Seize Domain Naming Master

M

Melvin Ong

Hi,

I have two DC (namely A and B) in a single domain. DC A
was running 5 Single Master Operations and it was the
first DC set up for the forest and the domain. Currently,
DC A crashes and is not able to brought online. I managed
to transfer all Single Master Operations except Domain
Naming Master to DC B using MMC. I tried to use ntdsutil
to transfer, it also failed with the following message:

dap_modify_sW error 0x35(53 (Unwilling To Perform).
Ldap extended error message is 0000214B: SvcErr: DSID-
03210792, problem 5003 (WILL_NOT_PERFORM), data 0

Win32 error returned is 0x214b(Only DSAs configured to be
Global Catalog servers should be allowed to hold the
Domain Naming Master FSMO role.)

Depending on the error code this may indicate a
connection, ldap, or role transfer error.
Role seizure is forbidden in this case
fsmo maintenance:


Please help me how to transfer Domain Naming Master to DC
B.

Thanks.
Melvin
 
J

Jerold Schulman

Hi,

I have two DC (namely A and B) in a single domain. DC A
was running 5 Single Master Operations and it was the
first DC set up for the forest and the domain. Currently,
DC A crashes and is not able to brought online. I managed
to transfer all Single Master Operations except Domain
Naming Master to DC B using MMC. I tried to use ntdsutil
to transfer, it also failed with the following message:

dap_modify_sW error 0x35(53 (Unwilling To Perform).
Ldap extended error message is 0000214B: SvcErr: DSID-
03210792, problem 5003 (WILL_NOT_PERFORM), data 0

Win32 error returned is 0x214b(Only DSAs configured to be
Global Catalog servers should be allowed to hold the
Domain Naming Master FSMO role.)

Depending on the error code this may indicate a
connection, ldap, or role transfer error.
Role seizure is forbidden in this case
fsmo maintenance:


Please help me how to transfer Domain Naming Master to DC
B.

Thanks.
Melvin
Click to expand...

Since A isn't online, you must use ntdsutil to sieze the roles.
tip 2728 in the 'Tips & Tricks' at http://www.jsiinc.com

Jerold Schulman
Windows: General MVP
JSI, Inc.
http://www.jsiinc.com
 
J

Jimmy Harper [MSFT]

It looks like the server that you are trying to move the Domain Naming
Master role to needs to be a Global Catalog server (and if the only other DC
in the domain is down, then the remaining DC must be a GC). See the
following article on how to do this:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;313994

Also, you will want to make sure that DC B has DNS installed and is pointing
only to itself for DNS in TCP/IP properties (your Win2k and XP client
machines should also point to DC B for DNS).

Also, if DC A is not going to be brought back online (and it should not be
brought back online since the FSMO roles were seized), you should do
metadata cleanup on DC B to remove DC A from AD. The following article
tells how to do this:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;216498

Then, DC A should be rebuilt and re-promoted back into the domain.

--
Jimmy Harper [MSFT]
Directory Services
This posting is provided "AS IS" with no warranties, and confers no rights
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Seize domain naming error 3
Unable to seize FSMO Roles 8
Transfer FSMO to another DC 3
Seizing Operations Master Roles 2
transfer of FSMO error 3
problem seizing domain naming master 2
Schema, Domain Naming Master is down due to hardware failure. Implications in case I seize the roles 11
Error transfering schema master role 1

Top