Problem adding second domain controller to SBS 2008
- by Quango
Have an SBS 2008 server in one location, and want to add a backup domain controller at a different site. The two sites are linked by a VPN.
New server is running Server 2008 R2, fully patched. At present it is a member server and the DNS is pointing at the SBS DNS.
When I try running DCPROMO to connect the server, the wizard runs fine up to the point where the wizard is 'configuring Active Directory Domain Services' and 'examining forest':
"The operation failed because:
The wizard could not read operational attributes from the remote Active Directory
Domain Controller SERVER.DOMAIN.LOCAL using LDAP.
"The specified server cannot perform the requested operation."
This error can occur if you have not been granted necessary permissions to read
data in the directory. For more information, please see article 936241 in the
Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=88420)."
I was logged on as domain administrator. Interestingly the link is invalid and the KB article does not exist..!
Settings:
Configure this server as an additional Active Directory domain controller for the domain "[domain]".
Site: [site]
Additional Options:
Read-only domain controller: "No"
Global catalog: Yes
DNS Server: Yes
Update DNS Delegation: No
Source domain controller: any writable domain controller
Database folder: C:\Windows\NTDS
Log file folder: C:\Windows\NTDS
SYSVOL folder: C:\Windows\SYSVOL
The DNS Server service will be configured on this computer.
This computer will be configured to use this DNS server as its preferred DNS server.