none
error A domain controller could not be contacted

    Întrebare


  • after cleanup metadata, on DC1 ,I used dcpromo , but at the last step when i pushed "next" to install Active,

    Appeared this msg box :  

    "windows security"

    A domain controller could not be contacted  for the domain Diba.net that contained an account for this computer .make the computer

    the member of the workgroup then rejoin the domain before retrying promotion.

    Access is Denied."

    what should i do?

    22 iunie 2012 18:05

Răspunsuri

  • Hi,

    I agree with others, they have provided the right suggestions for troubleshooting the issue. At this time, we could try the methods they provided to see if the issue could be resolved. Additionally, we could also refer to the article below to troubleshoot the issue.

    DCPROMO fails with error "Access is denied" if the user performing the promotion is not granted the "trusted for delegation" user right

    http://support.microsoft.com/kb/2002413

    Regards,

    Andy

    25 iunie 2012 07:46
    Moderator

Toate mesajele

  • Make sure -

    1. DC1.diba.net server is configured to use correct DNS server (DC2.diba.net)
    2. Try to join the server to the current domain first and then dcpromo
    3. Time on DC1 and DC2 is synchronized.
    4. Metadata cleanup was successful - http://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx
    5. If all above steps fail try this - Troubleshooting "Access Denied" Error Messages in Active Directory Installation Wizard

    Try these steps if they don't work post here again, thanks!


    Sachin Gadhave
    MCP, MCSA, MCTS

    22 iunie 2012 18:35
  • Hi,

    If metadata cleanup was successful, then it should work. However I think it could be a port block issue. Please check all the AD related ports and check whether they are listening or not. If not make them listen, you can use Port Query Tool to check the same. Also make sure that NIC binding and provider order is fine on source and destination servers. Make sure that you enable "NetBios over TCP/IP" on NIC.

    PortQryUI

    http://www.microsoft.com/en-us/download/details.aspx?id=24009

    How to Use it

    http://support.microsoft.com/kb/816103

    AD ports:

    http://technet.microsoft.com/en-us/library/dd772723%28WS.10%29.aspx

    All the Best.

    22 iunie 2012 18:42
  • You have already got good suggestion form Sachine and venkat to start however I would also recommend to go thrrough below link and check the default domain Controller Policy,Verify that the Enable computer and user accounts to be trusted for delegation user right is granted to BUILTIN\Administrators or add the user id used for promoting the DC under the following node:Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment

    Also enusre that you have prepared the domain since you ae installing win2008 DC in 2003 domain.The other possible cause coul be dns name resolution,duplicate computer account,n/w connectivity issue etc.Refer below link for more details:
    http://social.technet.microsoft.com/Forums/en-US/winserverMigration/thread/659ecd7f-ab02-48d0-a7e6-4fb87572cdaa

    Hope this helps

    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    23 iunie 2012 09:24
  • Hi,

    I agree with others, they have provided the right suggestions for troubleshooting the issue. At this time, we could try the methods they provided to see if the issue could be resolved. Additionally, we could also refer to the article below to troubleshoot the issue.

    DCPROMO fails with error "Access is denied" if the user performing the promotion is not granted the "trusted for delegation" user right

    http://support.microsoft.com/kb/2002413

    Regards,

    Andy

    25 iunie 2012 07:46
    Moderator