dcpromo was unsuccessful

[JBruyet]

Hey all,

I'm trying to "promo" my three 2k servers up to DC machines but I've run into a snag. I can promo my first machine, and everything seems to run fine but any attempts to promo my other computers results in the following error:

The wizard cannot gain access to the list of domains in the forest. This condition may be caused by a DNS lookup problem. For information about troubleshooting common DNS lookup problems, please see the following Microsoft Web site:

http://go.microsoft.com/fwlink/?linkId=5171.

The error is:

The specified domain either does not exist or could not be contacted.

I've double-checked the DNS on my first machine and it seems to be set right (I'm using it as my DNS server in my NT 4.0 domain and it works). My other 2k machines are looking to it to resolve their DNS queries. Any ideas on what I'm overlooking?

Thanks,

Joe Brouillette

 

[tlcscousin]

Default gateway pointing to the DC, or use the DC as the preferred DNS server in the other servers DNS entry.

 

[Odissey]

Do you apply NSLOOKUP from 1 server to 2 and 3 use FQDN? Is it succesful? If no? - you must tuning your DNS.

 

[JBruyet]

Future--The first DC was the DNS server. Do I need to change something in it after I Promo it?

Odissey--I'll give it a shot and see.

Thanks,

Joe Brouillette

 

[GlenJohnson]

Just curious........ Did you check the event logs on all the servers? Have you set up Active Directory on the successfull server? Also try a route print on all servers and compare them. Good luck. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

"There is nothing in this world constant but inconstancy."
Jonathan Swift (1667-1745); Irish author.

 

[JBruyet]

Odissey--NSLOOKUP can't find the servers. The message is:

Can't find server name for address 192.168.2.9: Non-existent domain.

I find that strange since DNS is working on all of my workstations and they're all logging on to an NT 4.0 domain. Would that be part of the problem?

Glen--
1) I'll check the logs for any info
2) I'm able to setup AD on the first server, but none of the subsequent PROMOs work because they can't find the DNS
3) I'll do route print and look for deviations

Thanks,

Joe Brouillette

 

[Odissey]

1. > Would that be part of the problem?
YES!
2. > Can't find server name for address 192.168.2.9: Non-existent domain.
Tuning DNS properties on that PC which print this message

3. Are all three PC in same subnetwork?

 

[jasonburi]

I have had similar problems if I tried to promote the server to a DC without joining it to the domain first. Try going to the servers name properties, and join it to the domain if you haven't already. Then run the dcpromo.

 

[JBruyet]

Jason--The server has already been joined to the domain

Odissey--
1) YES! --> The fact that it's an NT 4.0 domain? Is there a different tweak I need to look at?
2) Tuning --> In what way? DNS is running on them already and my workstations are going through both of them for their name resolution
3) Subnets --> Yeah, they're all in the same subnet

 

[JBruyet]

<rant>
I just don't understand. I can DCPROMO one server but I can't do a second server because DNS can't find a Domain Controller. I have DNS running on two of my 2k servers (standalone at this time) but if I type NSLOOKUP on my 2k Pro workstation it says that it can't find the server name and that it's a non-existent domain. Granted, it is an NT 4.0 domain, but everything is working. DNS is working. DHCP is working. The servers are accessible. If it's a non-existent domain how come I have to login to it?
</rant>

I was hoping to have things up and going last Saturday but I don't think I'm going to make it. Oh well, I hear that McDonald's is hiring.

All ideas & suggestions welcome,

Joe Brouillette

 

[cbbxxxd]

i had the same problem...
all you gotta do is add host
put your PDC in with the same IP address
and it should work after that...
try nslookup on that...

 

[JBruyet]

So on my client machine I need to put my DNS server in the HOSTS file? I'll give it a shot 'cuz it can't hurt.

Thanks,

Joe Brouillette

 

[JBruyet]

No joy. I still get the same error message. Also, I'm on an NT 4.0 network at this time and my DNS is through two Win2k boxes. At this very moment I'm on the third Win2k box trying NSLOOKUP and it gets the same error message all the other machines get.

