Promote to GC problem
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.active_directory (More info?)
I may have accidently promoted a DC to host a GC for an empty domain with no
domain controllers. There are repeated messages in the event log for this DC
stating how promotion to a GC has been delayed or that it cannot not occur
because of precondition not being met.
I want to cancel this request or do something to eliminate all these
messages in the event log. They've been piling up for weeks now. Any ideas?
Here is one such event, names of innocent marked by X:
Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1559
Date: 3/18/2005
Time: 2:50:35 PM
User: Everyone
Computer: DVADER
Description:
A request has been made to promote this DSA to a Global Catalog (GC). A
precondition to becoming a GC is that this server host a read-only copy of
all partitions in the enterprise. This server should hold a copy of
partition DC=XXXX,DC=com but it does not. This system will not be promoted to
a GC until this condition is met.
This may be because the KCC has not run, or that it is unable to add a
replica of the partition because all of its sources are down. Please check
the event log for KCC errors.
The KCC will retry adding the replica.
--
end war
stop greed
I may have accidently promoted a DC to host a GC for an empty domain with no
domain controllers. There are repeated messages in the event log for this DC
stating how promotion to a GC has been delayed or that it cannot not occur
because of precondition not being met.
I want to cancel this request or do something to eliminate all these
messages in the event log. They've been piling up for weeks now. Any ideas?
Here is one such event, names of innocent marked by X:
Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1559
Date: 3/18/2005
Time: 2:50:35 PM
User: Everyone
Computer: DVADER
Description:
A request has been made to promote this DSA to a Global Catalog (GC). A
precondition to becoming a GC is that this server host a read-only copy of
all partitions in the enterprise. This server should hold a copy of
partition DC=XXXX,DC=com but it does not. This system will not be promoted to
a GC until this condition is met.
This may be because the KCC has not run, or that it is unable to add a
replica of the partition because all of its sources are down. Please check
the event log for KCC errors.
The KCC will retry adding the replica.
--
end war
stop greed
More about : promote problem
Archived from groups: microsoft.public.win2000.active_directory (More info?)
"Gina" <Gina@discussions.microsoft.com> wrote in message
news:82BC72AE-E4DC-4C81-8E92-671F63536058@microsoft.com...
> I may have accidently promoted a DC to host a GC for an empty domain with
no
> domain controllers.
There is no such thing.
If you did a DCPromo into a new domain, then
this would in fact be the first DC for that domain
(i.e., it did not exist before the promotion).
If you intended to add the DC to an existing domain,
just DCPromo it again (to non-DC first), then again
into the correct domain.
As to GC -- only a DC can become a GC and so you would
have to have at least one DC to make a GC anyway --
and if this is the only DC in the domain it really must
be the GC also.
> There are repeated messages in the event log for this DC
> stating how promotion to a GC has been delayed or that it cannot not occur
> because of precondition not being met.
>
> I want to cancel this request or do something to eliminate all these
> messages in the event log. They've been piling up for weeks now. Any
ideas?
Start by running DCDiag (probably /fix is a good idea too)
and double checking your DNS which is usually at the heart
of most replication problems (this is one of those) and most
authentication problems (which might be involved too.)
> Here is one such event, names of innocent marked by X:
>
> Event Type: Information
> Event Source: NTDS Replication
> Event Category: Replication
> Event ID: 1559
> Date: 3/18/2005
> Time: 2:50:35 PM
> User: Everyone
> Computer: DVADER
> Description:
> A request has been made to promote this DSA to a Global Catalog (GC). A
> precondition to becoming a GC is that this server host a read-only copy of
> all partitions in the enterprise. This server should hold a copy of
> partition DC=XXXX,DC=com but it does not. This system will not be promoted
to
> a GC until this condition is met.
My guess is that you did the DCPromo into the exiting
domain and perhaps deferred the replication (this is a
choice during promotion to DC) -- then you tried to make
it a GC before that replication occurred.
Likely the REAL problem is that you aren't really replicating
(much of anything) proprerly so again, check DNS and use
DCDiag (see below....)
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)
netdiag /fix
....or maybe:
dcdiag /fix
(Win2003 can do this from Support tools):
nltest /dsregdns /server![:D]( ":D")
C-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/
Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.
Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.
Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
"Gina" <Gina@discussions.microsoft.com> wrote in message
news:82BC72AE-E4DC-4C81-8E92-671F63536058@microsoft.com...
