How can I fix this dcpromo error when adding a second DC to my domain?

I have a domain with 1 DC called "Servant" which runs Windows 2000 Advanced Server SP4
I would like to add a second DC running Windows 2003 R2 Standard Edition.

Before running dcpromo I prepared the w2k schema with the adprep tools. The DNS on SERVANT is DNS integrated and looks healthy.

Running dcpromo ends with this error box:
http://www.kanokbannasan.org/relocation/error.png

I am loggend in as the domain administrator and retried with the domain admin credentials without success. The administrator profile is a member of the Enterprise Admins group.

The relevant part of the DCPROMO.LOG file says this:

02/07 10:40:46 [INFO] Active Directory updated the schema cache.
02/07 10:40:46 [INFO] Replicating the configuration directory partition
02/07 10:40:50 [INFO] Replicating CN=Configuration,DC=OMF-Publishers,DC=local: received 1000 out of approximately 3424 objects
02/07 10:40:53 [INFO] Replicating CN=Configuration,DC=OMF-Publishers,DC=local: received 1755 out of approximately 3424 objects
02/07 10:40:53 [INFO] Replicated the configuration container.
02/07 10:40:54 [INFO] Error - The Active Directory Installation Wizard was unable to convert the computer account JAMES$ to a domain controller account. (5)
02/07 10:40:54 [INFO] NtdsInstall for OMF-Publishers.local returned 5
02/07 10:40:54 [INFO] DsRolepInstallDs returned 5
02/07 10:40:54 [ERROR] Failed to install to Directory Service (5)

Would be grateful for any help.
JannieTAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

top_rungCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
supportsCommented:
Add the administrators group to the "Enable Computer and User Accounts to be
trusted for Delegation" GPO setting of the Default Domain Controllers Policy

232070 "Access Denied" During Domain Controller Promotion
http://support.microsoft.com/?id=232070
0
JannieTAuthor Commented:
Thanks for the quick and accurate response. I actually looked at the microsoft KB article before I posted this question, but it was only after reading the EE post that I realised how I can get at the group policy editor to make the changes suggested.

Impressed.
0
top_rungCommented:
You are welcome, but obviously I can't take credit for the answer, only for digging it up for you ;).  Kudos to Netman66 and Simplyamazing.



0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.