Skip navigation
Menu
Compute Engines

JSI Tip 4257. Dcpromo generates 'The system cannot find the file specified' or 'Access is denied'?


When you run Dcpromo, your receive one of the following:

Active Directory Installation Failed:
The operation failed with the following error:
The system cannot find the file specified. 

New Credentials.
The operation failed with the following error: "Access is denied". 
These error messages can be caused by one or more of the following conditions: 
The absence of the default Ntds.dit file.

Incorrect permission on the default Ntds.dit file.

Incorrect permissions on an existing NTDS folder structure.
When you install a Windows 2000 server, regardless of the product or its role, a model Ntds.dit files is located at %SystemRoot%\System32. When you promote a server, the actual Ntds.dit file is created at %SystemRoot%\Ntds.

If you received the The system cannot find the file specified message, the %SystemRoot%\System32\Ntds.dit (default) file is missing. The simplest fix is to expand Ntds.di_ from any server CD.

NOTE: Check the %SystemFolder%\Debug\Dcpromo.log to see if this was the problem.

If you receive the Access is denied error, verify that the following permissions are set:

System32\Ntds.dit 
BUILTIN\Users:             Read \[RX\]
BUILTIN\Power Users:       Read \[RX\]
BUILTIN\Administrators:    Full Control \[ALL\]
NT AUTHORITY\SYSTEM:       Full Control \[ALL\]
Everyone:                  Read \[RX\] 

%SystemRoot%\Ntds
BUILTIN\Users:             Special Access \[RX\]
BUILTIN\Power Users:       Special Access \[RWXD\]
BUILTIN\Administrators:    Special Access \[A\]
NT AUTHORITY\SYSTEM:       Special Access \[A\]
CREATOR OWNER:   

%SystemRoot%\Ntds\Drop  (only if \Drop exists)
BUILTIN\Users:             Special Access \[RX\]
BUILTIN\Power Users:       Special Access \[RWXD\]
BUILTIN\Administrators:    Special Access \[A\]
NT AUTHORITY\SYSTEM:       Special Access \[A\]
CREATOR OWNER:             Special Access \[A\]
NOTE: Check the %SystemFolder%\Debug\Dcpromo.log to see if this was the problem.

NOTE: After successful promotion, the following permissions should exist:

%SystemRoot%\Ntds
NT AUTHORITY\SYSTEM:       Special Access \[A\]
BUILTIN\Administrators:    Special Access \[A\]

%SystemRoot%\Ntds\Drop
NT AUTHORITY\SYSTEM:       Special Access \[A\]
BUILTIN\Administrators:    Special Access \[A\]


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023