Question regarding DCpromo failure

T

The Minister

I got this error when I tried to run DCpromo to promote a
member server. Failed to modify the properties of the
machine Account EZ-DC6$, Access is denied.
I'm already using an account with a Domain admins rights.
Workaround that has been done but didnt help to fix the
problem:

A. Apply the following Kbids from
http://support.microsoft.com/?kbid=232070 and
http://support.microsoft.com/?kbid=250874
B. Install Service Pack 4.
C. Rebuild a new OS,server wih new Updates
D. Inspect DCdiag, Netdiag, GPO replication
E. Verify DNS replication and health
F. Move the server that is being promoted to main AD Sites
and Services to isolate replication issues
G. Ensure Replication is hapenning using repladmin,
replication Monitor

So is there anything else to check or to consider in
order to fix my problem.


Here is my Dcpromo log.
04/28 16:44:14 [INFO] The attempted domain controller
operation has completed
04/28 16:44:14 [INFO] DsRolepSetOperationDone returned 0
04/28 16:47:30 [INFO] Promotion request for replica domain
controller
04/28 16:47:30 [INFO] DnsDomainName ez.dko.my.org
04/28 16:47:30 [INFO] ReplicaPartner (NULL)
04/28 16:47:30 [INFO] SiteName (NULL)
04/28 16:47:30 [INFO] DsDatabasePath D:\, DsLogPath D:\
04/28 16:47:30 [INFO] SystemVolumeRootPath
C:\WINNT\SYSVOL
04/28 16:47:30 [INFO] Account \netsysadmin
04/28 16:47:30 [INFO] Options 196
04/28 16:47:30 [INFO] Validate supplied paths
04/28 16:47:30 [INFO] Validating path D:\.
04/28 16:47:30 [INFO] Path is a directory
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Validating path D:\.
04/28 16:47:30 [INFO] Path is a directory
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Validating path C:\WINNT\SYSVOL.
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Path is on an NTFS volume
04/28 16:47:30 [INFO] Start the worker task
04/28 16:47:30 [INFO] Request for promotion returning 0
04/28 16:47:30 [INFO] Searching for a domain controller
for the domain EZ.dpko.un.org that contains the account EZ-
DC6$
04/28 16:47:30 [INFO] Located domain controller EZ-
dc1.ez.dko.my.org for domain ez.dko.my.org
04/28 16:47:30 [INFO] Using site EZ-Gn for server
\\ez.dko.my.org
04/28 16:47:30 [INFO] Forcing time sync
04/28 16:47:30 [INFO] Forcing a time synch with \\EZ-
dc1.ez.dko.my.org
04/28 16:47:30 [INFO] Setting machine account to be DC
04/28 16:47:30 [INFO] Configuring the server account
04/28 16:47:30 [INFO] Searching for the machine account
for EZ-DC6$ on \\EZ-dc1.ez.dko.my.org..
04/28 16:47:30 [INFO] Configuring the server account
04/28 16:47:33 [INFO] NtdsSetReplicaMachineAccount
returned 5
04/28 16:47:33 [INFO] DsRolepSetMachineAccountType
returned 5
04/28 16:47:33 [INFO] Error - Failed to modify the
necessary properties for the machine account EZ-DC6$
(5)
04/28 16:47:33 [INFO] The attempted domain controller
operation has completed
04/28 16:47:33 [INFO] DsRolepSetOperationDone returned 0
 
C

Cary Shultz [A.D. MVP]

You might want to use an account that is a member of the Enterprise
Admins....

If you try this does that help?

Cary

The Minister said:
I got this error when I tried to run DCpromo to promote a
member server. Failed to modify the properties of the
machine Account EZ-DC6$, Access is denied.
I'm already using an account with a Domain admins rights.
Workaround that has been done but didnt help to fix the
problem:

A. Apply the following Kbids from
http://support.microsoft.com/?kbid=232070 and
http://support.microsoft.com/?kbid=250874
B. Install Service Pack 4.
C. Rebuild a new OS,server wih new Updates
D. Inspect DCdiag, Netdiag, GPO replication
E. Verify DNS replication and health
F. Move the server that is being promoted to main AD Sites
and Services to isolate replication issues
G. Ensure Replication is hapenning using repladmin,
replication Monitor

So is there anything else to check or to consider in
order to fix my problem.


Here is my Dcpromo log.
04/28 16:44:14 [INFO] The attempted domain controller
operation has completed
04/28 16:44:14 [INFO] DsRolepSetOperationDone returned 0
04/28 16:47:30 [INFO] Promotion request for replica domain
controller
04/28 16:47:30 [INFO] DnsDomainName ez.dko.my.org
04/28 16:47:30 [INFO] ReplicaPartner (NULL)
04/28 16:47:30 [INFO] SiteName (NULL)
04/28 16:47:30 [INFO] DsDatabasePath D:\, DsLogPath D:\
04/28 16:47:30 [INFO] SystemVolumeRootPath
C:\WINNT\SYSVOL
04/28 16:47:30 [INFO] Account \netsysadmin
04/28 16:47:30 [INFO] Options 196
04/28 16:47:30 [INFO] Validate supplied paths
04/28 16:47:30 [INFO] Validating path D:\.
04/28 16:47:30 [INFO] Path is a directory
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Validating path D:\.
04/28 16:47:30 [INFO] Path is a directory
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Validating path C:\WINNT\SYSVOL.
04/28 16:47:30 [INFO] Path is on a fixed disk drive.
04/28 16:47:30 [INFO] Path is on an NTFS volume
04/28 16:47:30 [INFO] Start the worker task
04/28 16:47:30 [INFO] Request for promotion returning 0
04/28 16:47:30 [INFO] Searching for a domain controller
for the domain EZ.dpko.un.org that contains the account EZ-
DC6$
04/28 16:47:30 [INFO] Located domain controller EZ-
dc1.ez.dko.my.org for domain ez.dko.my.org
04/28 16:47:30 [INFO] Using site EZ-Gn for server
\\ez.dko.my.org
04/28 16:47:30 [INFO] Forcing time sync
04/28 16:47:30 [INFO] Forcing a time synch with \\EZ-
dc1.ez.dko.my.org
04/28 16:47:30 [INFO] Setting machine account to be DC
04/28 16:47:30 [INFO] Configuring the server account
04/28 16:47:30 [INFO] Searching for the machine account
for EZ-DC6$ on \\EZ-dc1.ez.dko.my.org..
04/28 16:47:30 [INFO] Configuring the server account
04/28 16:47:33 [INFO] NtdsSetReplicaMachineAccount
returned 5
04/28 16:47:33 [INFO] DsRolepSetMachineAccountType
returned 5
04/28 16:47:33 [INFO] Error - Failed to modify the
necessary properties for the machine account EZ-DC6$
(5)
04/28 16:47:33 [INFO] The attempted domain controller
operation has completed
04/28 16:47:33 [INFO] DsRolepSetOperationDone returned 0
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top