1

I'm replacing my domain controller with another domain controller with more efficient hardware and migrate from Server 2012 R2 to Windows Server 2019.

The first step I joined the new server to the domain. Then promoting the server to a domain controller shows this error:

Verification of prerequisites for Active Directory preparation failed.

Unable to verify whether schema master has completed a replication cycle after last reboot. Exception: Unavailable Critical Extension.

Server extended error: 8366. Server extended message: 000020AE: SvcErr: DSID-0321040C, problem 5010 (UNAVAIL_EXTENSION), data 8610 . Adprep failed to verify whether schema master has completed a replication cycle after last reboot. [Status/Consequence] The schema is not upgraded. [User Action] Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20231105012425-test directory for possible cause of failure.

Upon searching I found that I have residual for an older domain controller.

steps remove domain controller

I followed these steps and couldn't delete it.

I went to Active Directory Sites and Services to check and delete, which showed:

Windows cannot delete object LDAP://... because: A referral was returned from the server.

Active Directory Sites and Services

i can't delete server PRIME-PACS at all

How can I resolve this problem to add a new domain controller?

Improve this question
7
  • welcome, I don't get the point. did you already (successfully) joined a SDC to the PDC or not?
    – djdomi
    Nov 5 at 7:38
  • No, I can't promote a new domain to an existing domain till now but I could join the domain to the the existing domain controller
    – Hassan Bosha
    Nov 5 at 8:38
  • Sounds like your domain structure is still at a level too low for 2019 to support and it can't be upgraded due to replication issues. These need to be fixed first. Have you successfully transferred the FSMO roles to another server that's still there (schema master, domain name master, infrastructure master, RID master, PDC emulator)?
    – Zac67
    Nov 5 at 13:14
  • Yes all the fsmo belongs to the only one domain controller i ran netdom query fsmo all the roles belong to RosenfieldAD.office.rosenfielddwc.com
    – Hassan Bosha
    Nov 5 at 13:37
  • What research ash been done? i dont see here any afford - like Microsoft Tutorial Serverfault 1088120 Serverfault 550689 and a ton more - did you read that before posting?
    – djdomi
    Nov 5 at 15:36

1 Answer 1

Reset to default
1

Try a replication using the command line and see what happens

repadmin /syncall /AdeP

Improve this answer
2
  • PS C:\Users\Administrator> repadmin /syncall /AdeP Syncing all NC's held on RosenfieldAD. Syncing partition: DC=ForestDnsZones,DC=office,DC=rosenfielddwc,DC=com CALLBACK MESSAGE: Error contacting server CN=NTDS Settings,CN=PRIME-PACS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=rosenfielddwc,DC=com (network error): 1722 (0x6ba): The RPC server is unavailable. CALLBACK MESSAGE: SyncAll Finished. SyncAll reported the following errors: Error contacting server CN=NTDS Settings,CN=PRIME-PACS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config etc
    – Hassan Bosha
    Nov 20 at 13:55
  • Can you please provide the full output in a pastebin. That RPC error is worrying and worth investigating
    – Turdie
    Nov 20 at 14:03

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .