?
Solved

Active Directory Installation Error

Posted on 2009-02-12
11
Medium Priority
?
979 Views
Last Modified: 2012-05-06
Hi All,

I'm receiving an error message when installing active directory. Im adding another domain controller in an existing domain and Im getting:
Active directory installation failed. The operation failed because: Failed to configure the service kdc has requested. "The specified service does not exist as an installed service."

Any help would be greatly appreciated,

Thanks in Advance
0
Comment
Question by:Noyan Gonulsen
  • 6
  • 3
  • 2
11 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 23626497
Does it list the service Kerberos Key Distribution Center has requested? Do you see any errors related to this in event viewer or in any dcpromo logs? Use the link below to read up on the logging habits of dcpromo:

http://support.microsoft.com/kb/265090

The DCpromo log is location in %SystemRoot%\Debug
0
 
LVL 3

Expert Comment

by:chrishudson123
ID: 23630587
check the following in running DC
1)Replication
2)Sysvol shared or not
3)Name resolution from the new server

If all these are fine ,check whether "clients for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks" is installed.

Update Ur server latest service apck
0
 
LVL 1

Author Comment

by:Noyan Gonulsen
ID: 23633141
Hi Jmoody10,

I've looked in the dcpromo log and recieved this error:
 OpenService on kdc failed with 1060
02/13 09:27:05 [INFO] Configuring service kdc to 16 returned 1060
02/13 09:27:05 [INFO] Error - Failed to configure the service kdc as requested
 (1060)
02/13 09:27:05 [INFO] OpenService on RPCLOCATOR failed with 5
02/13 09:27:05 [INFO] Configuring service RPCLOCATOR to 0 returned 5
02/13 09:27:05 [INFO] OpenService on IsmServ failed with 5
02/13 09:27:05 [INFO] Configuring service IsmServ to 0 returned 5
02/13 09:27:05 [INFO] OpenService on kdc failed with 1060
02/13 09:27:05 [INFO] Configuring service kdc to 0 returned 1060
02/13 09:27:05 [ERROR] Failed to configure domain controller services (1060)

What I'm trying to accomplish is:
I have a DC in a remote site (I believe to be orphaned). It's the only site that's not replicating properly
I'm trying to setup a dc to ship out there
Once out there, I wanted to remove ad off the orphaned DC (If I have any issue I have the new dc waiting).
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:Noyan Gonulsen
ID: 23633196
Hey Chris,

The only issue is that the replication is not happening to one dc in a remote site. All other dc's in other sites are fine.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 23634988
Before I start looking further into this, is your  domain server 2003 or 2008?
0
 
LVL 1

Author Comment

by:Noyan Gonulsen
ID: 23635055
It's server 2000
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 23635175
Sad. I was hoping you were using server 2008. Ok. I will see what I kind find about this error.
0
 
LVL 3

Expert Comment

by:chrishudson123
ID: 23639658
could you send me DCpromo log and netmon trace while running dcpromo.From your side first check, from  which DC this new server is trying to pull data.You will see in DCpromo log
In netmon trace first filter with "tcp.port==135",there you will see RPC Map response for NTDS API ,expand that tree and find the port number for replication.Filter with that port number so that u can see where it's failing.

I will always recommend to remove orphaned DC from domain before the DC promotion
http://support.microsoft.com/kb/216498
0
 
LVL 1

Author Comment

by:Noyan Gonulsen
ID: 23662928
Hey Chris,

Here is the dcpromo log file; ( i will run it again with the netmon trace running).
Interesting note when looking at the log file, irwin-server is only a GC while irwin-primary holds all the fsmo roles.