> I may have accidently promoted a DC to host a GC for an empty domain with
no
> domain controllers.
There is no such thing.
If you did a DCPromo into a new domain, then
this would in fact be the first DC for that domain
(i.e., it did not exist before the promotion).
If you intended to add the DC to an existing domain,
just DCPromo it again (to non-DC first), then again
into the correct domain.
As to GC -- only a DC can become a GC and so you would
have to have at least one DC to make a GC anyway --
and if this is the only DC in the domain it really must
be the GC also.
> There are repeated messages in the event log for this DC
> stating how promotion to a GC has been delayed or that it cannot not occur
> because of precondition not being met.
>
> I want to cancel this request or do something to eliminate all these
> messages in the event log. They've been piling up for weeks now. Any
ideas?
Start by running DCDiag (probably /fix is a good idea too)
and double checking your DNS which is usually at the heart
of most replication problems (this is one of those) and most
authentication problems (which might be involved too.)
> Here is one such event, names of innocent marked by X:
>
> Event Type: Information
> Event Source: NTDS Replication
> Event Category: Replication
> Event ID: 1559
> Date: 3/18/2005
> Time: 2:50:35 PM
> User: Everyone
> Computer: DVADER
> Description:
> A request has been made to promote this DSA to a Global Catalog (GC). A
> precondition to becoming a GC is that this server host a read-only copy of
> all partitions in the enterprise. This server should hold a copy of
> partition DC=XXXX,DC=com but it does not. This system will not be promoted
to
> a GC until this condition is met.
My guess is that you did the DCPromo into the exiting
domain and perhaps deferred the replication (this is a
choice during promotion to DC) -- then you tried to make
it a GC before that replication occurred.
Likely the REAL problem is that you aren't really replicating
(much of anything) proprerly so again, check DNS and use
DCDiag (see below....)
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)
netdiag /fix
....or maybe:
dcdiag /fix
(Win2003 can do this from Support tools):
nltest /dsregdns /server
C-ServerNameGoesHerehttp://support.microsoft.com/kb/q260371/
Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.
Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.
Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
Archived from groups: microsoft.public.win2000.active_directory (More info?)
I do not know what I did, and you are probably right. The fact remains
however that I have repeated messages in the event log saying that promoting
this DC to a GC has been delayed, with the additional message regarding a
domain that is in the tree but has no DCs and, as far as I know, does not
really exist.
In one of these AD dialogs is a checkbox that says "this DC hosts the Global
Catalog"--or something like that. I think it got checked for this DC. AD is
trying to do it but cannot. The question is--can I stop the request?
Or--can I fulfill the condition that the event message I pasted in this
issue is asking? What does the message mean?
Many questions.
"Herb Martin" wrote:
> "Gina" <Gina@discussions.microsoft.com> wrote in message
> news:82BC72AE-E4DC-4C81-8E92-671F63536058@microsoft.com...
> > I may have accidently promoted a DC to host a GC for an empty domain with
> no
> > domain controllers.
>
> There is no such thing.
>
> If you did a DCPromo into a new domain, then
> this would in fact be the first DC for that domain
> (i.e., it did not exist before the promotion).
>
> If you intended to add the DC to an existing domain,
> just DCPromo it again (to non-DC first), then again
> into the correct domain.
>
> As to GC -- only a DC can become a GC and so you would
> have to have at least one DC to make a GC anyway --
> and if this is the only DC in the domain it really must
> be the GC also.
>
> > There are repeated messages in the event log for this DC
> > stating how promotion to a GC has been delayed or that it cannot not occur
> > because of precondition not being met.
> >
> > I want to cancel this request or do something to eliminate all these
> > messages in the event log. They've been piling up for weeks now. Any
> ideas?
>
> Start by running DCDiag (probably /fix is a good idea too)
> and double checking your DNS which is usually at the heart
> of most replication problems (this is one of those) and most
> authentication problems (which might be involved too.)
>
> > Here is one such event, names of innocent marked by X:
> >
> > Event Type: Information
> > Event Source: NTDS Replication
> > Event Category: Replication
> > Event ID: 1559
> > Date: 3/18/2005
> > Time: 2:50:35 PM
> > User: Everyone
> > Computer: DVADER
> > Description:
> > A request has been made to promote this DSA to a Global Catalog (GC). A
> > precondition to becoming a GC is that this server host a read-only copy of
> > all partitions in the enterprise. This server should hold a copy of
> > partition DC=XXXX,DC=com but it does not. This system will not be promoted
> to
> > a GC until this condition is met.
