role owner attribute could not be read

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I'm trying to remove Active Directory from my Windows 2000 Server by running
dcpromo on a domain controller that is a child domain in an existing domain
tree. Eventually I get an error saying

"The operation failed because the remote attempt at server x.y.com (my root
of the domain tree) to remove domain DC=z, DC=y, DC=com (the domain
controller to remove AD) for the enterprise failed.

'The role owner attribute could not be read'".

Any ideas how to fix that?

I appreciate your time.

--
Victor

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I corrected this problem by setting the child domain controller's primary
DNS address to itself.

However, here's the new message that I get:

"The operation failed because
The directory Service failed to replicate off changes made locally.
'The DSA operation is unable to proceed because of a DNS lookup failure'"

Does anybody know what that means and what could be the solution?

Thanks.


"v yelsukov" <please@postinnewsgroup> wrote in message
news:%23fxxMfHmFHA.3900@TK2MSFTNGP09.phx.gbl...
> I'm trying to remove Active Directory from my Windows 2000 Server by
running
> dcpromo on a domain controller that is a child domain in an existing
domain
> tree. Eventually I get an error saying
>
> "The operation failed because the remote attempt at server x.y.com (my
root
> of the domain tree) to remove domain DC=z, DC=y, DC=com (the domain
> controller to remove AD) for the enterprise failed.
>
> 'The role owner attribute could not be read'".
>
> Any ideas how to fix that?
>
> I appreciate your time.
>
> --
> Victor
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

"" wrote:
> I'm trying to remove Active Directory from my Windows 2000
> Server by running
> dcpromo on a domain controller that is a child domain in an
> existing domain
> tree. Eventually I get an error saying
>
> "The operation failed because the remote attempt at server
> x.y.com (my root
> of the domain tree) to remove domain DC=z, DC=y, DC=com (the
> domain
> controller to remove AD) for the enterprise failed.
>
> 'The role owner attribute could not be read'".
>
> Any ideas how to fix that?
>
> I appreciate your time.
>
> --
> Victor

is it correct you have a root domain with a child domain and you are
trying to demote the LAST DC from the child domain?

If yes and you checked "this is the last DC..." (or something like
that..) then the DC also removes the child domain from the forest. To
succeed it must contact the Domain Naming Master FSMO.

To see who where the FSMO roles are hosted use:
netdom query FSMO.

Check the event logs of the FSMO owner (domain naming master) and rnu
DCDIAG /V to see if something is wrong

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/Active-Directory-role-owner-attribute-read-ftopict404309.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1339934

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

1) How many DC's do we have in the root domain. Is the replication working
fine between those DC's.

2) Was there any DC in the parent which has exchange and that DC failed. If
so then do a metadata cleanup of that server and then try to dcprmo.

3) Also try to move the forest roles(schema master and domain naming master)
to another server and then try.

"v yelsukov" wrote:

> I'm trying to remove Active Directory from my Windows 2000 Server by running
> dcpromo on a domain controller that is a child domain in an existing domain
> tree. Eventually I get an error saying
>
> "The operation failed because the remote attempt at server x.y.com (my root
> of the domain tree) to remove domain DC=z, DC=y, DC=com (the domain
> controller to remove AD) for the enterprise failed.
>
> 'The role owner attribute could not be read'".
>
> Any ideas how to fix that?
>
> I appreciate your time.
>
> --
> Victor
>
>
>