[INFO] DnsDomainName chilld contoso.localThis issue occurs when the following conditions are true:
[INFO] FlatDomainName child
[INFO] SiteName Default-First-Site-Name
[INFO] SystemVolumeRootPath C:\Windows\SYSVOL
INFO] DsDatabasePath C:\Windows\NTDS, DsLogPath C:\Windows\NTDS
[INFO] ParentDnsDomainName contoso.local
[INFO] ParentServer <helper DC>.contoso.local
[INFO] Account contoso\administrator
[INFO] Options 5243072
[INFO] Validate supplied paths
[INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause
[INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
A security package specific error occurred. 1825directory service:
Could not find the domain controller for this domain. (1908)
[INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
Domain controller: <DC name>.<DNS domain name>.<top level domain name>
1908 Could not find the domain controller for this domain.
- NetBIOS over TCP/IP is disabled. This occurs in the following situations:
Disable NetBIOS over TCP/IP option is not selected in Networks panel, the WINS tab in the Advanced TCP/IP Settings of IPv4 properties.
NetBIOS over TCP/IP is disabled on the DHCP Server.
The computers are using IPv6 configuration only.
- "Short" credential names is used in the Credential UI or in the domain controller promotion answer file.
The Dcpromo.log earlier in this section indicates an ERROR_DOMAIN_CONTROLLER_NOT_FOUND error is returned from the DRS bind call when the promotion process is setting up to replicate the first naming context.
In this case, Kerberos cannot locate a domain controller to authenticate with by using the specified credentials. For example, the specified credentials is "wolf\administrator" instead of a "long" DNS credentials like wolf.com\administrator. In the credential, "wolf" is the NetBIOS name of the domain hosting the administrator account.
- The computer consider it is joined to the domain.
- You will have the option to log on to the child domain but the logon will fails.
- If you log on to the computer locally, the ADDS and AWDS services is disabled. The Netlogon.exe process is not started and the startup value is set to manual identical, such as the default setting for a member workstation.
- End the Server Manager process in Task Manager.
Note This step closes the Active Directory Domain Services Configuration Wizard. When the issue occurs, the cancel button in the UI does not work. Additionally, ending the Active Directory Domain Services Configuration Wizard in Task Manager also does not work.
- When you promote the computer as a domain controller again, use one of the following workarounds:
- Specific "long" credentials, for example, <domain>\administrator, in the promotion wizard or the promotion answer files.
- On Windows 8.1 and Windows Server 2012 R2 computers, configure the DNS search suffixes, so that when the DNS search suffixes are concatenated with the provided NetBIOS domain name, they can be resolved to the fully qualified DNS name of the Active Directory domain that hosts the user account being used to perform the authenticated operation.
Note This assumes that the NetBIOS name that is specified in credential "UI" matches the left-most part of the target accounts DNS domain name.
- Join the computer being prompted as a member computer in the target domain, and then retry the promotion.
- Temporarily enable NetBIOS over TCP/IP in order to complete the promotion.
Article ID: 2948052 - Last Review: 31 Mar 2014 - Revision: 1