02/17 11:34:22 [INFO] Promotion request for replica domain controller
02/17 11:34:22 [INFO] DnsDomainName  irwin-ind.com
02/17 11:34:22 [INFO]       ReplicaPartner  (NULL)
02/17 11:34:22 [INFO]       SiteName  (NULL)
02/17 11:34:22 [INFO]       DsDatabasePath  C:\WINNT\NTDS, DsLogPath  C:\WINNT\NTDS
02/17 11:34:22 [INFO]       SystemVolumeRootPath  C:\WINNT\SYSVOL
02/17 11:34:22 [INFO]       Account irwin-ind.com\administrator
02/17 11:34:22 [INFO]       Options  196
02/17 11:34:22 [INFO] Validate supplied paths
02/17 11:34:22 [INFO] Validating path C:\WINNT\NTDS.
02/17 11:34:22 [INFO]       Path is a directory
02/17 11:34:22 [INFO]       Path is on a fixed disk drive.
02/17 11:34:22 [INFO] Validating path C:\WINNT\NTDS.
02/17 11:34:22 [INFO]       Path is a directory
02/17 11:34:22 [INFO]       Path is on a fixed disk drive.
02/17 11:34:22 [INFO] Validating path C:\WINNT\SYSVOL.
02/17 11:34:22 [INFO]       Path is on a fixed disk drive.
02/17 11:34:22 [INFO]       Path is on an NTFS volume
02/17 11:34:22 [INFO] Start the worker task
02/17 11:34:22 [INFO] Request for promotion returning 0
02/17 11:34:22 [INFO] Searching for a domain controller for the domain irwin-ind.com that contains the account CALGARYSERVER$

02/17 11:34:22 [INFO] Located domain controller irwin-server.irwin-ind.com for domain irwin-ind.com

02/17 11:34:22 [INFO] Using site Richmondhill for server \\irwin-server.irwin-ind.com

02/17 11:34:22 [INFO] Forcing time sync
02/17 11:34:22 [INFO] Forcing a time synch with \\irwin-server.irwin-ind.com

02/17 11:34:23 [INFO] Setting machine account to be DC
02/17 11:34:23 [INFO] Configuring the server account

02/17 11:34:23 [INFO] Searching for the machine account for CALGARYSERVER$ on \\irwin-server.irwin-ind.com...
02/17 11:34:23 [INFO] Configuring the server account

02/17 11:34:23 [INFO] NtdsSetReplicaMachineAccount returned 0
02/17 11:34:23 [INFO] Previous location of account CALGARYSERVER$ to CN=CALGARYSERVER,CN=Computers,DC=irwin-ind,DC=com
02/17 11:34:23 [INFO] Stopping service NETLOGON

02/17 11:34:23 [INFO] Stopping service NETLOGON

02/17 11:35:23 [INFO] Configuring service NETLOGON to 1 returned 0
02/17 11:35:23 [INFO] Deleting current sysvol path C:\WINNT\SYSVOL
02/17 11:35:34 [INFO] Copying initial Directory Service database file C:\WINNT\system32\ntds.dit to C:\WINNT\NTDS\ntds.dit

02/17 11:35:37 [INFO] Installing the Directory Service

02/17 11:35:37 [INFO] Calling NtdsInstall for irwin-ind.com
02/17 11:35:37 [INFO] Starting the Directory Service installation
02/17 11:35:37 [INFO] Validating user supplied options
02/17 11:35:37 [INFO] Determining local site to enter
02/17 11:35:37 [INFO] Examining existing Enterprise Directory Service
02/17 11:35:37 [INFO] Starting a replication cycle between irwin-server.irwin-ind.com and irwin-primary.irwin-ind.com, the RID FSMO, so that the new replica will be able to create security principals.
02/17 11:35:38 [INFO] Configuring the local server to host the Directory Service
02/17 11:35:50 [INFO] Creating the ntdsa object for this server on irwin-server.irwin-ind.com.
02/17 11:35:50 [INFO] Replicating the Directory Service schema container
02/17 11:35:56 [INFO] Replicating CN=Schema,CN=Configuration,DC=irwin-ind,DC=com: received 536 out of 902 objects.
02/17 11:36:01 [INFO] Replicating CN=Schema,CN=Configuration,DC=irwin-ind,DC=com: received 1007 out of 902 objects.
02/17 11:36:02 [INFO] Replicating the Directory Service configuration container
02/17 11:36:08 [INFO] Replicating CN=Configuration,DC=irwin-ind,DC=com: received 536 out of 2163 objects.
02/17 11:36:13 [INFO] Replicating CN=Configuration,DC=irwin-ind,DC=com: received 1071 out of 2163 objects.
02/17 11:36:17 [INFO] Replicating CN=Configuration,DC=irwin-ind,DC=com: received 1124 out of 2163 objects.
02/17 11:36:17 [INFO] Replicating critical domain information
02/17 11:36:28 [INFO] Creating new domain security principals
02/17 11:36:29 [INFO] The Directory Service install is completing
02/17 11:36:29 [INFO] NtdsInstall for irwin-ind.com returned 0
02/17 11:36:29 [INFO] DsRolepInstallDs returned 0
02/17 11:36:29 [INFO] Setting AccountDomainInfo to:
02/17 11:36:29 [INFO]       Domain: IRWIN
02/17 11:36:29 [INFO]       Sid:  S-1-5-21-1008472541-494805893-1845911597
02/17 11:36:30 [INFO] Setting the LSA policy information from policy \\irwin-server.irwin-ind.com