>
> My guess is that you did the DCPromo into the exiting
> domain and perhaps deferred the replication (this is a
> choice during promotion to DC) -- then you tried to make
> it a GC before that replication occurred.
>
> Likely the REAL problem is that you aren't really replicating
> (much of anything) proprerly so again, check DNS and use
> DCDiag (see below....)
>
>
> DNS for AD
> 1) Dynamic for the zone supporting AD
> 2) All internal DNS clients NIC\IP properties must specify SOLELY
> that internal, dynamic DNS server (set.)
> 3) DCs and even DNS servers are DNS clients too -- see #2
> 4) If you have more than one Domain, every DNS server must
> be able to resolve ALL domains (either directly or indirectly)
>
> netdiag /fix
>
> ....or maybe:
>
> dcdiag /fix
>
> (Win2003 can do this from Support tools):
> nltest /dsregdns /server![:D]( ":D")
C-ServerNameGoesHere
> http://support.microsoft.com/kb/q260371/
>
> Ensure that DNS zones/domains are fully replicated to all DNS
> servers for that (internal) zone/domain.
>
> Also useful may be running DCDiag on each DC, sending the
> output to a text file, and searching for FAIL, ERROR, WARN.
>
> Single Label domain zone names are a problem Google:
> [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
>
>
>
I do not know what I did, and you are probably right. The fact remains
however that I have repeated messages in the event log saying that promoting
this DC to a GC has been delayed, with the additional message regarding a
domain that is in the tree but has no DCs and, as far as I know, does not
really exist.
In one of these AD dialogs is a checkbox that says "this DC hosts the Global
Catalog"--or something like that. I think it got checked for this DC. AD is
trying to do it but cannot. The question is--can I stop the request?
Or--can I fulfill the condition that the event message I pasted in this
issue is asking? What does the message mean?
Many questions.
"Herb Martin" wrote:
> "Gina" <Gina@discussions.microsoft.com> wrote in message
> news:82BC72AE-E4DC-4C81-8E92-671F63536058@microsoft.com...
> > I may have accidently promoted a DC to host a GC for an empty domain with
> no
> > domain controllers.
>
> There is no such thing.
>
> If you did a DCPromo into a new domain, then
> this would in fact be the first DC for that domain
> (i.e., it did not exist before the promotion).
>
> If you intended to add the DC to an existing domain,
> just DCPromo it again (to non-DC first), then again
> into the correct domain.
>
> As to GC -- only a DC can become a GC and so you would
> have to have at least one DC to make a GC anyway --
> and if this is the only DC in the domain it really must
> be the GC also.
>
> > There are repeated messages in the event log for this DC
> > stating how promotion to a GC has been delayed or that it cannot not occur
> > because of precondition not being met.
> >
> > I want to cancel this request or do something to eliminate all these
> > messages in the event log. They've been piling up for weeks now. Any
> ideas?
>
> Start by running DCDiag (probably /fix is a good idea too)
> and double checking your DNS which is usually at the heart
> of most replication problems (this is one of those) and most
> authentication problems (which might be involved too.)
>
> > Here is one such event, names of innocent marked by X:
> >
> > Event Type: Information
> > Event Source: NTDS Replication
> > Event Category: Replication
> > Event ID: 1559
> > Date: 3/18/2005
> > Time: 2:50:35 PM
> > User: Everyone
> > Computer: DVADER
> > Description:
> > A request has been made to promote this DSA to a Global Catalog (GC). A
> > precondition to becoming a GC is that this server host a read-only copy of
> > all partitions in the enterprise. This server should hold a copy of
> > partition DC=XXXX,DC=com but it does not. This system will not be promoted
> to
> > a GC until this condition is met.
>
> My guess is that you did the DCPromo into the exiting
> domain and perhaps deferred the replication (this is a
> choice during promotion to DC) -- then you tried to make
> it a GC before that replication occurred.
>
> Likely the REAL problem is that you aren't really replicating
> (much of anything) proprerly so again, check DNS and use
> DCDiag (see below....)
>
>
> DNS for AD
> 1) Dynamic for the zone supporting AD
> 2) All internal DNS clients NIC\IP properties must specify SOLELY
> that internal, dynamic DNS server (set.)
