• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1605
  • Last Modified:

server 2008 dcpromo fail

I am trying to promote a member server to DC (Windows 2008 Std. r2) dcdiag passes but dcpromo fails; This is the first server in a new site of an existing domain.

C:\Users\administrator.[DomainName]>dcdiag /test:dcpromo /dnsdomain:[DomainName].local /ReplicaDC
   Starting test: DcPromo
      The DNS configuration is sufficient to allow this computer to be promoted
      as a replica domain controller in the [domainName].local domain.

      Messages logged below this line indicate whether this domain controller
      will be able to dynamically register DNS records required for the
      location of this DC by other devices on the network. If any
      misconfiguration is detected, it might prevent dynamic DNS registration
      of some records, but does not prevent successful completion of the Active
      Directory Domain Services Installation Wizard. However, we recommend
      fixing the reported problems now, unless you plan to manually update the
      DNS database.

      DNS configuration is sufficient to allow this domain controller to
      dynamically register the domain controller Locator records in DNS.

      The DNS configuration is sufficient to allow this computer to dynamically
      register the A record corresponding to its DNS name.

      ......................... [ServerName] passed test DcPromo

When I run dcpromo I get the following error;

Active Directory Domain Services Installation Wizard

The Wizard cannot gain access to the list ofdomains in the forest.

This condition may be caused by a DNS lookup problem. For information
about troubleshooting common DNS lookup problems, please see the
Following Microsoft Website.

The error is:

The RPC server is unavailable.

All RPC services are started in services.msc
ran ipconfig /flushdns and ipconfig /registerdns on both servers. The A record for the server I'm trying to promote is there on the primary DNS server.
created in/out rules in Windows Firewall allowing traffic between subnets. Can ping by name and IP. Have Googled Technet for troubleshooting.
Looking for ideas.
  • 2
  • 2
  • 2
  • +1
2 Solutions
Mohamed ElManakhlyInfrastructure Team LeaderCommented:
try running the below commands from the member server

telnet Primary_DC_IP 135
telnet Primary_DC_IP 389

whats the results
run dcpromo /forceremoval
do a Metadata Cleanup and you are done.
Mohamed ElManakhlyInfrastructure Team LeaderCommented:
@K-H , He is Promoting not Demoting a DC
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

When you to the promote, make sure the machine to be a DC has the root DC as it's first DNS server in the network config, if you have other DC's you can make then secondary

That way you know that the new DC can see the DNS server correctly for the promotion.

That may help.


rettif9ManagerAuthor Commented:
@ M-Manakhly &FdpxAP-GJL

I tried to run the telnet command after installing telnet client and server on both machines. The result was typical of bad syntax. I got a list of available commands.

Allow me to take a moment to provide a little information

Site A 192.168.2.x
Site B 192.168.1.x

subnets and site link configured in AD Sites and Services

member server is in Site B with IP of (server 3)
original 2003 std. server 1 is in Site A with IP of (server 1)
recently added 2008 server r2 is in Site A with IP of (server 2)

Server 1&2 host DNS and DHCP and are both DCs

TCP/IP config in server 3 lists DNS servers as server2 then server1

ISP is T-1 for both sites currently. both sites have x.x.x.254 gateway to internet
There is an MPLS connection between sites which uses x.x.x.253 on both ends. I can ping in both directions by name and by IP. That's all working properly.

@ K-H

The error happens fairly early in the promotion process but I have had several failed promotions now. A fresh start isn't out of the question but I would like to discover the cause of the error first.
Any luck getting it going?

Have you set in the network config of the new DC (server 3) the dns servers as server 1 & server 2?

That way if it does dns look up it looking at the servers with ad integrated DNS.,


rettif9ManagerAuthor Commented:
@ Gordon

I eventually took the new DC to the site where the other DCs are located. Once there the promotion went without a hitch. I then took the new DC back to the new site and waited for replication which failed each time. The sites were connected by a T1 MPLS connection which was used for other purposes successfully. I tried running replication during off-peak hours but it didn't help. Replsum indicated failure in both directions. The customer eventually switched to Cable 30 by 5 with a Sonic Wall VPN between sites and everything works smoothly now. I guess T1 isn't as fast as it used to be. ;) Thanks to all for the attention.

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now