Unable to promote member W2K Server to role of Domain Controller

Posted on 2005-04-16
Last Modified: 2010-04-14
I have a server that I need to promote to the role of domain controller, but 3 attempts have all failed. The error I get is that the account I am using doesn't appear to have sufficient rights or permissions (it doesn't say this exactly, but it rejects the account that I am using an prompts me for a different one). I have used the defatul administrator account as well as my secondary domain admin account with the same results.

Both accounts are memebers of the Enterprise Admins, Domain Admins, and Schema Admins groups. I thought there might be a value that needed to be set in a GPO but can't find any. Appreciate any help.
Question by:habanagold
    LVL 1

    Expert Comment

    try typing the username in format  domainname\administratorname

    Also make sure that you have your server's DNS pointing at a current DC of the domain.
    LVL 1

    Author Comment

    Well I did and that didn't seem to work. However, I did make some changes and finally got the problem resolved. I am going to post them tomorrow. Thanks for making the attempt.
    LVL 1

    Author Comment

    I was going to respond the other night but got into something else. I have solved this but I feel bad because I can't find my notes that helped. If memory serves, I did at least 2 things.

    First, the DNS info on the server I was trying to promote was all wrong which I corrected. Second, I had a custom domain policy and a custom domain controllers policy that I was employing and I disabled them in lieu of the default policies.

    I seem to remember doing something else but I can't recall it at the moment. I don't know if the above activities led to the resolution or not. However, I have successfully promoted the server in question. If I think of anything else I will post it before requesting refund of points.
    LVL 1

    Author Comment

    The same issue arose the other day and I found that adding the Everyone Group to the root with full permissions solved the problem. I had earlier removed the Everyone group in lieu of the Authenticated users group for better security. Adding the Everyone group back allowed the server to become a domain controller. Not sure if this is correct solution, but it worked.

    Accepted Solution

    Closed, 150 points refunded.

    Community Support Moderator

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    This post first appeared at Oracleinaction  ( Anju Garg (Myself). I  will demonstrate that undo for DML’s is stored both in undo tablespace and online redo logs. Then, we will analyze the reaso…
    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now