to add another domain controller, you must have your dns working properly, including reverse lookup. and your primary dns server on all domain controllers need to look to an existing ad server ----- Original Message ----- From: "deji" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, June 08, 2003 8:12 PM Subject: RE: [ActiveDir] Trying to run DCPromo and getting error 5171
> >From the nslookup output, you clearly do not have your reverse lookup setup > correctly. This is OK, if you don't mind seeing the "errors" you reported in > nslookup. So, I would say, don't focus on this as the "CAUSE" of the REAL > problem. > > The "DNS settings" file you posted is not helpful. You will need to post THE > DNS settings on the TCP/IP properties of the server you are trying to > promote. From the "DNS Settings" you posted, I can see that there is no > record for 172.16.0.20, which is one of the DNS servers your promo-candidate > is looking for. Also, I don't see any other address for any other server > besides 172.16.0.30. The promo-candidate is not even registered. > > Another thing to look at is lmhosts config on the promo-candidate. Make sure > you look in the TCP/IP -> WINS properties and uncheck the "use lmhosts" > options. > > All in all, I would say you are looking at misconfigured DNS issue here. > > HTH > > D�j� Ak�m�l�f�, MCSE MCSA MCP+I > www.akomolafe.com > www.iyaburo.com > Do you now realize that Today is the Tomorrow you were worried about > Yesterday? -anon > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of steve > Sent: Sunday, June 08, 2003 4:21 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Trying to run DCPromo and getting error 5171 > > A little more information: > > > > S2.fanamats.com is the first DC holding all the FSMO roles. I was able to > join S1 as a member server to fanmats domain. This is never been an issue, > only when I try to promote it. Running Nslookup command it clearly states > that it can't see the domain controller, any suggestions? I also disable > Netbios over TCP/IP. > > > > Also, I ran both DCDaig and NLTest and once it finished it went away. Where > does it store the results? > > > > > > One more thing: I'm placing the server's on a network that already has a > Windows 2000 domain in place. "Millmats.com" Because new building isn't > ready yet and the going live date is July 1. To isolate problem, I took it > off the network and now just have them connected between a hub. > > > > Thanks, > > Steve Network Engineer ASE, CCNA, API, MCP 3.51" Server 3.51 was the hardest > test I've ever taken" MCSE4.0 and MCP 2000 > > > > > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan > Sent: Sunday, June 08, 2003 2:59 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Trying to run DCPromo and getting error 5171 > > > > Steve, > > > > On the first DC (I suspect this where your DNS is), have you checked and > determined that the AD DNS zones have been created? If you install the > support tools from the Server CD on the first DC, when you run DCDiag and > NLTest, is everything (well nearly so - one or two things will fail..) > successful? > > > > As to network - are both of these DCs on the same network or separated onto > different subnets? And, you state that you can ping by name..... Is this > machine name, or FQDN - and for which machine from where? > > > > Using nslookup from the second DC, can you resolve and lookup, say the > _msdcs.<domain name> zone? > > > > The problem is clearly DNS related - either it's not resolving correctly or > it's not being reached. If the zones are not registered on the DNS server, > stop then start the NETLOGON service. for the first DC. > > > > Also, how do your event logs look on the first DC? DS, DNS, NTFRS? > Everything look good? Anything out of the ordinary in the System or App > logs? > > > > Let us know what you find out! > > > > Rick Kingslan MCSE, MCSA, MCT > Microsoft MVP - Active Directory > Associate Expert > Expert Zone - www.microsoft.com/windowsxp/expertzone > > > > > _____ > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of steve > Sent: Sunday, June 08, 2003 1:14 PM > To: [EMAIL PROTECTED] > > Environment: 2 new servers > > > > Servers Configuration: Windows 2000 as workgroup. Ran DcPromo on the > server1. Verified that DNS was setup correctly, can ping server by name. Not > using WINS. > > > > Problem: Can't make second Server a DC. > > > > Error message: When running DcPromo on second server, I receive the same > error message. The link below explains my error message. > > > > http://www.microsoft.com/windows2000/dns/tshoot/ > > > > > > Thanks, > > Steve > > > > > > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
