Windows 2012 Verification of prerequisites for Domain Controller promotion failed

Windows 2012 Verification of prerequisites for Domain Controller promotion failed and gave the below error(In computer management local group and user option is not there as suggested by a solution!)
"Verification of prerequisites for Domain Controller promotion failed. The local Administrator account becomes the domain Administrator account when you create a new domain. The new domain cannot be created because the local Administrator account password
does not meet requirements.
Currently, the local Administrator password is blank, which might lead to security issues. We recommend that you press Ctrl+Alt+Delete, use the net user command-line tool, or use Local Users and Groups to set a strong password for the local Administrator
account before you create the new domain."

OK, the reason you see this error is because when you set up and configured your Windows R2 environment you may have logged into the OS with an account other than Administrator. So, if you created your log in account named Bob, this is throwing off the Server.
So, hit Ctrl-Alt-Delete, and look who you are logged in as, and then change the account you are logging in as and use the local Administrator account. What you may find is that the default Admin account password has not been set.
Check that out and see if that is what you are experiencing.
Best wishes

Similar Messages

  • Verification of prerequisites for Active Directory preparation failed

    We currently have Windows Server 2003 SBS, SP2, Domain Controller. Would like to add Windows Server 2012, Standard, 64-bit as a backup domain controller.
    "Verification of prerequisites for Active Directory preparation failed. Unable to perform Exchange schema conflict check for domain sxxxx.local.
    Exception: The RPC server is unavailable.
    Adprep could not retrieve data from the server name.xxxxx.local through Windows Managment Instrumentation (WMI).
    [User Action]
    Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20130417103902-test directory for possible cause of failure."
    What the log says is really:
    "Adprep encountered a Win32 error. Error code: 0x6ba Error messa The RPC server is unavailable."
    Can anyone has similar experience shred some lights to troubleshoot this? Have reviewed
    other links that have similar probems but that doesn't help. 
    Many Thanks!

    Of course I CANNOT remove Symnatec as Meinolf suggests. That would be out of my mind!! I tried to stop all their services though which doesn't help. I know this has nothing to do with Symantec. Here comes another test, the final one:
    Test 8
    This article is really good as it concludes very thoroughly about the problems about "800706BA - RPC Server Is Unavailable" and other WMI query issues:
    http://goo dot gl/l2iha
    I started looking at he ISA 2004 on our SBS 2003.
    Tried to disable the RPF Filter:
    a. Open Microsoft Internet Security and Acceleration Server 2004
    b. Go to Configuration > Add-in and location RPC Filter on the right side, right-click on it and select Properties, uncheck 'Enable this filter'
    c. Hit Apply....
    d. Now I go back to Windows 7 and test the WMI query.
    The result: it WORKS! 
    e. Next, I tried that on the Windows Server 2012 like so:
    c:>wmic /node:sbs2003servername computersystem list brief /format:list
    It also works!
    f. Next also on Windows Server 2012, I continued on what was left over.  I did the "Rerun prerequisites check " and no surprise - "All prerequisite checks passed successfully. Click 'Install' to begin installation"!
    Well that concludes the problem of installing Windows Server 2012 (standard) as a backup domain controller to a Windows SBS 2003 domain controller and the  troubleshooting process that finally led to a solution that solves my problem. Thanks for all
    the discussions over the web. Every bit counts!
    Well if this helps you in some way, give me some points to buy beer! I am going to have a drink with Bill, Cheers! 

  • Can we run domain controller windows 2008 32 bit and additional domain controller on 2003 server

    im my environment we are trying to upgrade from server 2k3 to 2k8, out testing done on server 2k3 to 2k8, but can we run domain controller windows 2008 32 bit and additional domain controller on 2003 server ...kindly suggest
    Nitin Gaurav
    [email protected]

    Yes you can. If you have two 2003 AD servers currently and upgrade one of them to 2008 AD then they'll continue to be able to work together. The domains functional level will remain as 2003 across both servers so at this stage you won't get any benefit from
    the new AD functionality available in 2008.
    Once you've then upgraded the second 2003 server to 2008 you can then upgrade the functionality levels in AD to make it 2008. It's been a while, but I believe it doesn't happen automatically, so once all AD servers have been upgraded you have to go into
    AD and upgrade the functionality levels yourself.

