When you run Dcpromo, your receive one of the following:
Active Directory Installation Failed: The operation failed with the following error: The system cannot find the file specified. New Credentials. The operation failed with the following error: "Access is denied". These error messages can be caused by one or more of the following conditions: The absence of the default Ntds.dit file. Incorrect permission on the default Ntds.dit file. Incorrect permissions on an existing NTDS folder structure.When you install a Windows 2000 server, regardless of the product or its role, a model Ntds.dit files is located at %SystemRoot%\System32. When you promote a server, the actual Ntds.dit file is created at %SystemRoot%\Ntds.
If you received the The system cannot find the file specified message, the %SystemRoot%\System32\Ntds.dit (default) file is missing. The simplest fix is to expand Ntds.di_ from any server CD.
NOTE: Check the %SystemFolder%\Debug\Dcpromo.log to see if this was the problem.
If you receive the Access is denied error, verify that the following permissions are set:
System32\Ntds.dit BUILTIN\Users: Read \[RX\] BUILTIN\Power Users: Read \[RX\] BUILTIN\Administrators: Full Control \[ALL\] NT AUTHORITY\SYSTEM: Full Control \[ALL\] Everyone: Read \[RX\] %SystemRoot%\Ntds BUILTIN\Users: Special Access \[RX\] BUILTIN\Power Users: Special Access \[RWXD\] BUILTIN\Administrators: Special Access \[A\] NT AUTHORITY\SYSTEM: Special Access \[A\] CREATOR OWNER: %SystemRoot%\Ntds\Drop (only if \Drop exists) BUILTIN\Users: Special Access \[RX\] BUILTIN\Power Users: Special Access \[RWXD\] BUILTIN\Administrators: Special Access \[A\] NT AUTHORITY\SYSTEM: Special Access \[A\] CREATOR OWNER: Special Access \[A\]NOTE: Check the %SystemFolder%\Debug\Dcpromo.log to see if this was the problem.
NOTE: After successful promotion, the following permissions should exist:
%SystemRoot%\Ntds NT AUTHORITY\SYSTEM: Special Access \[A\] BUILTIN\Administrators: Special Access \[A\] %SystemRoot%\Ntds\Drop NT AUTHORITY\SYSTEM: Special Access \[A\] BUILTIN\Administrators: Special Access \[A\]
0 comments
Hide comments