Link to home
Create AccountLog in
Avatar of akhalighi
akhalighiFlag for Canada

asked on

unbale tp add 2008 DC into existong 2003 AD over MPLS links

I am having issues with adding my first 2008 server into our existing 2003 AD. here is the scenario :

- 2003 SP2 domain enviornment with 3 existing servers in the same subnet in our main office
- 2008 standrad server is in a different subnet and conected through a 10 MB dedicated MPLS link to main office
- All protocols are allowed , no traffic on the link

Prepared existing 2003 enviornment by running /forestprep and /domianprep switches  
I was able to join this 2008 machine to our existing domain as a member , it's using existing DNS servers and can resolve all DNS names .
I log in as domain admin - no issues
I tested quality f link with a ping :  Ping -n 32 -l 8096 <hostname> and it was fine. no packet lost.
created  a new site and assigned to a 2008 subnet

Then I ran dcpromo on 2008 server to make it an additional domain controller ; it found existing forest , all DCs and started installation of domain controler but it
failed after a few minutes ; here is the error :

Active Directory Domain Services attempted to perform a remote procedure call (RPC) to the following server. The call timed out and was cancelled.




Call Timeout (Mins):


Thread ID:



Additional Data

Internal ID:


So I thought that RPC gets timesout ; created this registry key (on both 2003 and 2008 machines) : RPC Replication Timeout (mins) and set it to 45 min. Restrated both machines , still getting the same issue .


any suggestions ?

Avatar of LeDaouk
Flag of Lebanon image

Please check the time and date on both machines, if there's a diffrence in time you may have similiar issue.
Also, keep in min they you have to raise active directory level.
Avatar of Sigurdur Haraldsson
Avatar of mrbrain646

check make sure no software firewal is blocking ports 389 tcp.
Avatar of akhalighi


-Active directory level is already raised to 2003 (bothe domain and forest functional level)
- Restoring from media is not an option ; new DC is 2008 , existing DCs are 2003 . I also prefer to fix replication issue .  
- There is no firewalls that blocks port 389 TCP but I will double check.
I can telnet to port 389 from 2008 server to 2003 server , but other way around is not working.
the question is , why it keeps telling that the time out is 5 min. even after I set timeout value in registery and rebooted the servers...
Avatar of akhalighi
Flag of Canada image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
fixed it myslef.