Windows Server 2003
--
Questions
--
Followers
Top Experts
Cannot join additional domain, create child domain or new tree in existing forest
My problem is as following:
1. I created a new Windows Server 2003 R2 Standard Edition in Mainland.
I "dcpromo" it as a Child Domain or New Tree in existing forest via VPN.
But it shows the error in the attachment "Child Domain from Branch.jpg".
2. I created a new Windows Server 2003 R2 Standard Edition in Hong Kong
Virtual Machine. I "dcpromo" it as a additional Domain Controller in the
exisiting forest domain. But it alsow shows the error in the attachment
"Additional Domain Controller in VM.jpg"
I am sure that my account has Enterprise Admin and Schema Admin. DNS setting is correct.
Additional-Domain-Controller-in-.JPG
Child-Domain-from-Branch.JPG
1. I created a new Windows Server 2003 R2 Standard Edition in Mainland.
I "dcpromo" it as a Child Domain or New Tree in existing forest via VPN.
But it shows the error in the attachment "Child Domain from Branch.jpg".
2. I created a new Windows Server 2003 R2 Standard Edition in Hong Kong
Virtual Machine. I "dcpromo" it as a additional Domain Controller in the
exisiting forest domain. But it alsow shows the error in the attachment
"Additional Domain Controller in VM.jpg"
I am sure that my account has Enterprise Admin and Schema Admin. DNS setting is correct.
Additional-Domain-Controller-in-.JPG
Child-Domain-from-Branch.JPG
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Looks like you are creating DC using R2 version of Windows - have you updated the Windows Schema to support R2??
If you haven't then you will not be able to add an R2 based DC
If you have added R2 schema then try the following before doing DC promo:
1. test dns connectivity by running > netdiag /test:dns
2. verify communications with existing DCs > netdiag /test:dsgetdc
3. verify connecitivity to existing FSMO servers - you will need to point this to existing DC >
dcdiag /s: domaincontroller /test:knowsofroleholders /v
dcdiag /s: domaincontroller /test:fsmocheck
4. Ensure subnet that you are installing DC into is listed in a Site within Sites and Services
If you haven't then you will not be able to add an R2 based DC
If you have added R2 schema then try the following before doing DC promo:
1. test dns connectivity by running > netdiag /test:dns
2. verify communications with existing DCs > netdiag /test:dsgetdc
3. verify connecitivity to existing FSMO servers - you will need to point this to existing DC >
dcdiag /s: domaincontroller /test:knowsofroleholders /v
dcdiag /s: domaincontroller /test:fsmocheck
4. Ensure subnet that you are installing DC into is listed in a Site within Sites and Services
In fact, I search over the Google and this experts-exchange knowledge library. I found that one question is very similar to me in experts-exchange knowledge library. But the Author said that he found the Microsoft directly. Then, the Author does not write any solution.
It seems a very complicated problem! Hope any expert can help me!
It seems a very complicated problem! Hope any expert can help me!
looking at the errors, and considering that you had checked the settings of DNS and the FSMo roles.
Could you also check the following Domain controller policy and ADD administrator if not already added to the following:
Access this computer from the network.
enable compouter and user accounts to be trusted for delegation.
also for Dc promotion issue you could also check the dcpromo.log file.
Could you also check the following Domain controller policy and ADD administrator if not already added to the following:
Access this computer from the network.
enable compouter and user accounts to be trusted for delegation.
also for Dc promotion issue you could also check the dcpromo.log file.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
1/17 11:16:46 [INFO] Promotion request for domain controller of new domain
01/17 11:16:46 [INFO] DnsDomainName yfgj.kck.com.hk
01/17 11:16:46 [INFO] FlatDomainName YFGJ0
01/17 11:16:46 [INFO] SiteName (NULL)
01/17 11:16:46 [INFO] SystemVolumeRootPath C:\WINDOWS\SYSVOL
01/17 11:16:46 [INFO] DsDatabasePath C:\WINDOWS\NTDS, DsLogPath C:\WINDOWS\NTDS
01/17 11:16:46 [INFO] ParentDnsDomainName kck.com.hk
01/17 11:16:46 [INFO] ParentServer (NULL)
01/17 11:16:46 [INFO] Account KCK.COM.HK\administrator
01/17 11:16:46 [INFO] Options 192
01/17 11:16:46 [INFO] Validate supplied paths
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\NTDS.