Any other ideas? Anyone else have a suggestion that I could try?

Sheesh,

Joe Brouillette

 

[GlenJohnson]

That should work, but MS is suggesting getting away from hosts. If that works, go with it, but you still have a problem somewhere. You might want to look deeper just in case. If you go to your workstation, open a command prompt and type nslookup like Odessy suggested. It should come back
Default Server:ServerName
Address:IPAddress

This will open an interactive mode with the server. From
>
Type
>ls -t domainname
Hit enter. Look at the list and see if anything looks out of place. When your done, type exit to get out of the interactive mode.
By the way, whatever happened with route print from the nasty server? Good luck. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

&quot;There is nothing in this world constant but inconstancy.&quot;
Jonathan Swift (1667-1745); Irish author.

 

[JBruyet]

Hey Glen, NSLOOKUP from my workstation gives the same errors that I'm getting from everything else:

Can't find server name for address 192.168.2.9: Non-existent domain

I tried the ROUTE PRINT but everything looked normal on all three 2k servers.

Here's another bit of info that I'm hoping will bring an answer from someone: I did the NSLOOKUP from a server that I had added one of my ISP's DNS numbers to and it can find the DNS server for my ISP. It still can't find my local DNS servers (of which I have forwarding turned on and all is working) but it can find the DNS server for my ISP. Does that make anybody smack their head and shout &quot;Oh yeah, I forgot about that!&quot;?

Thanks,

Joe Brouillette

 

[GlenJohnson]

I'm guessing that you do have your local dns numbers in the network settings of your workstation. I may have missed it, but did you check your event logs? Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com


&quot;Patience is more powerful than force.&quot;
Plutarch (46-125 A.D.);

 

[JBruyet]

Hey Glen,

I did a quick IPCONFIG to confirm, and the DNS addresses are being pushed out to the machines on my network.

As to Event Logs, the following are the only things I can see that seem wrong. I'm still fairly new to Win2k so maybe you (or anybody else) can see something here to help.

Thanks,

Joe


FIRST DCPROMO ATTEMPT/SUCCESSFUL
The description for Event ID ( 257 ) in Source ( AlertManager ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: Alert Manager Service: Alert Manager Service Started. .

The description for Event ID ( 5000 ) in Source ( McLogEvent ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: 61305, None, None, None, NetShield 2000, 4.1.60, 4218.

Default group policy object cannot be created. Error 80070005 to open GPO Domain EFS Recovery Policy in domain LDAP://DC=link,DC=com.

The description for Event ID ( 257 ) in Source ( Alert Manager Event Interface ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: Alert Manager Event Interface: Alert Manager Event Interface unable to send alert to \\.\pipe\AlertManager. Error returned = The system cannot find the file specified.
.

The description for Event ID ( 5000 ) in Source ( McLogEvent ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: 61305, None, None, None, NetShield 2000, 4.1.60, 4218.

SECOND DCPROMO ATTEMPT/UNSUCCESFUL
The browser was unable to retrieve a list of servers from the browser master \\FILEGUY on the network \Device\NetBT_Tcpip_{89A13DE6-1F8C-4F6B-B6BA-121692FE37EE}. The data is the error code.

 

[Odissey]

JBruyet, please print ipconfig results for your DC, W/S and W2K server which DCPROMO unsuccesful. And then we all attemt to help you once more.

 

[bookouri]

just a shot in the dark here on a completely different track. I ran into problems doing a dcpromo once. I had to demote the first dc in my ad domain and I didnt realize I would have to &quot;grab&quot; all the &quot;roles&quot; to my new dcpromoed server using the ntdsutil. Could it be that even though you have one successful dcpromo that you now have a DC that doesnt have all the &quot;roles&quot; necessary to allow other servers to join as domain controllers. Could that be why the confusion on the domain regarding browse masters etc?

 

[bijo30]

I am brand new to 2000 Domains but I had the same problem.
If your local DNS is in the config then i would ask

Is your DNS server authorized ?
do you have reverse lookup running?
not having reverse lookup causes the error:
&quot;Can't find server name for address 192.168.2.9: Non-existent domain&quot;