Solved

Can't promote Windows 2012 Server in 2008 domain

Posted on 2014-10-23
5
168 Views
Last Modified: 2014-10-28
I just joined a new Windows 2012 Server to a 2008 Domain.

I want to promote it to Domain Controller but the wizard gives me some errors.

I've investigated further and I get this error with adprep /rodcprep (with elevated privileges):

Adprep could not contact the Naming FSMO myserver.mydomain.com The Naming FSMO must be reachable for this operation proceed.

Error code: 0x3a

I am trying to do this logged as Domain Admin and I've checked Netdom Query FSMO on both the new server and the main server:

All the entries point to the same server: myserver.mydomain.com on both sides (new server and main)

The new server has not the DNS sever role and has as single dns server the main server.

What is wrong?

How can I fix this?

Thanks
0
Comment
Question by:ltpitt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:Kamran Mallik
ID: 40399334
Are you trying to promote this DC as a Read Only Domain Controller as the command you have entered is to promote it to a Read only Domain Controller.
0
 
LVL 1

Author Comment

by:ltpitt
ID: 40399399
Sorry I've now done on both Master server and new server:

adprep /domainprep

and on the master server I get: "All the domain level information are already updated" and on the new server: "Adprep could not contact the Naming FSMO myserver.mydomain.com The Naming FSMO must be reachable for this operation proceed.

Error code: 0x3a"
0
 
LVL 1

Expert Comment

by:Kamran Mallik
ID: 40399468
Have you tried running dcpromo from the run menu instead. Domainprep I don't think is used to install a second DC on an existing domain. I usually use dcpromo which will run adprep anyway if needed.
0
 
LVL 1

Accepted Solution

by:
ltpitt earned 0 total points
ID: 40399512
Solved!

It was just a firewall issue: damn me!

dcdiag /s:myservername

gave all the errors in the world and then I understood and fixed the pfsense firewall :)
0
 
LVL 1

Author Closing Comment

by:ltpitt
ID: 40408006
It was simply that
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question