Getting error while running dcpromo

I have 2 windows 2003 domain controllers and am trying to demote 1 but getting the following error when running the dcpromo

Active Directory Installation Failed
The operation failed because:
Managing the network session with the other domain failed
"The network path was not found. If this computer is connected to the network via a remote access service (RAS) connection, ensure that file and printer sharing for microsoft networks is enabled for that connection"

LVL 1
EpurchaseAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Netman66Commented:
We need a bit more info.

Is this a child DC to the first one?  Is this a peer in the same domain?  Is this a separate domain tree?

Are they on the same subnet?

Please be as detailed as you can - these errors can happen for a variety of reasons.  The clearer your picture, the faster we can get you the answer.

NM

0
EpurchaseAuthor Commented:
We already had windows 2003 domain controller A and then we added one more domain controller B just for the backup.
Now i am trying to demote domain controller A and keep only B. I can ping server B from server A and vice versa.
I am getting following error when running dcpromo from server A
The operation failed because:
Managing the network session with the domain B failed.

Please let me know if you need additional information.
0
Netman66Commented:
The thing that is throwing me off on providing an answer is your error - "Managing the network session with the domain B failed."

It says DOMAIN B - is it really in the same domain as A? or was the error supposed to read Domain Controller B?

Before you demote A, you will want to transfer all the FSMO roles over to B and also make B a Global Catalog server.

Here are instructions:

http://support.microsoft.com/default.aspx?scid=kb;en-us;324801


This is the same for 2003:

http://support.microsoft.com/default.aspx?scid=kb;en-us;313994


0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

EpurchaseAuthor Commented:
Server B is already Global catalog server and working fine with out server A. I brought down the server A and tested the server B as Global catalog now now i want to demote server A
0
Netman66Commented:
Did you move the FSMO roles to B yet?

You should do this manually to make absolutely certain they are alive and well on the new server before demoting A.

We can get A removed even with your error, however, I want to be sure everything has transitioned to the new server first.

0
EpurchaseAuthor Commented:
I am trying to do the following step but the change button in gred out or disabled. Please suggest

In the console tree, right-click Active Directory Schema, and then click Operations Master then Click Change.
0
EpurchaseAuthor Commented:
I have moved the FSMO roles to server B. Please let me know how i can demote the server A now?
0
Netman66Commented:
In order to move the Schemoa Role, you need to register a dll first, then use the Schema MMC.

Here's how:

http://support.microsoft.com/default.aspx?scid=kb;en-us;324801

The Schema how-to is the first section.

Once that is done wait about 2 hours, then run DCPROMO on server A to remove it from the domain gracefully.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
EpurchaseAuthor Commented:
I was able to move Schema role. I was not the part of the Shema Admin group that's why change option was not enabled.
Now i have transferred all the FSMO roles. I will wait for 2 hours and try to demote server A using DCpromo. i just tried dcpromo and it gave me the same error

Active Directory Installation Failed
The operation failed because:
Managing the network session with the other domain failed
"The network path was not found. If this computer is connected to the network via a remote access service (RAS) connection, ensure that file and printer sharing for microsoft networks is enabled for that connection"
0
Netman66Commented:
For the pupose of this demotion, you can add 2 entries to the HOSTS file on server A:

{IP of server B}     {FQDN of host B}

{IP of server B}     {NetBIOS domain name}

Thses should get you by.

0
EpurchaseAuthor Commented:
I have put the entries in HOSTS file but still getting the same error.
0
Netman66Commented:
Can you run the following command on that server and post?  The output will go into c:\dcdiag.txt

