role owner attribute could not be read

V

v yelsukov

I'm trying to remove Active Directory from my Windows 2000 Server by running
dcpromo on a domain controller that is a child domain in an existing domain
tree. Eventually I get an error saying

"The operation failed because the remote attempt at server x.y.com (my root
of the domain tree) to remove domain DC=z, DC=y, DC=com (the domain
controller to remove AD) for the enterprise failed.

'The role owner attribute could not be read'".

Any ideas how to fix that?

I appreciate your time.
 
V

v yelsukov

I corrected this problem by setting the child domain controller's primary
DNS address to itself.

However, here's the new message that I get:

"The operation failed because
The directory Service failed to replicate off changes made locally.
'The DSA operation is unable to proceed because of a DNS lookup failure'"

Does anybody know what that means and what could be the solution?

Thanks.
 
J

Jorge_de_Almeida_Pinto

I'm trying to remove Active Directory from my Windows 2000
Server by running
dcpromo on a domain controller that is a child domain in an
existing domain
tree. Eventually I get an error saying

"The operation failed because the remote attempt at server
x.y.com (my root
of the domain tree) to remove domain DC=z, DC=y, DC=com (the
domain
controller to remove AD) for the enterprise failed.

'The role owner attribute could not be read'".

Any ideas how to fix that?

I appreciate your time.
Click to expand...

is it correct you have a root domain with a child domain and you are
trying to demote the LAST DC from the child domain?

If yes and you checked "this is the last DC..." (or something like
that..) then the DC also removes the child domain from the forest. To
succeed it must contact the Domain Naming Master FSMO.

To see who where the FSMO roles are hosted use:
netdom query FSMO.

Check the event logs of the FSMO owner (domain naming master) and rnu
DCDIAG /V to see if something is wrong
 
G

Guest

1) How many DC's do we have in the root domain. Is the replication working
fine between those DC's.

2) Was there any DC in the parent which has exchange and that DC failed. If
so then do a metadata cleanup of that server and then try to dcprmo.

3) Also try to move the forest roles(schema master and domain naming master)
to another server and then try.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

The role owner attribute could not be read 5
How Do I move the "DOMAIN ROLE OWNER" TO ANOTHER DC? 0
DsRemoveDsDomainW error0x20ae (The role owner attribute could not be read) 1
The role owner attribute could not be read when promoting server 1
The role owner attribute could not be read 1
FSMO issues 4
Slow Logons and Can't open files 0
Error adding NAP Role 5

Top