01/17 11:16:46 [INFO] Path is a directory
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\NTDS.
01/17 11:16:46 [INFO] Path is a directory
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\SYSVOL.
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Path is on an NTFS volume
01/17 11:16:46 [INFO] Child domain creation -- check the new domain name is child of parent domain name.
01/17 11:16:46 [INFO] Domain Creation -- check that the flat name is unique.
01/17 11:16:51 [INFO] Start the worker task
01/17 11:16:51 [INFO] Request for promotion returning 0
01/17 11:16:51 [INFO] No source DC or no site name specified. Searching for dc in domain kck.com.hk: ( DS_REQUIRED | WRITABLE )
01/17 11:16:51 [INFO] Searching for a domain controller for the domain kck.com.hk
01/17 11:16:51 [INFO] Located domain controller kck.com.hk for domain (null)
01/17 11:16:51 [INFO] No user specified source DC
01/17 11:16:51 [INFO] No user specified site
01/17 11:16:51 [INFO] Using site YF for server kck.com.hk
01/17 11:16:51 [INFO] Forcing a time synch with \\hkpdc.kck.com.hk
01/17 11:16:51 [ERROR] Failed to get the current time on \\hkpdc.kck.com.hk: 5
01/17 11:16:51 [ERROR] NON-FATAL error forcing a time sync (5). Ignoring
01/17 11:16:52 [INFO] Reading domain policy from the domain controller \\hkpdc.kck.com.hk
01/17 11:16:52 [INFO] Stopping service NETLOGON
01/17 11:16:52 [INFO] Stopping service NETLOGON
01/17 11:16:52 [INFO] Configuring service NETLOGON to 1 returned 0
01/17 11:16:52 [INFO] Stopped NETLOGON
01/17 11:16:52 [INFO] Creating the System Volume C:\WINDOWS\SYSVOL
01/17 11:16:52 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL
01/17 11:16:57 [INFO] Preparing for system volume replication using root C:\WINDOWS\SYSVOL
01/17 11:16:57 [INFO] Created the system volume
01/17 11:16:57 [INFO] Copying initial Directory Service database file C:\WINDOWS\system32\ntds.d
01/17 11:16:58 [INFO] Installing the Directory Service
01/17 11:16:58 [INFO] Calling NtdsInstall for yfgj.kck.com.hk
01/17 11:16:58 [INFO] Starting Active Directory installation
01/17 11:16:58 [INFO] Validating user supplied options
01/17 11:16:58 [INFO] Determining a site in which to install
01/17 11:16:58 [INFO] Examining an existing Active Directory forest
01/17 11:16:59 [INFO] Configuring the local domain controller to host Active Directory
01/17 11:17:07 [INFO] Replicating the schema directory partition
01/17 11:17:08 [INFO] Error - Active Directory could not replicate the directory partition CN=Schema,CN=Configuration
01/17 11:17:09 [INFO] NtdsInstall for yfgj.kck.com.hk returned 5
01/17 11:17:09 [INFO] DsRolepInstallDs returned 5
01/17 11:17:09 [ERROR] Failed to install the directory service (5)
01/17 11:17:15 [INFO] The attempted domain controller operation has completed
01/17 11:17:15 [INFO] DsRolepSetOperationDone returned 0
01/17 11:16:46 [INFO] DnsDomainName yfgj.kck.com.hk
01/17 11:16:46 [INFO] FlatDomainName YFGJ0
01/17 11:16:46 [INFO] SiteName (NULL)
01/17 11:16:46 [INFO] SystemVolumeRootPath C:\WINDOWS\SYSVOL
01/17 11:16:46 [INFO] DsDatabasePath C:\WINDOWS\NTDS, DsLogPath C:\WINDOWS\NTDS
01/17 11:16:46 [INFO] ParentDnsDomainName kck.com.hk
01/17 11:16:46 [INFO] ParentServer (NULL)
01/17 11:16:46 [INFO] Account KCK.COM.HK\administrator
01/17 11:16:46 [INFO] Options 192
01/17 11:16:46 [INFO] Validate supplied paths
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\NTDS.
