Article ID: 2738697 - View products that this article applies to.
Consider the following scenario. You configure a server that is running Windows Server 2012 from a workgroup as a domain controller by using Server Manager. Then, you click the Select button on the Deployment Configuration page. In this scenario, your receive the following error message:
Encountered an error contacting domain contoso.
The server is not operational.
Note You have LDAP, RPC, and DNS connectivity and can contact all existing domain controllers without issue for other operations.
This issue occurs because NTLM authentication is disabled either in the domain or on the domain controllers.
To resolve this issue, join the server to the domain, and then configure the server to be a domain controller. After you join the server to the domain, the Active Directory Domain Services (AD DS) Wizard in Server Manager uses Kerberos authentication instead of NTLM authentication to browse the AD DS forest.
For more information about how to disable NTLM authentication in domains in Windows Server 2008 R2 and later versions, go to the following Microsoft TechNet websites:
Introducing the Restriction of NTLM Authentication
NTLM Blocking and You: Application Analysis and Auditing Methodologies in Windows 7