The directory services is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles.
I doing migration of AD with DNS server 2008 R2 to windows server 2012. but after migration when I try to demote old DC of 2008 R2 it shows below error message.
"The operation failed because: Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForestDnsZones,DC=domai
"The directory services is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles."
dc-remove.jpg
DNS.png
"The operation failed because: Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForestDnsZones,DC=domai
"The directory services is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles."
dc-remove.jpg
DNS.png
Looks like you missed step 3 here.
http://greigmitchell.co.uk/guide-migrating-server-2008-r2-domain-controllers-to-server-2012/
Try this
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/847644e7-aee5-4d20-8bf8-497c359268fc
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/2b5269f3-8b45-4e2b-aa10-c78493bbb547
http://greigmitchell.co.uk/guide-migrating-server-2008-r2-domain-controllers-to-server-2012/
Try this
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/847644e7-aee5-4d20-8bf8-497c359268fc
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/2b5269f3-8b45-4e2b-aa10-c78493bbb547
I am assuming you are upgrading the OS from 2008 to 2012 by adding a new DC (Not Migration) and the forest name is not changed
So in this case this seems to be issue with connectivity ...
First post the dcdiag /q from 2012
repadmin /replsum from 2012
Then we would be able to conclude anything ...In worst case you will need to seize FSMO roles on 2012 server using below link
Seize FSMO role:
http://www.petri.co.il/seizing_fsmo_roles.htm
So in this case this seems to be issue with connectivity ...
First post the dcdiag /q from 2012
repadmin /replsum from 2012
Then we would be able to conclude anything ...In worst case you will need to seize FSMO roles on 2012 server using below link
Seize FSMO role:
http://www.petri.co.il/seizing_fsmo_roles.htm
I have successfully transferred FSMO roles to migrated 2012 DC. after transfer FSMO I have run command netdom query fsmo and it shows successfully.here i have attached file
fsmo.jpg
fsmo.jpg
My setup is as below
old server : win server 2008 r2 including Active Directory and DNS
plan for New server: win server 2012 with Active directory and DNS and used new hardware with upgraded one.
I have followed below url for the migration
http://www.msserverpro.com/migrating-active-directory-domain-controller-from-windows-server-2008-r2-to-windows-server-2012/
all steps done successfully but can not remove old dc with dc promo.
here I have attached test result of command dcdiag /q from 2012
repadmin /replsum from 2012
please give me solution asap as i stuck between....
dcdiag-and-repadmin-test-from-ne.jpg
old server : win server 2008 r2 including Active Directory and DNS
plan for New server: win server 2012 with Active directory and DNS and used new hardware with upgraded one.
I have followed below url for the migration
http://www.msserverpro.com/migrating-active-directory-domain-controller-from-windows-server-2008-r2-to-windows-server-2012/
all steps done successfully but can not remove old dc with dc promo.
here I have attached test result of command dcdiag /q from 2012
repadmin /replsum from 2012
please give me solution asap as i stuck between....
dcdiag-and-repadmin-test-from-ne.jpg
Here I have attached right screenshot of my test setup which shows all fsmo roles are transferred successfully. Though I have tried with seize FSMO but when i run this it shows transferred successfully no need to seize.
fsmo-result.jpg
fsmo-result.jpg
Further more I have checked dcdiag /q from 2012
repadmin /replsum from 2012 while put down old 2008 R2 DC. Than i will get test result as attached
dcdiag-test.jpg
repadmin /replsum from 2012 while put down old 2008 R2 DC. Than i will get test result as attached
dcdiag-test.jpg
Can you make an entry in DNS of the missing GUID (see attacment). Without porper GUID, AD will never replicate.
Regards,
Thomas
DNS---GUID.png
Regards,
Thomas
DNS---GUID.png
It seems to be dns issue make sure below practice is followed
Every DNS server should Point to its own IP as a primary DNS and DNS located in remote site as a secondary DNS in TCP/IP properties
All the unused NIC's to be disabled
Valid DNS Ip from ISP to be configuered in DNS forwarders Do not configuere local DNS in forwarders
Public DNS IP's Should not be used at any NIC Card except Forwarders
Domain Controllers should not be multi-homed
Running VPN server and RRas server makes the DC multihomed refer http://support.microsoft.com/default.aspx?scid=kb;en-us;272294
If anything above is incorrect please correct it and run "ipconfig /flushdns & ipconfig /registerdns " and restart DNS service using "net stop dns & net start dns"
DNS best practices
http://technet.microsoft.com/en-us/library/cc778439(v=WS.10).aspx
Checklist: Deploying DNS for Active Directory
http://technet.microsoft.com/en-us/library/cc757116(v=ws.10)
DNS Arguments
http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest
Every DNS server should Point to its own IP as a primary DNS and DNS located in remote site as a secondary DNS in TCP/IP properties
All the unused NIC's to be disabled
Valid DNS Ip from ISP to be configuered in DNS forwarders Do not configuere local DNS in forwarders
Public DNS IP's Should not be used at any NIC Card except Forwarders
Domain Controllers should not be multi-homed
Running VPN server and RRas server makes the DC multihomed refer http://support.microsoft.com/default.aspx?scid=kb;en-us;272294
If anything above is incorrect please correct it and run "ipconfig /flushdns & ipconfig /registerdns " and restart DNS service using "net stop dns & net start dns"
DNS best practices
http://technet.microsoft.com/en-us/library/cc778439(v=WS.10).aspx
Checklist: Deploying DNS for Active Directory
http://technet.microsoft.com/en-us/library/cc757116(v=ws.10)
DNS Arguments
http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest
The dcdiag output you posted in #38742912 shows an event in the System log indicating that your servers' clocks are not synchronized. Is that only happening in your test environment? If it's happening in production, it needs to be addressed, as too much clock skew (>5 minutes by default) causes Kerberos authentication failures.
Thanks for your quick reply. But now i got error in Group policy. DNS name resolution and all working fine now. But group policy is not implemented as I configure in 2008 r2 AD. the policy folders and all are migrated but not in effect. here I have attached screenshot.
when i reset any password fron this 2012 new AD it will give effect on client end. but i can not get my old configured Group policy.
gp.jpg
group-policy-error.jpg
when i reset any password fron this 2012 new AD it will give effect on client end. but i can not get my old configured Group policy.
gp.jpg
group-policy-error.jpg
I have run "net share" command on both DCs to verify but in 2008 R2 I can find NETLOGON folder which shows shared. but in windows server 2012 AD server i could not find NETLOGON folder shared. event i can not find. can you give me detail path? or what configuration should be done?
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Gain unlimited access to on-demand training courses with an Experts Exchange subscription.
Get AccessWhy Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Join our community and discover your potential
Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.
*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.