Solved

Cannot demote server because of error with fSMORoleOwner

Posted on 2013-12-23
3
3,287 Views
Last Modified: 2014-02-05
We recently migrated from Windows 2008 SBS over to Windows 2012. We had issues demoting the SBS server so in the interests in saving time, we carried on. We used an intermediate server (Windows 2008 R2 Server) to hold the AD information until we brought up our 2012 domain server. Now, I am trying to demote our temp 2008 server and I am getting an error when I try to demote it "The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles"

In doing some research it shows to load up ADSI Edit and look for the ‘fSMORoleOwner’ under CN-Infrastructure I see that the old SBS server is listed there and so when I try to change that line, I get an error Operation failed. Error code: 0x20ae The role owner attribute could not be read.

I started up ntdsutil and transferred all 5 roles successfully to the 2012 domain server, started up ADSI Edit and tried to edit the ‘fSMORoleOwner’ and still could not change it. It looked as if it had a bunch of garbage characters in it. I was able to change it and changed it to the format as it is on one of my other client domain servers.

That still didn't fix the issue though

I checked the eventlog and it looks like the AD information is replicating properly. I was going to force the dcpromo but then thought that we may have the same problem if we migrate to another server years down the road. I figured it might be better to resolve this problem now instead of later.

Any ideas on what to do next to fix this issue?
0
Comment
Question by:johnny181
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Expert Comment

by:convergint
ID: 39737359
When you changed the fSMORoleOwner manually did you do it like this on the Infrastructure FSMO server?

CN=NTDS Settings,CN=hostname>,CN=Servers,CN=sitename>,CN=Sites,CN=Configuration,DC=domain,DC=local
0
 
LVL 9

Accepted Solution

by:
Zenvenky earned 250 total points
ID: 39737934
Please check this MS KB, I'm sure it will be resolved.

http://support.microsoft.com/kb/949257
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 250 total points
ID: 39740111
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question