[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Cannot demote server because of error with fSMORoleOwner

Posted on 2013-12-23
3
Medium Priority
?
3,710 Views
Last Modified: 2014-02-05
We recently migrated from Windows 2008 SBS over to Windows 2012. We had issues demoting the SBS server so in the interests in saving time, we carried on. We used an intermediate server (Windows 2008 R2 Server) to hold the AD information until we brought up our 2012 domain server. Now, I am trying to demote our temp 2008 server and I am getting an error when I try to demote it "The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles"

In doing some research it shows to load up ADSI Edit and look for the ‘fSMORoleOwner’ under CN-Infrastructure I see that the old SBS server is listed there and so when I try to change that line, I get an error Operation failed. Error code: 0x20ae The role owner attribute could not be read.

I started up ntdsutil and transferred all 5 roles successfully to the 2012 domain server, started up ADSI Edit and tried to edit the ‘fSMORoleOwner’ and still could not change it. It looked as if it had a bunch of garbage characters in it. I was able to change it and changed it to the format as it is on one of my other client domain servers.

That still didn't fix the issue though

I checked the eventlog and it looks like the AD information is replicating properly. I was going to force the dcpromo but then thought that we may have the same problem if we migrate to another server years down the road. I figured it might be better to resolve this problem now instead of later.

Any ideas on what to do next to fix this issue?
0
Comment
Question by:johnny181
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Expert Comment

by:convergint
ID: 39737359
When you changed the fSMORoleOwner manually did you do it like this on the Infrastructure FSMO server?

CN=NTDS Settings,CN=hostname>,CN=Servers,CN=sitename>,CN=Sites,CN=Configuration,DC=domain,DC=local
0
 
LVL 10

Accepted Solution

by:
Zenvenky earned 750 total points
ID: 39737934
Please check this MS KB, I'm sure it will be resolved.

http://support.microsoft.com/kb/949257
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 750 total points
ID: 39740111
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question