I ran into a similar situation and this did the trick : http://blogs.technet.com/b/the_9z_by_chris_davis/archive/2011/12/20/forestdnszones-or-domaindnszones-fsmo-says-the-role-owner-attribute-could-not-be-read.aspx
Ran the VBScript and was good to go. On Apr 6, 2015 3:06 PM, "Michael Leone" <[email protected]> wrote: > I am in the process of testing my new cloned domain, and all was going OK. > I cleaned up eveything, removing all non-existent DCs; everything passed > all repadmin, dcdiag and dnslint tests. > > So I added a new Win2012 R2 DC to the parent domain; went fine. Demoted > the Win2008 R2 DC there (leaving only the Win2012 R2 DC); that went fine. > Added a Win2012 R2 DC to the child domain; that went fine. All dcdiag, > repadmin, dnslint tests pass fine. > > Trying to demote the Win2008 R2 DC in the child, and that's where I am > getting: > > ----- > Operation failed because AD DS could not transfer the remaining data in > directory partition DC=DomainDnsZones, DC=<etc> to AD DC > \\<Win2012R2-DC.<child>.<domain> > > "The directory service is missing mandatory configuration information, and > is unable to determine the ownership of floating single-master operation > roles." > ----- > > I know it knows where the FSMO roles are, because I checked that before > trying to demote it. All the roles were held by the other DC (the Win2012 > R2 DC). > > The DCPROMO.LOG says: > > Ownership of the following FSMO role is set to a server which is deleted > or does not exist. > FSMO Role: CN=Infrastructure,DC=DomainDnsZones,DC=<etc> > FSMO Server DN: CN=NTDS Settings\0ADEL:<GUID>,CN=<name of previously > removed DC>\0aDEL:<different GUID> > > Here's the weird thing: NETDOM QUERY FSMO shows the correct Infrastructure > master (the Win2012 R2 DC). I also see it via the GUI in ADUC. So something > buried somewhere deep thinks that one of the removed DCs still holds this > role, even tho most everything else thinks the correct DC has it. > > So how do I fix this? > (these are all testing upgrading my domains from Win2008 R2 to Win2012 R2. > I can upgrade the domain/forect level until I get rid of the Win2008 R2 > DCs. This is all being done on my isolated network) > > The log suggests manually transferring the roles (which I did before > starting the demotion). I did a manual "Replication Now" from Sites and > Services, and "repadmin /replsummary" shows no failures. > > So where do I go from here? >
