In
Chris said:
The forest root domain has been preped and upgraded to 2k3....my
domain has also been preped. We don't use Exchange...although we did
have it running before we upgraded to 2000....now we use Lotus Domino
server.
This is some of the dcpromo.log file....this file is from
October...but the error is still the same....
This one is from a win2k server dcpromo.....but the same error for a
win2k3 dcpromo
10/16 08:26:58 [INFO] Promotion request for replica domain controller
10/16 08:26:58 [INFO] DnsDomainName domain.us.mycompany.intra
10/16 08:26:58 [INFO] ReplicaPartner (NULL)
10/16 08:26:58 [INFO] SiteName (NULL)
10/16 08:26:58 [INFO] DsDatabasePath C:\WINNT\NTDS, DsLogPath
C:\WINNT\NTDS 10/16 08:26:58 [INFO] SystemVolumeRootPath
C:\WINNT\SYSVOL 10/16 08:26:58 [INFO] Account
domain.us.mycompany.intra\administrator 10/16 08:26:58 [INFO] Options
196 10/16 08:26:58 [INFO] Validate supplied paths
10/16 08:26:58 [INFO] Validating path C:\WINNT\NTDS.
10/16 08:26:58 [INFO] Path is a directory
10/16 08:26:58 [INFO] Path is on a fixed disk drive.
10/16 08:26:58 [INFO] Validating path C:\WINNT\NTDS.
10/16 08:26:58 [INFO] Path is a directory
10/16 08:26:58 [INFO] Path is on a fixed disk drive.
10/16 08:26:58 [INFO] Validating path C:\WINNT\SYSVOL.
10/16 08:26:58 [INFO] Path is on a fixed disk drive.
10/16 08:26:58 [INFO] Path is on an NTFS volume
10/16 08:26:58 [INFO] Start the worker task
10/16 08:26:58 [INFO] Request for promotion returning 0
10/16 08:26:58 [INFO] Searching for a domain controller for the
domain domain.us.mycompany.intra that contains the account dc02$
10/16 08:26:59 [INFO] Located domain controller
dc01.domain.us.mycompany.intra for domain domain.us.mycompany.intra
10/16 08:26:59 [INFO] Using site California for server
\\dc01.domain.us.mycompany.intra
10/16 08:26:59 [INFO] Forcing time sync
10/16 08:26:59 [INFO] Forcing a time synch with
\\dc01.domain.us.mycompany.intra
10/16 08:26:59 [INFO] Setting machine account to be DC
10/16 08:26:59 [INFO] Configuring the server account
10/16 08:26:59 [INFO] Searching for the machine account for dc02$ on
\\dc01.domain.us.mycompany.intra... 10/16 08:26:59 [INFO] Configuring
the server account
10/16 08:26:59 [INFO] NtdsSetReplicaMachineAccount returned 0
10/16 08:26:59 [INFO] Previous location of account dc02$ to
CN=dc02,CN=Computers,DC=domain,DC=us,DC=mycompany,DC=intra 10/16
08:26:59 [INFO] Stopping service NETLOGON
10/16 08:26:59 [INFO] Stopping service NETLOGON
10/16 08:27:59 [INFO] Configuring service NETLOGON to 1 returned 0
10/16 08:27:59 [INFO] Deleting current sysvol path C:\WINNT\SYSVOL
10/16 08:28:02 [INFO] Copying initial Directory Service database file
C:\WINNT\system32\ntds.dit to C:\WINNT\NTDS\ntds.dit
10/16 08:28:05 [INFO] Installing the Directory Service
10/16 08:28:05 [INFO] Calling NtdsInstall for
domain.us.mycompany.intra 10/16 08:28:05 [INFO] Starting the
Directory Service installation 10/16 08:28:05 [INFO] Validating user
supplied options 10/16 08:28:05 [INFO] Determining local site to enter
10/16 08:28:05 [INFO] Examining existing Enterprise Directory Service
10/16 08:28:06 [INFO] Configuring the local server to host the
Directory Service 10/16 08:28:18 [INFO] Creating the ntdsa object for
this server on dc01.domain.us.mycompany.intra 10/16 08:28:18 [INFO]
Replicating the Directory Service schema container 10/16 08:28:21
[INFO] Replicating CN=Schema,CN=Configuration,DC=mycompany,DC=intra:
received 402 out of 1684 objects. 10/16 08:28:21 [INFO] Error - The
Directory Service failed to replicate the partition
CN=Schema,CN=Configuration,DC=tpnet,DC=intra from remote server
dc01.domain.us.mycompany.intra. (8418) 10/16 08:28:23 [INFO]
NtdsInstall for domain.us.mycompany.intra returned 8418 10/16
08:28:23 [INFO] DsRolepInstallDs returned 8418 10/16 08:28:23 [ERROR]
Failed to install to Directory Service (8418) 10/16 08:28:33 [INFO]
Starting service NETLOGON
10/16 08:28:33 [INFO] Configuring service NETLOGON to 2 returned 0
10/16 08:28:33 [INFO] Searching for the machine account for dc02$ on
\\dc01.domain.us.mycompany.intra... 10/16 08:28:33 [INFO] Configuring
the server account
10/16 08:28:33 [INFO] NtdsSetReplicaMachineAccount returned 0
10/16 08:28:33 [INFO] Attempted to move account dc02$ to
CN=dc02,CN=Computers,DC=domain,DC=us,DC=mycompany,DC=intra 10/16
08:28:33 [INFO] The attempted domain controller operation has
completed
10/16 08:28:33 [INFO] DsRolepSetOperationDone returned 0
Any help would be appreciated.
What would be really helpful for us is if you can post any Event log errors
due to this, no matter from what logs. If you can post an ipconfig /all from
this machine and from the Root domain DC.
Ok, now what are you doing here, are you trying to install a new DC in a new
child domain or upgrade an existing member server in an existing child
domain as a replica DC?
One question you asked if the DC has to be on the network when upgrading
it.... YES. Everyone must be on the network.
That said, assuming that all your DCs only point to your internal DNS and
your DNS infrastructure is intact and cleanly resolving across the
infrsatructure, this errpr may possibly be cause by the clocks being
different on the machines. As long as the clocks are respective to their
time zones (Zulu - whatever), we can eliminate that possibility. Eg. If a
server is set to 9am EST and the other server is set to 9am PST, then we're
3 hours out of synch and will cause Kerberos authentication issues. Read on
about that...
http://www.jsiinc.com/SUBN/tip6500/rh6584.htm
Could also be caused by an orphaned object class attribute associated with a
Schema attribute that got altered from the Forest prep (guess here).
Whatever it may be, what we can do you can do to figure out what's going on
is bumping up the NTDS error log reporting. See this:
Error Message: The Replication System Encountered an Internal Error
http://support.microsoft.com/default.aspx?scid=kb;en-us;285858
Could also be a failed RPC connection between the DCs. Firewalls, MTU
setting alterations in the router, using ADSL, and/or NAT can cause that.
Look at this article for more information on that:
http://www.certguide.com/forums/showthread.php?t=2354
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