dcdiag /v > c:\dcdiag.txt

0
EpurchaseAuthor Commented:
Server A is SHS1 and Server B is SHSADS. I have run this on server A

=======================================
Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine shs1, is a DC.
   * Connecting to directory service on server shs1.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\SHS1
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... SHS1 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\SHS1
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         * Replication Site Latency Check
         ......................... SHS1 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions Check for
           DC=ForestDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=SHS,DC=local
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=SHS,DC=local
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=SHS,DC=local
            (Domain,Version 2)
         ......................... SHS1 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         ......................... SHS1 passed test NetLogons
      Starting test: Advertising
         The DC SHS1 is advertising itself as a DC and having a DS.
         The DC SHS1 is advertising as an LDAP server
         The DC SHS1 is advertising as having a writeable directory
         The DC SHS1 is advertising as a Key Distribution Center
         The DC SHS1 is advertising as a time server
         ......................... SHS1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         ......................... SHS1 passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 2103 to 1073741823
         * SHSADS.SHS.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1103 to 1602
         * rIDPreviousAllocationPool is 1103 to 1602
         * rIDNextRID: 1297
         ......................... SHS1 passed test RidManager
      Starting test: MachineAccount
         * SPN found :LDAP/shs1.SHS.local/SHS.local
         * SPN found :LDAP/shs1.SHS.local
         * SPN found :LDAP/SHS1
         * SPN found :LDAP/shs1.SHS.local/SHS
         * SPN found :LDAP/1a3d296c-7479-4462-850a-49bafa911ef7._msdcs.SHS.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a3d296c-7479-4462-850a-49bafa911ef7/SHS.local
         * SPN found :HOST/shs1.SHS.local/SHS.local
         * SPN found :HOST/shs1.SHS.local
         * SPN found :HOST/SHS1
         * SPN found :HOST/shs1.SHS.local/SHS
         * SPN found :GC/shs1.SHS.local/SHS.local
         ......................... SHS1 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
            IsmServ Service is stopped on [SHS1]
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... SHS1 failed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         SHS1 is in domain DC=SHS,DC=local
         Checking for CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local in domain DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local in domain CN=Configuration,DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... SHS1 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... SHS1 passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.
         An Warning Event occured.  EventID: 0x800034C4
            Time Generated: 12/03/2004   22:11:50
            Event String: The File Replication Service is having trouble

enabling replication from SHSADS to SHS1 for

c:\windows\sysvol\domain using the DNS name

SHSADS.SHS.local. FRS will keep retrying.

 Following are some of the reasons you would see

this warning.

 

 [1] FRS can not correctly resolve the DNS name

SHSADS.SHS.local from this computer.

 [2] FRS is not running on SHSADS.SHS.local.

 [3] The topology information in the Active

Directory for this replica has not yet replicated

to all the Domain Controllers.

 

 This event log message will appear once per

connection, After the problem is fixed you will

see another event log message indicating that the

connection has been established.
         ......................... SHS1 failed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... SHS1 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0xC0002713
            Time Generated: 12/03/2004   22:50:23
            Event String: Access denied attempting to launch a DCOM Server

using DefaultLaunchPermssion. The server is:

{00020906-0000-0000-C000-000000000046}

The user is ANONYMOUS LOGON/NT AUTHORITY,

SID=S-1-5-7.
         An Error Event occured.  EventID: 0xC0002713
            Time Generated: 12/03/2004   23:27:21
            Event String: Access denied attempting to launch a DCOM Server

using DefaultLaunchPermssion. The server is:

{00020906-0000-0000-C000-000000000046}

The user is ANONYMOUS LOGON/NT AUTHORITY,

SID=S-1-5-7.
         ......................... SHS1 failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)

         CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local and backlink on

         CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         The system object reference (frsComputerReferenceBL)

         CN=SHS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local are

         correct.
         The system object reference (serverReferenceBL)

         CN=SHS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on

         CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         ......................... SHS1 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : SHS
      Starting test: CrossRefValidation
         ......................... SHS passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... SHS passed test CheckSDRefDom
   
   Running enterprise tests on : SHS.local
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope

         provided by the command line arguments provided.
         ......................... SHS.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fc
         PDC Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         Time Server Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         Preferred Time Server Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         KDC Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         ......................... SHS.local passed test FsmoCheck
0
Netman66Commented:
It looks like File Replication Service is stopped on server B.

Check both servers and start FRS on whichever server is stopped.

Check DNS for the existance of records for server B.

Make sure both server A and B have only your DNS servers in the properties of the NIC.

Advise.
0
Netman66Commented:
Not all your roles have moved:

Role PDC Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

Server A still holds the PDC Emulator and Infrastructure Master.

0
Netman66Commented:
Intersite Messaging is not started on server SHS1

Checking Service: IsmServ
            IsmServ Service is stopped on [SHS1]
0
EpurchaseAuthor Commented:
- RFS was already started on both the servers
- Both the DNS servers have DNS entry for server B
- Both the servers have only internal DNS servers assigned. Means Server A DNS and Server B DNS
0
EpurchaseAuthor Commented:
i have also run the dcdiag on server B. why it's showing PDCname as shs1 as we already transferred all FSMO roles to SHSADS