01/17 11:16:46 [INFO] Path is a directory
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\NTDS.
01/17 11:16:46 [INFO] Path is a directory
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Validating path C:\WINDOWS\SYSVOL.
01/17 11:16:46 [INFO] Path is on a fixed disk drive.
01/17 11:16:46 [INFO] Path is on an NTFS volume
01/17 11:16:46 [INFO] Child domain creation -- check the new domain name is child of parent domain name.
01/17 11:16:46 [INFO] Domain Creation -- check that the flat name is unique.
01/17 11:16:51 [INFO] Start the worker task
01/17 11:16:51 [INFO] Request for promotion returning 0
01/17 11:16:51 [INFO] No source DC or no site name specified. Searching for dc in domain kck.com.hk: ( DS_REQUIRED | WRITABLE )
01/17 11:16:51 [INFO] Searching for a domain controller for the domain kck.com.hk
01/17 11:16:51 [INFO] Located domain controller kck.com.hk for domain (null)
01/17 11:16:51 [INFO] No user specified source DC
01/17 11:16:51 [INFO] No user specified site
01/17 11:16:51 [INFO] Using site YF for server kck.com.hk
01/17 11:16:51 [INFO] Forcing a time synch with \\hkpdc.kck.com.hk
01/17 11:16:51 [ERROR] Failed to get the current time on \\hkpdc.kck.com.hk: 5
01/17 11:16:51 [ERROR] NON-FATAL error forcing a time sync (5). Ignoring
01/17 11:16:52 [INFO] Reading domain policy from the domain controller \\hkpdc.kck.com.hk
01/17 11:16:52 [INFO] Stopping service NETLOGON
01/17 11:16:52 [INFO] Stopping service NETLOGON
01/17 11:16:52 [INFO] Configuring service NETLOGON to 1 returned 0
01/17 11:16:52 [INFO] Stopped NETLOGON
01/17 11:16:52 [INFO] Creating the System Volume C:\WINDOWS\SYSVOL
01/17 11:16:52 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL
01/17 11:16:57 [INFO] Preparing for system volume replication using root C:\WINDOWS\SYSVOL
01/17 11:16:57 [INFO] Created the system volume
01/17 11:16:57 [INFO] Copying initial Directory Service database file C:\WINDOWS\system32\ntds.d
01/17 11:16:58 [INFO] Installing the Directory Service
01/17 11:16:58 [INFO] Calling NtdsInstall for yfgj.kck.com.hk
01/17 11:16:58 [INFO] Starting Active Directory installation
01/17 11:16:58 [INFO] Validating user supplied options
01/17 11:16:58 [INFO] Determining a site in which to install
01/17 11:16:58 [INFO] Examining an existing Active Directory forest
01/17 11:16:59 [INFO] Configuring the local domain controller to host Active Directory
01/17 11:17:07 [INFO] Replicating the schema directory partition
01/17 11:17:08 [INFO] Error - Active Directory could not replicate the directory partition CN=Schema,CN=Configuration
01/17 11:17:09 [INFO] NtdsInstall for yfgj.kck.com.hk returned 5
01/17 11:17:09 [INFO] DsRolepInstallDs returned 5
01/17 11:17:09 [ERROR] Failed to install the directory service (5)
01/17 11:17:15 [INFO] The attempted domain controller operation has completed
01/17 11:17:15 [INFO] DsRolepSetOperationDone returned 0
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
I run the time sync command by w32tm /resync. I am sure that the time sync is correct.
Furthermore, as all servers are Windows 2003 R2, it seems that no need to implement the R2 schema preparation, right?
Furthermore, as all servers are Windows 2003 R2, it seems that no need to implement the R2 schema preparation, right?
SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Windows Server 2003
--
Questions
--
Followers
Top Experts
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).