[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

adprep /rodcprep errors

Posted on 2011-02-17
6
Medium Priority
?
2,947 Views
Last Modified: 2012-05-11
I'm trying to install a Server 2008 DC into our domain.  All the current DCs are running Server 2003, so I am trying to prepare the domain to accept a 2008 DC.  The forestprep and domainprep ran successfully.  When I try to run adprep /rodcprep on the current DC that has the FSMO roles, I get the errors below.  I have already tried the script in this MS KB article:
http://support.microsoft.com/kb/949257
The FSMO roles all appear to be assigned correctly, and when I went back through another metadata cleanup process, I didn't find anything that needed to be removed.  Any suggestions for where to go from here would be greatly appreciated, as I am far from being an AD expert.
---------------
Adprep connected to the domain FSMO: 2701print.nstarmpls.mds.

============================================================================
Adprep found partition DC=DomainDnsZones,DC=nstarmpls,DC=mds, and is about to update the permissions.

Adprep could not contact a replica for partition DC=DomainDnsZones,DC=nstarmpls,DC=mds.

Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).

Adprep failed the operation on partition DC=DomainDnsZones,DC=nstarmpls,DC=mds.
Skipping to next partition.
=============================================================================
=============================================================================
Adprep found partition DC=ForestDnsZones,DC=nstarmpls,DC=mds, and is about to update the permissions.

Adprep could not contact a replica for partition DC=ForestDnsZones,DC=nstarmpls,DC=mds.

Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).

Adprep failed the operation on partition DC=ForestDnsZones,DC=nstarmpls,DC=mds.
Skipping to next partition.
=============================================================================

Adprep detected the operation on partition DC=nstarmpls,DC=mds has been performed. Skipping to next partition.
=============================================================================

Adprep completed with errors. Not all partitions are updated. See the ADPrep.log
 in the C:\WINDOWS\debug\adprep\logs\20110217134132 directory for more information.

To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group.  If that is not the case, please correct the problem, and then restart Adprep.
0
Comment
Question by:boyerm25
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34919904
Have you looked at this article   http://support.microsoft.com/kb/949257

Out of curiosity are you planning to deploy RODCs?

thanks

Mike
0
 
LVL 2

Author Comment

by:boyerm25
ID: 34919978
Yes, I have already looked at that KB article (please see original post for more details).  We may be deploying RODCs, as we have several domain controllers in branch offices.
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 2000 total points
ID: 34921556
I participated in a thread with a similar problem. The problem was a broken delegation and a tombstoned DC.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_26753153.html

If the KB didn't help you I guess a DCDIAG might give you some hints.
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34922370
0
 
LVL 2

Author Comment

by:boyerm25
ID: 34926229
DCDiag led me to some FRS errors on one of my branch office domain controllers.  I've fixed those.  I also realized that I may not have run the script from the MS article on both of the partitions that were showing up in my errors, so I ran it again.  I'm now giving everything some time to replicate and I'll see what happens then.
0
 
LVL 2

Author Comment

by:boyerm25
ID: 34927076
Ok, after giving it a couple of hours to replicate, it all works now.  Thanks for the suggestions!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question