Remote Active Directory Installation Failed

[EntityAnomly]

I am not sure what the problem is maybe someone can help figure it out.

I have a remote office that we've been having issues with. There are about a dozen users out there with Win2000/XP computers. During the last couple of months they have been complaining that they cannot log into the domain because they get an error that reads something about the server not responding in a timely fashion.

They have a Windows 2000 server out at this location that was just setup as a file server for sharing files, so I thought I would set it up as a domain controller so that they could log into the domain locally instead of authenticating through the WAN link.

Now when I try to install Active Directory on this server I get an error similar to what the workstations have been getting when they can't logon.

======================
Active Directory Installation Failed

Binding to server SERVER1 using the supplied credentials failed

"The service did not respond to the start or control request in a timely fashion."
======================

In the past the only way I could fix this problem for the remote users was to physically reboot the PDC at our main office and then they could login again. I can't keep rebooting the PDC like this. Does anyone have some thoughts on what it could be?

 

[riser]

Walk me through what steps you're taking in detail.

At what point is this message coming up?
Starting a new domain, child domain, or joining a forest?

You'll need to grant an an account on that file server rights to join the domain, or use an existing account with rights to join computers/servers to the domain.

 

[EntityAnomly]

The error was coming up during the Active Directory Installation Wizard. I know the credentials were right so that is not the problem.

I was attempting to create a new child domain at the remote location.

The obsticle that seems to be getting me is that this remote server is running Windows 2000 server and I am trying to create a child domain in a Windows 2003 forest. I can't seem to find too much info out there about this(mostly how to add 2003 DCs to 2000 domains), so I'm not sure if it's possible.

Since then I have been able to reinstall AD making the Win2k server a DC under the root domain, but that still doesn't seem to be working 100% right. I can't get access to any of the users and computers or domains and trusts snapins. My global catalog server does see the 2000 server and recognizes it as a DC.

I am using my user account to authenticate all of this and I am part of the enterprise admins, schema admins, domain admins groups.

 

[riser]

I was talking with a consultant a month or so ago. He said getting 2000 to join a 2003 server is possible but it's not the route you want to go.

Creating a child domain isn't best practices but since you joined the root domain you're better off.

Did you create a Site and replicate permissions between the servers? Depending, this can take some time.

Your GPO will get pushed out to your new domain too so that might be something you have to look over.

As far as the trusts goes, in 2000 you'll have to manually create it as 2003 I believe will go ahead and automatically establish this (I think).

 

[EntityAnomly]

I did give up on the idea of a child domain.

Since then I have gotten the 2000 server to join the 2003 domain, but it won't replicate. I have sites setup for both, but they can't seem to connect to each other. Any ideas?

 

[riser]

What kind of connection between the two? Replication can take hours to days depending on the connection and how often it restarts the replication.

You created the sites.. you might need to manually create a trust. At this point I'm not really sure what might be causing your problem though.

 

[EntityAnomly]

The connection is a VPN Tunnel using DSL on their end and a T1 on our end. It seems to be a fairly quick connection.

It's true I did create sites, but how would I create a trust between 2 DCs that are part of the same domain? That doesn't sound right to me.