Very Very Urgent

[Guest]

Dears;

I am adding a new domain controller to an existing domain.

I start the dcpromo wizard and going through all its steps, after the
summary I press next, when its start configuring the server account it ask me
again to reinput the username, pwd and domain
showing this error msg.
New Credentials:
" The operation failed because: Failed to modify the necessary properties
for the machine account NORDER01$
"Access is denied. "

Note: I am using a powerful "domainadmis" member users for this operation

 

[Harj]

Dears;

I am adding a new domain controller to an existing domain.

I start the dcpromo wizard and going through all its steps, after the
summary I press next, when its start configuring the server account it ask me
again to reinput the username, pwd and domain
showing this error msg.
New Credentials:
" The operation failed because: Failed to modify the necessary properties
for the machine account NORDER01$
"Access is denied. "

Note: I am using a powerful "domainadmis" member users for this operation

Hi,

Ok well look at a few things here. First and formost I would verify
replication between the domain controllers that are in the
environment.
Make sure the Default Domain Controllers Policy is applying to all of
these domain controllers.
VERIFY...VERIFY that this account that you are using has Delegation
Privilege rights.

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopssoft.com

 

[Ace Fekay [MVP]]

In

Dears;

I am adding a new domain controller to an existing domain.

I start the dcpromo wizard and going through all its steps, after the
summary I press next, when its start configuring the server account
it ask me again to reinput the username, pwd and domain
showing this error msg.
New Credentials:
" The operation failed because: Failed to modify the necessary
properties for the machine account NORDER01$
"Access is denied. "

Note: I am using a powerful "domainadmis" member users for this
operation

I would ensure that the machine you are trying to join is ONLY using the
DC's DNS server. On the DCs, I would suggest to ONLY use themselves as the
DNS server. Keep in mind, whenever an AD member requires access to an AD
resource, it will ask DNS for it';s location. If an ISP's or any other
outside DNS exists in IP properties that does not have the reference for the
domain resources, numerous issues and failures will occur, such as what you
are seeing. Also if the domain is a single label name, that will cause
numerous issues as well.

If you like to better assist, please post:

Unedited ipconfig /all from the DC and the machine you want to join.
The AD DNS domain name in ADUC.
Whether updates enabled on the zone in AD.

Thanks,

--
Regards,
Ace

Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain