JSI Tip 8468. You are unable to promote a Windows 2000 server to a domain controller in a Windows Server 2003 domain?

When you try to promote a Windows 2000 server to a domain controller in a Windows Server 2003 domain, you receive an error similar to:

The operation failed because the directory service failed to create the server object for CN=NTDS Settings,CN=<ServerName>,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=<DomainName>,DC=<COM> on server name of source domain controller. Please ensure that the network credentials provided have sufficient access to add a replica.

The error message ends with one of the following sentences:

Indicates two revision levels are incompatible.

An error with no description has occurred.

The Directory Service Event log may contain:

Event ID: 1168
Source: NTDS General
Type: Error
Description: Error - 1073741823(c0000001) has occurred (Internal ID 3000b1a). Please contact Microsoft Product Support Services for assistance.

This behavior will occur if the domain functional level and/or the forest functional level is too high for a Windows 2000 domain controller.

To determine the current functional level:

1. Open Active Directory Users and Computers on a Windows Server 2003 domain controller.

2. Right-click the domain in the left-hand pane and press Properties.

3. The Domain function level and Forest functional level appear on the General tab.

If either of the functional levels is Windows Server 2003, you must upgrade the Windows 2000 Server to Windows Server 2003 before it can be promoted, because Windows 2000 does not support the features introduced when YOU raised the functional level.

NOTE: You cannot lower the current functional level.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.