder? If so, suggest you do a metadata cleanup and seize the FSMOs to the surviving DC, then dcpromo the new one
            that what i do seize to FSMOs to the surviving DC, new i make new dc but every time i got those errors when try dcpromo

            Comment


            • #7
              Originally posted by wullieb1 View Post
              Is there a DC available? If not then you will need to restore from a backup.
              thanks wullieb1 for reply .... yes DC available but i have backup for 17/5/2017 and i affair form tombstone ( 60 days )... and ideas

              Comment


              • #8
                Can you please describe your environment a bit more - I feel we are missing a vital part of the picture

                Sites
                Subnets
                DC and FSMO placement
                A couple of IPCONFIGs from a good DC and the problematic computer would also be useful
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Originally posted by mohykk
                  and i affair form tombstone ( 60 days )...
                  What does this mean?
                  Did you have Tombstone set to invoke after 60 because Server 2003 default for Tombstone was 180 days. If you can't use the backup because it has been tombstoned then there is a simple registry hack that will untombstone that very old backup.

                  Code:
                  Windows Registry Editor Version 5.00
                  
                  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
                  
                  "Allow Replication With Divergent and Corrupt Partner"=dword:00000001
                  Just copy the above text paste into a Notepad and save it with a .reg extension. Obviously you can name the file anything you want but it must have the .reg extension. Alternatively you can navigate to through the Registry to that key and manually edit it.

                  If it is tombstoned then dword:00000001 will read dword:00000000
                  1 1 was a racehorse.
                  2 2 was 1 2.
                  1 1 1 1 race 1 day,
                  2 2 1 1 2

                  Comment


                  • #10
                    Originally posted by biggles77 View Post
                    What does this mean?
                    Did you have Tombstone set to invoke after 60 because Server 2003 default for Tombstone was 180 days. If you can't use the backup because it has been tombstoned then there is a simple registry hack that will untombstone that very old backup.

                    Code:
                    Windows Registry Editor Version 5.00
                    
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
                    
                    "Allow Replication With Divergent and Corrupt Partner"=dword:00000001
                    Just copy the above text paste into a Notepad and save it with a .reg extension. Obviously you can name the file anything you want but it must have the .reg extension. Alternatively you can navigate to through the Registry to that key and manually edit it.

                    If it is tombstoned then dword:00000001 will read dword:00000000
                    thank you everyone ..i create new domain
                    still face some problems... but thanks for your efforts

                    Comment


                    • #11
                      If you still have issue you are having trouble resolving then please post back here and perhaps create a new thread so these issues are associated with the tombstone one, assuming of course that the issue isn't a tombstone one.
                      1 1 was a racehorse.
                      2 2 was 1 2.
                      1 1 1 1 race 1 day,
                      2 2 1 1 2

                      Comment

                      Working...
                      X