02/17 11:36:30 [INFO] Setting Lsa policy 12 returned 0x0
02/17 11:36:30 [INFO] Setting Efs policy from \\irwin-server.irwin-ind.com returned 0x0
02/17 11:36:30 [INFO] DsRolepSetRegStringValue on SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\Auth2 to RASSFM returned 0
02/17 11:36:30 [INFO] Configuring service RPCLOCATOR

02/17 11:36:30 [INFO] Configuring service RPCLOCATOR to 16 returned 0
02/17 11:36:30 [INFO] Configuring service IsmServ

02/17 11:36:31 [INFO] Configuring service IsmServ to 16 returned 0
02/17 11:36:31 [INFO] OpenService on kdc failed with 1060
02/17 11:36:31 [INFO] Configuring service kdc to 16 returned 1060
02/17 11:36:31 [INFO] Error - Failed to configure the service kdc as requested
 (1060)
02/17 11:36:31 [INFO] OpenService on RPCLOCATOR failed with 5
02/17 11:36:31 [INFO] Configuring service RPCLOCATOR to 0 returned 5
02/17 11:36:31 [INFO] OpenService on IsmServ failed with 5
02/17 11:36:31 [INFO] Configuring service IsmServ to 0 returned 5
02/17 11:36:31 [INFO] OpenService on kdc failed with 1060
02/17 11:36:31 [INFO] Configuring service kdc to 0 returned 1060
02/17 11:36:31 [ERROR] Failed to configure domain controller services (1060)
02/17 11:36:46 [INFO] Starting service NETLOGON

02/17 11:36:46 [INFO] Configuring service NETLOGON to 2 returned 0
02/17 11:36:46 [INFO] Searching for the machine account for CALGARYSERVER$ on \\irwin-server.irwin-ind.com...
02/17 11:36:46 [INFO] Configuring the server account

02/17 11:36:46 [INFO] NtdsSetReplicaMachineAccount returned 0
02/17 11:36:46 [INFO] Attempted to move account CALGARYSERVER$ to CN=CALGARYSERVER,CN=Computers,DC=irwin-ind,DC=com
02/17 11:36:46 [INFO] The attempted domain controller operation has completed

02/17 11:36:46 [INFO] DsRolepSetOperationDone returned 0
0
 
LVL 1

Author Comment

by:Noyan Gonulsen
ID: 24705308
Hi All,

Sorry for not replying got pulled off this to work on different issues.
Still experiencing the same problem. I think I'm ready to break down and call MS {:-(
I will post the answer from MS.

Thanks again to everyone.
0
 
LVL 1

Accepted Solution

by:
Noyan Gonulsen earned 0 total points
ID: 25116223
Hi All,

Well it turns out that my Disk was corrupt which caused all the problems. They copied all the missing registry entries from a working DC. Once they did the import everything was fine.
Thanks everyone for the help.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question