server 2008 dcpromo fail

Posted on 2012-08-23
Last Modified: 2012-10-03
I am trying to promote a member server to DC (Windows 2008 Std. r2) dcdiag passes but dcpromo fails; This is the first server in a new site of an existing domain.

C:\Users\administrator.[DomainName]>dcdiag /test:dcpromo /dnsdomain:[DomainName].local /ReplicaDC
   Starting test: DcPromo
      The DNS configuration is sufficient to allow this computer to be promoted
      as a replica domain controller in the [domainName].local domain.

      Messages logged below this line indicate whether this domain controller
      will be able to dynamically register DNS records required for the
      location of this DC by other devices on the network. If any
      misconfiguration is detected, it might prevent dynamic DNS registration
      of some records, but does not prevent successful completion of the Active
      Directory Domain Services Installation Wizard. However, we recommend
      fixing the reported problems now, unless you plan to manually update the
      DNS database.

      DNS configuration is sufficient to allow this domain controller to
      dynamically register the domain controller Locator records in DNS.

      The DNS configuration is sufficient to allow this computer to dynamically
      register the A record corresponding to its DNS name.

      ......................... [ServerName] passed test DcPromo

When I run dcpromo I get the following error;

Active Directory Domain Services Installation Wizard

The Wizard cannot gain access to the list ofdomains in the forest.

This condition may be caused by a DNS lookup problem. For information
about troubleshooting common DNS lookup problems, please see the
Following Microsoft Website.

The error is:

The RPC server is unavailable.

All RPC services are started in services.msc
ran ipconfig /flushdns and ipconfig /registerdns on both servers. The A record for the server I'm trying to promote is there on the primary DNS server.
created in/out rules in Windows Firewall allowing traffic between subnets. Can ping by name and IP. Have Googled Technet for troubleshooting.
Looking for ideas.
Question by:rettif9
    LVL 13

    Accepted Solution

    try running the below commands from the member server

    telnet Primary_DC_IP 135
    telnet Primary_DC_IP 389

    whats the results
    LVL 4

    Expert Comment

    run dcpromo /forceremoval
    do a Metadata Cleanup and you are done.
    LVL 13

    Expert Comment

    @K-H , He is Promoting not Demoting a DC
    LVL 6

    Assisted Solution

    When you to the promote, make sure the machine to be a DC has the root DC as it's first DNS server in the network config, if you have other DC's you can make then secondary

    That way you know that the new DC can see the DNS server correctly for the promotion.

    That may help.


    LVL 7

    Author Comment

    @ M-Manakhly &FdpxAP-GJL

    I tried to run the telnet command after installing telnet client and server on both machines. The result was typical of bad syntax. I got a list of available commands.

    Allow me to take a moment to provide a little information

    Site A 192.168.2.x
    Site B 192.168.1.x

    subnets and site link configured in AD Sites and Services

    member server is in Site B with IP of (server 3)
    original 2003 std. server 1 is in Site A with IP of (server 1)
    recently added 2008 server r2 is in Site A with IP of (server 2)

    Server 1&2 host DNS and DHCP and are both DCs

    TCP/IP config in server 3 lists DNS servers as server2 then server1

    ISP is T-1 for both sites currently. both sites have x.x.x.254 gateway to internet
    There is an MPLS connection between sites which uses x.x.x.253 on both ends. I can ping in both directions by name and by IP. That's all working properly.

    @ K-H

    The error happens fairly early in the promotion process but I have had several failed promotions now. A fresh start isn't out of the question but I would like to discover the cause of the error first.
    LVL 6

    Expert Comment

    Any luck getting it going?

    Have you set in the network config of the new DC (server 3) the dns servers as server 1 & server 2?

    That way if it does dns look up it looking at the servers with ad integrated DNS.,


    LVL 7

    Author Comment

    @ Gordon

    I eventually took the new DC to the site where the other DCs are located. Once there the promotion went without a hitch. I then took the new DC back to the new site and waited for replication which failed each time. The sites were connected by a T1 MPLS connection which was used for other purposes successfully. I tried running replication during off-peak hours but it didn't help. Replsum indicated failure in both directions. The customer eventually switched to Cable 30 by 5 with a Sonic Wall VPN between sites and everything works smoothly now. I guess T1 isn't as fast as it used to be. ;) Thanks to all for the attention.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Don't lose your head updating email signatures!

    Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users should you!

    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
    To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now