AD Error

  • Thread starter Thread starter York
  • Start date Start date
Y

York

Hi, all,

I got a problem that when I try to promote a win2000
machine as a DC. the situation is that

I have a Domain with 2 DC(one 2003 and one 2000), let's
call it test.com

NOw I want to promote another win2000 machine as the
subdomain of test.com. let's say "sub.test.com" . During
the AD installion, it had error that "The role owner's
attribute could not be read". the installation failed
finally.

Could anyone help on this issue?
 
I got a problem that when I try to promote a win2000
machine as a DC. the situation is that

I have a Domain with 2 DC(one 2003 and one 2000), let's
call it test.com

NOw I want to promote another win2000 machine as the
subdomain of test.com. let's say "sub.test.com" . During
the AD installion, it had error that "The role owner's
attribute could not be read". the installation failed
finally.
Click to expand...


First clarify your goal: First DC in a child domain? (not an additional DC
in the current domain).

Sounds like you have a missing Domain Naming Master (or other master).
Have you perhaps swapped out a DC at some point without TRANSFERING
the five single masters to another DC first?

Second most likely is you have DNS messed up (see below) and the role holder
just isn't being found.

Check AD Users and Computers for your PDC Emulator (or AD Domains
and Trusts for the Domain Naming Master.)

If you destroyed the original DC without transferring then you need to run
NTDSUtil to move the 5 roles (also consider you might need to add GCs
also and do this before you add a second domain anyway.)

Use NTDSUtil roles to SEIZE the roles ONLY if you know the original
DC isn't coming back. Search this at google to find help:

[ ntdsutil roles role transfer seize site:microsoft.com ]
[ ntdsutil roles role transfer seize microsoft: ] <--- colon: after
microsoft:

You might want to test using DCDiag before fixing any of this; dump the
output to a file -- search the file for FAIL, WARN, IGNORE.

DNS fixes:
DNS must be dynamic
ONLY the Dynamic DNS server (set) must be specified in ALL
internal clients NIC properties
Internal Clients INCLUDE the DCs and DNS server itself
 
Back
Top