===========================================
Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine SHSADS, is a DC.
   * Connecting to directory service on server SHSADS.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\SHSADS
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... SHSADS passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\SHSADS
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         * Replication Site Latency Check
         ......................... SHSADS passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions Check for
           DC=ForestDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=SHS,DC=local
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=SHS,DC=local
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=SHS,DC=local
            (Domain,Version 2)
         ......................... SHSADS passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         ......................... SHSADS passed test NetLogons
      Starting test: Advertising
         The DC SHSADS is advertising itself as a DC and having a DS.
         The DC SHSADS is advertising as an LDAP server
         The DC SHSADS is advertising as having a writeable directory
         The DC SHSADS is advertising as a Key Distribution Center
         The DC SHSADS is advertising as a time server
         The DS SHSADS is advertising as a GC.
         ......................... SHSADS passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         ......................... SHSADS passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 2103 to 1073741823
         * SHSADS.SHS.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1603 to 2102
         * rIDPreviousAllocationPool is 1603 to 2102
         * rIDNextRID: 1605
         ......................... SHSADS passed test RidManager
      Starting test: MachineAccount
         * SPN found :LDAP/SHSADS.SHS.local/SHS.local
         * SPN found :LDAP/SHSADS.SHS.local
         * SPN found :LDAP/SHSADS
         * SPN found :LDAP/SHSADS.SHS.local/SHS
         * SPN found :LDAP/57c17713-2bca-4b32-94ca-06af8d5b7809._msdcs.SHS.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/57c17713-2bca-4b32-94ca-06af8d5b7809/SHS.local
         * SPN found :HOST/SHSADS.SHS.local/SHS.local
         * SPN found :HOST/SHSADS.SHS.local
         * SPN found :HOST/SHSADS
         * SPN found :HOST/SHSADS.SHS.local/SHS
         * SPN found :GC/SHSADS.SHS.local/SHS.local
         ......................... SHSADS passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... SHSADS passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         SHSADS is in domain DC=SHS,DC=local
         Checking for CN=SHSADS,OU=Domain Controllers,DC=SHS,DC=local in domain DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local in domain CN=Configuration,DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... SHSADS passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... SHSADS passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... SHSADS passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... SHSADS passed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 12/04/2004   00:30:10
            Event String: Driver HP LaserJet 4200 PCL 6 required for

printer !!isservices!HP LaserJet 4200 PCL 6 is

unknown. Contact the administrator to install the

driver before you log in again.
         ......................... SHSADS failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)

         CN=SHSADS,OU=Domain Controllers,DC=SHS,DC=local and backlink on

         CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         The system object reference (frsComputerReferenceBL)

         CN=SHSADS,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on CN=SHSADS,OU=Domain Controllers,DC=SHS,DC=local are

         correct.
         The system object reference (serverReferenceBL)

         CN=SHSADS,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on

         CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         ......................... SHSADS passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : SHS
      Starting test: CrossRefValidation
         ......................... SHS passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... SHS passed test CheckSDRefDom
   
   Running enterprise tests on : SHS.local
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope

         provided by the command line arguments provided.
         ......................... SHS.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fc
         PDC Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         Time Server Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fc
         Preferred Time Server Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f9
         KDC Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fc
         ......................... SHS.local passed test FsmoCheck
0
Netman66Commented:
According to both DCs, the PDC and Infrastructure Masters are still on server A.

Log in as Enterprise Admin and try to move them again.  I think that article I posted has the steps for these two roles.

Advise.
0
EpurchaseAuthor Commented:
I am trying to transfer the Infrastructure role to SHSADS but getting following popup

SHSADS.SHS.LOCAL is a Global Catalog server. The Infrastructure operation master role should not be transferred to a GC server. Please see help for more information.

Are you centain you want to transfer the infrastructure operations master role to this GC server?

I have YES, NO and help buttons.

When i tried to do the same thing from SHS1 and get the following error

The following domain controller could not be contacted: SHSADS.SHS.Local.
The RPC server is unavailable
0
Netman66Commented:
Choose Yes.  You have a single domain and 1 DC so it's fine.

Make sure the time zone, time and daylight savings option is set properly on both DCs - the two servers must have the same time.

Run this:

netdiag /v > c:\netdiag.txt

Post the results.

0
EpurchaseAuthor Commented:
I am still unable to demote SHS1 and getting the same error.  I have run dcdiag.exe on shs1.

