Re: When you run Dcpromo.exe on Windows 2008 to create a replica domain controller, you receive a message "The operation failed because: A domain controller could not be contacted ... "Access is denied."
- From: "John Wu" <wuj@xxxxxxxxxxxxxxxxx>
- Date: Thu, 14 May 2009 23:09:09 -0700
thanks for your reply.
I found a work-around. I was attempting to do this on my LAN and the other
DC was in the DMZ. I moved the machine to the DMZ and it worked.
Some FW port rules not letting all the traffic through. I have to figure out
what that port is, because I could join the domain, but why DCPromo not
working? is a mystery.
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb662412a8cba3456387a023@xxxxxxxxxxxxxxxxxxxxxxx
Hello John,
Please post an unedited ipconfig /all from the existing and the new DC, so
we can exclude DNS as a problem. What account are you suing to promote the
new server?
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
In my attempts to create a replicadc on Windows 2008 server, I keep
getting the same error message - "Access is denied". The member server
has no problem joining the domain. And I've removed and re-joined
several times. Dynamic Updates are working and a host record is
created on AD Integrated DNS.
I also ran the DCDIAG test with dcpromo, and everything comes back
clean.
==============
C:\Windows\system32>hostname
vrwcprddc4
C:\Windows\system32>
C:\Windows\system32>dcdiag /dnsdomain:mylabcheck.com /test:dcpromo
/replicadc
Starting test: DcPromo
The DNS configuration is sufficient to allow this computer to be
promoted
as a replica domain controller in the mylabcheck.com domain.
Messages logged below this line indicate whether this domain
controller
will be able to dynamically register DNS records required for
the
location of this DC by other devices on the network. If any
misconfiguration is detected, it might prevent dynamic DNS
registration
of some records, but does not prevent successful completion of
the
Active
Directory Domain Services Installation Wizard. However, we
recommend
fixing the reported problems now, unless you plan to manually
update
the
DNS database.
DNS configuration is sufficient to allow this domain controller
to
dynamically register the domain controller Locator records in
DNS.
The DNS configuration is sufficient to allow this computer to
dynamically
register the A record corresponding to its DNS name.
......................... vrwcprddc4 passed test DcPromo
C:\Windows\system32>
====================
I found a KB article that makes reference to this issue, but I
couldn't follow it, since the steps were not clear with the group
policy mmc. http://support.microsoft.com/kb/232070
Any other ideas?
thanks,
John
.
- Follow-Ups:
- References:
- Prev by Date: Re: When you run Dcpromo.exe on Windows 2008 to create a replica domain controller, you receive a message "The operation failed because: A domain controller could not be contacted ... "Access is denied."
- Next by Date: Re: When you run Dcpromo.exe on Windows 2008 to create a replica domain controller, you receive a message "The operation failed because: A domain controller could not be contacted ... "Access is denied."
- Previous by thread: Re: When you run Dcpromo.exe on Windows 2008 to create a replica domain controller, you receive a message "The operation failed because: A domain controller could not be contacted ... "Access is denied."
- Next by thread: Re: When you run Dcpromo.exe on Windows 2008 to create a replica domain controller, you receive a message "The operation failed because: A domain controller could not be contacted ... "Access is denied."
- Index(es):
Relevant Pages
|
