Solved

Migration from Server 2003 - 2012 - Unable to promote to DC - ACCESS DENIED

Posted on 2014-02-24
4
3,538 Views
1 Endorsement
Last Modified: 2014-03-04
We have a single server running as a file server / domain controller. We are having an issue migrating AD DS from Server 2003 to Server 2012.

When we run the Active Directory Services Configuration Wizard, we receive the following error at the prerequisites check:

Verification of prerequisite for Active Directory preparation failed. Unable to perform Exchange Schema conflict check for domain mydomain.local.
 Exception: Access is denied.
 Adprep could not retrieve data from the server server2003.mydomain.local through Windows Management Instrumentation (WMI).

I've verified that both servers Windows Firewall's are disabled, the Network Service has has logon right, and everyone has full permissions to WMI via WMIMGMT.MSC. I've also run commands to rebuild the WMI store and re-register.

We cannot connect to any PC via WMIMGMT.MSC on the LAN, so I'm starting to think its our Sonicwall TZ120. Everything else is working including DFS replication.
1
Comment
Question by:qualityip
  • 2
4 Comments
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39884746
A firewall issue will throw an unable to connect or similarly worded warning. "Access Denied" as very explicitly reserved for a successful connection, but the OS denying access because of permissions. Make sure you are logged in as a member of all necessary admin groups (schema admin being notable) and if you've ever set up delegated permissions in AD and removed default permissions, re-add them or add the user account to the delegated groups as well.
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39885484
0
 

Accepted Solution

by:
qualityip earned 0 total points
ID: 39892040
I found that the issue was fixed by checking "Enable Distributed Com" for My Computer under component services on the Server 2003 server.
0
 

Author Closing Comment

by:qualityip
ID: 39902804
Found the answer by researching myself
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question