I see this topic was touched on in August, but the discussion didn't really
go anywhere and I'm having a similar problem.
Here's our scenario:
Empty forest root domain. Multiple second level domains.
Each domain has an equivalent site within the same Exchange 5.5 org.
Each domain has its own firewall which the domain administrator has
administrative authority over.
Holes have been punched through the firewalls to create a web where each DC
can directly communicate to each other DC.
No IPSEC.
There are no replication errors whatsoever occurring anywhere.
AD DNS registrations (_msdcs, etc) exist and appear complete, lookups work
and zone transfers are occurring properly amongst domains. (Each domain has
a secondary zone for every other domain.)
Forestprep was successfully run on one of the root domain controllers.
One domain successfully installed the ADC and set up connection agreements
between AD and their Exchange site.
This one domain has also successfully run Domainprep from one of their DCs..
Two other domains have installed the ADC in their site, but no connection
agreements have been configured.
Both of these two domains have also attempted to run Domainprep from one of
their DCs logged in as an Enterprise Admin that has Domain Administrator
permission to the local domain. But it has been unsuccessful with:
Prerequisites for Microsoft Exchange Domain Preparation failed: The
component "Microsoft Exchange Domain Preparation" cannot be assigned the
action "DomainPrep" because:
- Setup is unable to access the Windows 2000 Active Directory
- Failed to contact the Schema Master server for this Active Directory
forest.
DCDIAG /test:knowsofroleholders /v succeeds from this DC, so it's aware of
and can bind to all the FSMOs.
As for the Exchange Setup log, the only section that shows errors during
initialization that also doesn't have an:
=== IGNORING PREVIOUS ERRORS ===
line after it is the following:
[15:15:14] Entering CDependencyManager::DetermineComponentAvailability
[15:15:14] Component {C7310662-AC80-11D1-8DF3-00C04FB6EF4F} is dependable
[15:15:14] Component {94B7AD3E-0B63-42AC-A542-082ED1F78787} is not
dependable
[15:15:14] CDependencyManager::FComponentPresent
(K:\admin\src\udog\setupbase\tools\depmgr.cxx:208)
Error code 0X80070057 (87): Invalid Argument.
[15:15:14] Component 2 is not installed
[15:15:14] Component {ECD1A63D-DBAF-442C-BF46-904364A96B00} is not
dependable
[15:15:14] CDependencyManager::FComponentPresent
(K:\admin\src\udog\setupbase\tools\depmgr.cxx:208)
Error code 0X80070057 (87): Invalid Argument.
[15:15:14] Component 3 is not installed
[15:15:14] Component {B120908D-CCE3-4FF4-A964-6DA93A0D6943} is not
dependable
[15:15:14] CDependencyManager::FComponentPresent
(K:\admin\src\udog\setupbase\tools\depmgr.cxx:208)
Error code 0X80070057 (87): Invalid Argument.
[15:15:14] Checking for 'MachineEnrollmentAgent' certificate server
[15:15:14] Component 6 is not installed
[15:15:14] Leaving CDependencyManager::DetermineComponentAvailability
The only networking difference that I can identify between the one
successful domain and the non-successful ones is that the successful domain
was behind the same firewall as the root DCs. Nevertheless, the rules on
this firewall are very restrictive and the pipes between the root DCs and
the working domain's DCs still had to be defined. It might as well have
been two separate firewalls. Furthermore, no Denies are being logged in any
of the involved firewall logs for these attempts.
Where else should I look, verify, test, evaluate?
I understand that I could perform the Domainprep functions manually, but I
don't want whatever circumstance that's preventing it from running naturally
now bite me in the butt later on.
Thanks,
Jim Becker
Manager of LAN Services
State University of New York
System Administration
[EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
