Error Status: 0xc000034.
Please shut down the system and reboot into Directory Services Restore Mode, check event log for more detailed information.
Additionally, at the time when the FSMO role was transferred to this Domain Controller, the system event log contains the following event:
- Denied RODC Password Replication Group
- Allowed RODC Password Replication Group
Note: DO NOT REBOOT the new FSMO role owner. Follow the below steps to create the missing RODC groups:
- Log on to the PDC emulator and open ADSIEdit.
- Navigate to CN=Server,CN=System,DC=<DOMAINNAME>
- Right-click on CN=Server and choose Properties.
- Highlight the samDomainUpdates value and click View
- Changed the value from the current value of FE to FA
- Click OK and Apply to save the changes.
- Open LDP.exe and click on Connection -> Bind and click OK to connect.
- Click on Browse -> Modify and enter the following information:
- DN: - leave blank
- Edit Entry Attribute: runSamUpgradeTasks
Note: Make sure that there is no space after runSamUpgradeTasks
- Operation: Add
- Click Enter on the Modify dialog and then click Run.
- Check if the groups now exist. The DC can now be rebooted and the blue screen will not longer appear.
Article ID: 2642837 - Last Review: May 28, 2014 - Revision: 1