- Windows Server 2012
- Active Directory
- Microsoft Legacy OS
Error after Promoting new server 2012 R2 as Domain controller ?
Hi,
My newly promoted Server 2012 R2 is having a problem here:
this is the error after the reboot in the server manager when I clieck on the wizard.
This is from the Event viewer:
what can I do to resume its function as Domain Controller ?
My newly promoted Server 2012 R2 is having a problem here:
this is the error after the reboot in the server manager when I clieck on the wizard.
---------------------------
Deployment Configuration
---------------------------
Error determining whether the target server is already a domain controller: The domain controller promotion completed, but the server is not advertising as a domain controller.
---------------------------
OK
---------------------------
This is from the Event viewer:
Log Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 27/02/2015 4:17:41 PM
Event ID: 1962
Task Category: DS RPC Client
Level: Error
Keywords: Classic
User: ANONYMOUS LOGON
Computer: NEWDC02.domain.com
Description:
Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
directory service:
OLDDC01.domain.com
Additional Data
Error value:
The handle is invalid. (6)
what can I do to resume its function as Domain Controller ?
do you mean this one: http://support.microsoft.com/kb/555846
1.Use the following knowledgebase to remove common Domain Controller settings
from the Active Directory.
http://support.microsoft.com/kb/216498
Note 1: : You may need to seize the FSMO to alternative Domain Controller
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
Note 2: You may need to configure a new authoritative timerver in the domain.
2. Remove old computer account by using "Active Directory Sites and Services" tool.
3. Remove old DNS and WINS records of the orphaned Domain Controller.
4. Use "ADSIEdit" to remove old computer records from the Active Directory:
a. OU=Domain Controllers,DC=domain,DC=l
b. CN=Default-First-Site-Name
c. CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=domai
5. Force Active Directory replication by using "Repadmin.exe" tool:
Using Repadmin.exe to troubleshoot Active Directory replication
http://support.microsoft.com/kb/229896/
1.Use the following knowledgebase to remove common Domain Controller settings
from the Active Directory.
http://support.microsoft.com/kb/216498
Note 1: : You may need to seize the FSMO to alternative Domain Controller
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
Note 2: You may need to configure a new authoritative timerver in the domain.
2. Remove old computer account by using "Active Directory Sites and Services" tool.
3. Remove old DNS and WINS records of the orphaned Domain Controller.
4. Use "ADSIEdit" to remove old computer records from the Active Directory:
a. OU=Domain Controllers,DC=domain,DC=l
b. CN=Default-First-Site-Name
c. CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=domai
5. Force Active Directory replication by using "Repadmin.exe" tool:
Using Repadmin.exe to troubleshoot Active Directory replication
http://support.microsoft.com/kb/229896/
To resolve this issue, follow these steps:
Restart the server on which Active Directory could not be installed.
Use Dsa.msc or Dsac.exe on an existing domain controller to delete the failed server's computer account. (The domain controller will not yet be a domain controller object but only a member server.) Then, let Active Directory replication converge.
On the failed server, forcibly remove the server from the domain by using the System Properties Control Panel item or netdom.exe.
On the failed server, remove the Active Directory Domain Services (AD DS) role by using Server Manager or Uninstall-WindowsFeature.
Restart the failed server.
Install the AD DS role, and then try the promotion again. When you do this, make sure that you provide promotion credentials in the form "domain\user" or "user@domain.tld."
http://support.microsoft.com/kb/2737935
Restart the server on which Active Directory could not be installed.
Use Dsa.msc or Dsac.exe on an existing domain controller to delete the failed server's computer account. (The domain controller will not yet be a domain controller object but only a member server.) Then, let Active Directory replication converge.
On the failed server, forcibly remove the server from the domain by using the System Properties Control Panel item or netdom.exe.
On the failed server, remove the Active Directory Domain Services (AD DS) role by using Server Manager or Uninstall-WindowsFeature.
Restart the failed server.
Install the AD DS role, and then try the promotion again. When you do this, make sure that you provide promotion credentials in the form "domain\user" or "user@domain.tld."
http://support.microsoft.com/kb/2737935
Hi,
Please try running DCDiag on the newly installed Domain Controller and report for any errors.
Please verify DNS in installed and configured properly.
Please try running DCDiag on the newly installed Domain Controller and report for any errors.
Please verify DNS in installed and configured properly.
How to verify the DNS if it is working ?
As at the moment the Primary DNS is still held by the OLDDC01 I'm not sure how to transfer the DNS role from WIndows 2003 to 2012 R2 yet.
As at the moment the Primary DNS is still held by the OLDDC01 I'm not sure how to transfer the DNS role from WIndows 2003 to 2012 R2 yet.
While installing DC you should have got the option to install DNS Server. Do you remember installing/skipping it.
You could also use DCDiag /test:dns command to test DNS Configuration.
You could also use DCDiag /test:dns command to test DNS Configuration.
How to verify the DNS if it is working ?
you can use nslookup against the 2012 server
I'm not sure how to transfer the DNS role from WIndows 2003 to 2012 R2 yet.
as i stated in your other question, DNS is replicated to the new domain controller after promotion; not transferred
ah yes, so in this case the DNS server role is already installed and I can perform the NSLOOKUP command against the server.
so can I safely cutover the rest of my workstations to this newly build DC / DNS server as the primary static DNS IP address ?
so can I safely cutover the rest of my workstations to this newly build DC / DNS server as the primary static DNS IP address ?
You could test several workstations by hard-coding their IP, DHCP, and DNS temporarily. If that works, then update it on the DHCP server.
oh yes, you're right.
Do I have to transfer the DHCP server role as well to this newly build server to make sure that it is working assigning new IP and the DNS server ?
Do I have to transfer the DHCP server role as well to this newly build server to make sure that it is working assigning new IP and the DNS server ?
You don't have to. Still, if you want, leave everything as is - at least for a few days. Just to make sure everything works. Then, when you get bored, you can mess with things again.
Ok, so now after couple of days, the DCDIAG result showing as passed :-)
but when opening the Powershell ISE and then issueing the Get-ADDomainController command, returns the AD Schema Master DC server not itself ?
is that expected.
but when opening the Powershell ISE and then issueing the Get-ADDomainController command, returns the AD Schema Master DC server not itself ?
is that expected.
is that expected.
it could be
see example 14 at the bottom of the documentation (wouldn't hurt looking over the rest to understand all parameters)
Get-ADDomainController
https://technet.microsoft.com/en-us/library/ee617217.aspx?f=255&MSPPError=-2147217396
-
![]()
SolutionServer 2012 Essentials as a client of a 2000 Domain Controller -
![]()
ArticleUpgrading Windows 2012 R2 Failover Cluster with Teaming to Windows 2019 over RDP -
![]()
VideoIntroducing a Windows 2012 Domain Controller into a 2008 Active Directory Environment -
![]()
Cloud Class®Certification: MCSA MCSE Microsoft Certified Solutions Associate & Systems Engineer - Configuring Advanced Windows Server 2012 R2 Services
-
![]()
received a Solution
How to change a Windows Server 2012 R2 Active Directory Domain Controller server name -
![]()
wrote an Article
![]()
Standalone RD Gateway Server without RDS Infrastructure
-
![]()
created a Video
![]()
Windows Server 2012 – Configuring NTP Servers for Time Synchronization
-
Explore Cloud Class® ![]()
Certification: MCSA MCSE Microsoft Certified Solutions Associate & Systems Engineer - Installing and Configuring Windows Server 2012 R2
Premium Content
You need an Expert Office subscription to comment.Start Free Trial