Solved

Server 2008 AD Errors showing after running DCPROMO

Posted on 2010-08-17
7
583 Views
Last Modified: 2012-06-27
I have Event ID's 1925 and 1645 showing in my error logs on a new 2008 server that I have just promoted on a 2003 network ready to demote old domain controllers.

Event 1925: The attempt to establish a replication link for the following writable directory failed.

The target account name is incorrect.

Event 1645: ADDS did not perform an authenticated RPC to another directory server because the SPN for the destination directory is not registered on the KDC domain controller than resolves the SPN.

Any advice would be appreciate as Ive spent several hours researching this issue with no luck... I suspect the issues are down to one DC and I'd demote it except I get 'target account name is incorrect' ...

I've spent most of the day checking / tidying up DNS which now seems to be fine.
0
Comment
Question by:Mr_OCD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 

Accepted Solution

by:
Mr_OCD earned 0 total points
ID: 33455767
I've run dcdiag /fix on all DC's and ensured DNS is working ok.

Still getting some strange errors so decided to try demoting the DC again and it has worked this time... So I'm going to leave this as a member server for now.
0
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33456471
Did you confirm that it got promoted properly and Sysvol was shared?
Sometime it takes more than one hour to establish replication links, you can check sites and Services to see the link created or not
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33457984
Run dcdiag then post results.

If you want to remove the DC you can run dcpromo /forceremoval then run metadata cleanup on a existing DC to remove metadata from the failed DC,.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:Mr_OCD
ID: 33463371
DCDIAG passes all tests now with the exception of: SystemLog

... could not be retrieved, error 0x3afc
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33464320
That is most likely an old event
0
 

Author Comment

by:Mr_OCD
ID: 33464384
Ok thanks.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33464412
What did you do to fix the issue?
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question