===================================
Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine shs1, is a DC.
   * Connecting to directory service on server shs1.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\SHS1
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... SHS1 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\SHS1
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         * Replication Site Latency Check
         ......................... SHS1 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions Check for
           DC=ForestDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=SHS,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=SHS,DC=local
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=SHS,DC=local
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=SHS,DC=local
            (Domain,Version 2)
         ......................... SHS1 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         ......................... SHS1 passed test NetLogons
      Starting test: Advertising
         The DC SHS1 is advertising itself as a DC and having a DS.
         The DC SHS1 is advertising as an LDAP server
         The DC SHS1 is advertising as having a writeable directory
         The DC SHS1 is advertising as a Key Distribution Center
         The DC SHS1 is advertising as a time server
         ......................... SHS1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=SHSADS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local
         ......................... SHS1 passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 2103 to 1073741823
         * SHSADS.SHS.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1103 to 1602
         * rIDPreviousAllocationPool is 1103 to 1602
         * rIDNextRID: 1297
         ......................... SHS1 passed test RidManager
      Starting test: MachineAccount
         * SPN found :LDAP/shs1.SHS.local/SHS.local
         * SPN found :LDAP/shs1.SHS.local
         * SPN found :LDAP/SHS1
         * SPN found :LDAP/shs1.SHS.local/SHS
         * SPN found :LDAP/1a3d296c-7479-4462-850a-49bafa911ef7._msdcs.SHS.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a3d296c-7479-4462-850a-49bafa911ef7/SHS.local
         * SPN found :HOST/shs1.SHS.local/SHS.local
         * SPN found :HOST/shs1.SHS.local
         * SPN found :HOST/SHS1
         * SPN found :HOST/shs1.SHS.local/SHS
         * SPN found :GC/shs1.SHS.local/SHS.local
         ......................... SHS1 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
            IsmServ Service is stopped on [SHS1]
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... SHS1 failed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         SHS1 is in domain DC=SHS,DC=local
         Checking for CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local in domain DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local in domain CN=Configuration,DC=SHS,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... SHS1 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... SHS1 passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... SHS1 passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... SHS1 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0xC0002713
            Time Generated: 12/04/2004   11:17:35
            Event String: Access denied attempting to launch a DCOM Server

using DefaultLaunchPermssion. The server is:

{00020906-0000-0000-C000-000000000046}

The user is ANONYMOUS LOGON/NT AUTHORITY,

SID=S-1-5-7.
         ......................... SHS1 failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)

         CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local and backlink on

         CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         The system object reference (frsComputerReferenceBL)

         CN=SHS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on CN=SHS1,OU=Domain Controllers,DC=SHS,DC=local are

         correct.
         The system object reference (serverReferenceBL)

         CN=SHS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=SHS,DC=local

         and backlink on

         CN=NTDS Settings,CN=SHS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SHS,DC=local

         are correct.
         ......................... SHS1 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : SHS
      Starting test: CrossRefValidation
         ......................... SHS passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... SHS passed test CheckSDRefDom
   
   Running enterprise tests on : SHS.local
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope

         provided by the command line arguments provided.
         ......................... SHS.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fd
         PDC Name: \\SHSADS.SHS.local
         Locator Flags: 0xe00001fd
         Time Server Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f8
         Preferred Time Server Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f8
         KDC Name: \\shs1.SHS.local
         Locator Flags: 0xe00003f8
         ......................... SHS.local passed test FsmoCheck
0
Netman66Commented:
Run DCPROMO /forceremoval

Follow this article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;332199


After you are done, follow this one:

http://support.microsoft.com/default.aspx?scid=kb;en-us;216498
0
EpurchaseAuthor Commented:
After demoting SHS1. I am getting following error when running windows update and also i am not able to login on domain. I have joined the domain though. I am getting this error when trying to login on domain. I can login with local administrator.

The system cannot log you on due to the following error:
The RPC server is unavailable.

Please try again or consult your administrator

Windows update error
===========================================
The Windows Update software did not update successfully. Below are some suggestions to help you proceed:
You may have clicked No when prompted to accept the Trust Certificate. To allow the Windows Update site software to install, click Yes when presented with the Security Warning dialog box.
Your Internet Explorer security settings may be set too high. To install the updated software and access Windows Update, Internet Explorer security must be set to medium or lower, and active scripting and the download and initialization of ActiveX controls must be enabled.

Note These are the default settings for Internet Explorer. For more information about Internet Explorer security and instructions on how to change your security settings, read Microsoft Knowledge Base (KB) Article Q174360.

Were these suggestions helpful? Send us your feedback.

0
sssconceptsCommented:
I can see the netlogon, print$ and sysvol shares but I cannot access them.

When I try to uninstall AD, I get the operation failed because:  Managing the network session failed.  The network path was not found.  Ensure that file and printer sharing for Microsoft Networks is enabled for that connection.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.