> 3) DCs and even DNS servers are DNS clients too -- see #2
> 4) If you have more than one Domain, every DNS server must
> be able to resolve ALL domains (either directly or indirectly)
>
> netdiag /fix
>
> ....or maybe:
>
> dcdiag /fix
>
> (Win2003 can do this from Support tools):
> nltest /dsregdns /server
C-ServerNameGoesHere> http://support.microsoft.com/kb/q260371/
>
> Ensure that DNS zones/domains are fully replicated to all DNS
> servers for that (internal) zone/domain.
>
> Also useful may be running DCDiag on each DC, sending the
> output to a text file, and searching for FAIL, ERROR, WARN.
>
> Single Label domain zone names are a problem Google:
> [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
>
>
>
Archived from groups: microsoft.public.win2000.active_directory (More info?)
"Gina" <Gina@discussions.microsoft.com> wrote in message
news:0537363B-FFF7-42BB-8648-4107CAB3970F@microsoft.com...
> I do not know what I did, and you are probably right. The fact remains
> however that I have repeated messages in the event log saying that
promoting
> this DC to a GC has been delayed, with the additional message regarding a
> domain that is in the tree but has no DCs and, as far as I know, does not
> really exist.
>
> In one of these AD dialogs is a checkbox that says "this DC hosts the
Global
> Catalog"--or something like that. I think it got checked for this DC. AD
is
> trying to do it but cannot. The question is--can I stop the request?
>
> Or--can I fulfill the condition that the event message I pasted in this
> issue is asking? What does the message mean?
What I suggested was that you treat is as a failure to
replicated.
Investigate your DNS, etc. as indicated in my prior
post.
If that doesn't resolve the issue (make double sure
you fixed DNS) then (as long as you have another
fully functioning DC for this domain) DCPromo
the DC twice -- once to non-DC, again back to a
DC.
Note: if there is a replication problem, you may need
the /forceremoval switch when you run DCPromo
(from a command line or Start->Run).
DCPromo /forceremoval requires a later service pack
on Win2000 DCs.
"Gina" <Gina@discussions.microsoft.com> wrote in message
news:0537363B-FFF7-42BB-8648-4107CAB3970F@microsoft.com...
> I do not know what I did, and you are probably right. The fact remains
> however that I have repeated messages in the event log saying that
promoting
> this DC to a GC has been delayed, with the additional message regarding a
> domain that is in the tree but has no DCs and, as far as I know, does not
> really exist.
>
> In one of these AD dialogs is a checkbox that says "this DC hosts the
Global
> Catalog"--or something like that. I think it got checked for this DC. AD
is
> trying to do it but cannot. The question is--can I stop the request?
>
> Or--can I fulfill the condition that the event message I pasted in this
> issue is asking? What does the message mean?
What I suggested was that you treat is as a failure to
replicated.
Investigate your DNS, etc. as indicated in my prior
post.
If that doesn't resolve the issue (make double sure
you fixed DNS) then (as long as you have another
fully functioning DC for this domain) DCPromo
the DC twice -- once to non-DC, again back to a
DC.
Note: if there is a replication problem, you may need
the /forceremoval switch when you run DCPromo
(from a command line or Start->Run).
DCPromo /forceremoval requires a later service pack
on Win2000 DCs.
Related ressources:
- ForumGC not registered
- ForumReplacing Windows 2000 GC with 2003 GC
- ForumHow to promote a blog properly?
- ForumGC promotion
- ForumHelp removing PDC from domain and promoting a BDC - Server..
- ForumQuestions about promotions/demotions in Windows 2000 Nativ..
- ForumCannot Promote to Domain Controller
- ForumCannot promote member server to DC
- ForumDC, not a GC
- Forum7970 Ghz Edition vs Gtx 670 GC Factory Overclocked 4gb Edition
- ForumGelid GC -Extreme thermal paste
- Forum600w PSU = Galaxy gtx 670 gc ?
- ForumDoes asus en210 silent graphic card work on Asus P5 gc mx 1333
- ForumModem Problem on Upgraded P5 GC -Mx Mobo
- ForumP5 GC -MX/1333 333Mhz Problem
- ForumGalaxy GTX 660ti GC red screen problem
- ForumAsus p5 gc -mx problems
- ForumParallel and com ports not appearing in device manager
- Forumauthentication in AD problem
- ForumWin2k DC and RPC endpoint mapper problem
- More resources
!
