Administration of Active Directory does not have to be hard. Too often what should be a simple task is made more difficult than it needs to be.The solution? Hyena from SystemTools Software. With ease-of-use as well as powerful importing and bulk updating capabilities.
Unable to promote Win2012r2 server to a DC and add to existing domain
I have a 2008 domain and I'm trying to add another DC to it, which is running Windows Server 2012r2
When I try to promote to a DC, it fails on prerequisite check with the following error:
Verification of prerequisites for Active Directory preparation failed. Unable to verify whether schema master has completed a replication cycle after last reboot.
Exception: Unavailable Critical Extension. Server extended error: 8366. Server extended message: 000020AE: SvcErr: DSID-03210384, problem 5010 (UNAVAIL_EXTENSION), data 8610
.
Adprep failed to verify whether schema master has completed a replication cycle after last reboot.
[Status/Consequence]
The schema is not upgraded.
[User Action]
Check the log file ADPrep.log in the C:\Windows\debug\adprep\lo
I ran adprep manually on my 2008 DC and it said: Domain-wide information has already been updated.
[Status/Consequence]
Adprep did not attempt to rerun this operation.
When I try to promote to a DC, it fails on prerequisite check with the following error:
Verification of prerequisites for Active Directory preparation failed. Unable to verify whether schema master has completed a replication cycle after last reboot.
Exception: Unavailable Critical Extension. Server extended error: 8366. Server extended message: 000020AE: SvcErr: DSID-03210384, problem 5010 (UNAVAIL_EXTENSION), data 8610
.
Adprep failed to verify whether schema master has completed a replication cycle after last reboot.
[Status/Consequence]
The schema is not upgraded.
[User Action]
Check the log file ADPrep.log in the C:\Windows\debug\adprep\lo
I ran adprep manually on my 2008 DC and it said: Domain-wide information has already been updated.
[Status/Consequence]
Adprep did not attempt to rerun this operation.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Hi again just one thing I forgot to mention.
Can you run the repadmin and showrepl commands and past them here?
Or you can use this tool from Microsoft to discover replication problems and where they are.
http://www.microsoft.com/en-us/download/details.aspx?id=30005.
Regards,
D.
Can you run the repadmin and showrepl commands and past them here?
Or you can use this tool from Microsoft to discover replication problems and where they are.
http://www.microsoft.com/en-us/download/details.aspx?id=30005.
Regards,
D.
Thanks for your prompt response.
Can you check with the tools mentioned on my last post for replication problems?
Are your DNS working properly?
Both servers are turned on?
Can you check with the tools mentioned on my last post for replication problems?
Are your DNS working properly?
Both servers are turned on?
You can't promote a server that already is a DC to another domain. First make sure it is not a DC and not a member of any domain. Then add the server to the domain, and after that promote it to a DC.
David,
I ran the tool and it's come back with some errors. But that's probably because the two DCs are currently separated by firewall, since one of them is at the Disaster Recovery site.
I need to change the firewall settings and I'll run it again, but it might be in 2-3 days when I have my next change window.
I will let you know.
Rindi,
I am not sure I've explained my problem properly, but the server I'm trying to promote to a DC is not a DC yet :)
I ran the tool and it's come back with some errors. But that's probably because the two DCs are currently separated by firewall, since one of them is at the Disaster Recovery site.
I need to change the firewall settings and I'll run it again, but it might be in 2-3 days when I have my next change window.
I will let you know.
Rindi,
I am not sure I've explained my problem properly, but the server I'm trying to promote to a DC is not a DC yet :)
Hi Selmaa,
Thank you for your feedback.
Probably that is the problem. Both 2008 DC need to replicate properly and the replication needs to be in good stand.
After the networking issue is solved, try to force the replication and then run again the tool.
Let us know.
Regards,
D.
Thank you for your feedback.
Probably that is the problem. Both 2008 DC need to replicate properly and the replication needs to be in good stand.
After the networking issue is solved, try to force the replication and then run again the tool.
Let us know.
Regards,
D.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
David,
As it turns out, I couldn't fix the replication issues because the time last replication happened exceeded the tombstone lifetime.
So I decided to demote the DC that was dormant (DR site) and proceed with the new DC promotion (Win server 2012).
Finally, it was promoted successfully.
Thanks for your help!!
As it turns out, I couldn't fix the replication issues because the time last replication happened exceeded the tombstone lifetime.
So I decided to demote the DC that was dormant (DR site) and proceed with the new DC promotion (Win server 2012).
Finally, it was promoted successfully.
Thanks for your help!!
Hi Selma,
Thank you for your feedback.
That was my concern but I had hopes that we had time to force the replication. and get the DC outside of tombstone flag.
What counts now is that the problem is solved.
Cheers.
D.
Thank you for your feedback.
That was my concern but I had hopes that we had time to force the replication. and get the DC outside of tombstone flag.
What counts now is that the problem is solved.
Cheers.
D.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012
From novice to tech pro — start learning today.
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 303 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 435 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 388 lessons
-
Windows Server 2012Certification: MCSA MCSE Microsoft Certified Solutions Associate & … 450 lessons
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
Can you give us more details about your domain.
How many domain controllers do you have with windows 2008?
Windows 2008 version?
Level of your forest in 2008?
Thank you.
D.