  • Pricing for VM running WS 2012 E R2 primarily as domain controller for ~5 clients

    Hi
    I am starting a small medical clinic, with only about 6 client PCs.  However, I  would like a domain network structure for security purposes moving forward rather than a workgroup.
    I'm looking at either purchasing a modest server (ie HP Proliant ml310) with windows server 2012 essentials r2 and using it locally (total cost ~$1500) or using a Windows Azure virtual machine to run the domain controller over a VPN.  We already use
    office 365 e3, so don't really need a local server for email, storage etc. I already have an old synology NAS that could be used for disk images etc that we would lose out on with the hosted server solution.
    Can someone verify my calculations for monthly cost estimate I tried using the calculator --1 small VM + 225 GB storage for the OS came to $65/month
    Would I be able to run it on the small virtual machine or would I need to go up to medium just for the OS?  If the later is the case it would definitely not be cost effective.
    Thanks for the help
    TM

    hi tdiddy,
    Thanks for posting!
    About VM and azure storage pricing , I suggest you could refer to this pricing details page and calculations fee:
    http://azure.microsoft.com/en-us/pricing/details/virtual-machines/
    http://azure.microsoft.com/en-us/pricing/details/storage/
    Also, for this billing question Please contact azure billing support team via
    http://www.windowsazure.com/en-us/support/contact/
    Hope it helps.
    Regards,
    Will
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • Certificate for Domain Controller Will not import

    Hi,
    I am having an issue importing a Certificate .crt file on a Windows Server 2008 R2 Domain Controller.  The Certiificate is needed for migrating our 2003 Domain Controllers to 2008r2.   When I try to use the command line to import the certificate
    using the following:
    I receive the following output:
    Cannot find object or property. 0x80092004 (-2146885628)  
    I also tried this command 
    certreq.exe -accept hostname.crt -machine   and received the same error.
    When I try to import the Certificate using the GUI it works but there is no "private key" found.   
    The Certificate was issued from Digicert.    
    Does anyone know how to resolve this so my certificate imports correctly with a private key intact?   
    Thanks,
    Kevin C.

    Here are the steps as explained by Digicert:
    How to Import and Export your SSL Certificate
    https://www.digicert.com/import-export-ssl-certificate.htm
    Note that I've used Digicert and haven't had a problem with the private key. If the private key's missing, there will be missing functionality. And also note, that Digicert's tech support is free and they are actually pretty good and can help almost immediately
    as soon as you call them. They've helped me a number of times.
    Give them a call 24/7: 1.801.701.9600
    Ace Fekay
    MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

  • Which Server Version for Domain Controller do I Need

    Hello
    We are currently running two domain controllers with Server 2003 on them.  We have a standard TCP/IP star topology networking  including web servers, files servers, sql, iis etc.
    We are upgrading 5 of our servers to 2012r2 and are using them as "host" servers for upgraded IIS (2012r2) and WebGrabber (2008r2) servers and these servers will be set up as virtual machines (the IIS and web grabbers) on the hosts.
    My question is will using Windows Server 2003 domain controllers cause issues in the advanced settings in 2012r2 and Hyper-V?  Should we upgrade our Domain Controllers and if so to what version?  2008r2 or 2012r2?
    Thanks!
    Theresa Greene
    Theresa Greene

    My question is will using Windows Server 2003 domain controllers cause issues in the advanced settings in 2012r2 and Hyper-V?  Should we upgrade our Domain Controllers and if so to what version?  2008r2 or 2012r2?
    At least Windows Server 2012
    I highly recommend to upgrade the Domain Controllers to at least Windows Server 2012.
    Besides the new functionality described by others in this thread, Windows Server 2012-based Domain Controllers (and beyond) offer virtualization safeguards, building on the VM-GenerationID offered by your new virtualization platform. This functionality helps
    to protect your Domain Controllers from USN rollbacks and Lingering Objects. It also unlocks the Domain Controller Cloning functionality, that may help you deploy your five Domain Controllers faster and more streamlined.
    More information:
    New features in AD DS in Windows Server 2012, Part 12: Virtualization-safe
    Active Directory 
    New features in AD DS in Windows Server 2012, Part 13: Domain Controller
    Cloning 
    Cases where VM-GenerationID doesn’t help make Active Directory virtualization-safe, Part

    Cases where VM-GenerationID doesn’t help make Active Directory virtualization-safe, Part
    2  
    Getting to Windows Server 2012
    In terms of getting your Active Directory to Windows Server 2012, there's good news and slightly bad news. The bad news is you can't in-place upgrade your Domain Controllers to Windows Server 2012. The good news: This makes the transition scenario
    more appealing.
    Instead of upgrading your Domain Controllers on their physical hardware, and, then, convert them to virtual machines, you can build new virtual Windows Server 2012 Domain Controllers, while your Windows Server 2003 Domain Controllers remain running.
    Then, when you're ready to get rid of your Windows Server 2003 Domain Controllers, you simply demote them and remove them from your network. I've written a detailed step-by-step on this:
    Transitioning your Windows Server
    2003 Domain Controllers to Windows Server 2012  

  • Windows Server 2008 - Group policy for domain client to start/stop services installed on it

    Hello Experts
    I am a newbie to windows server administration , though did a Google  , but ended up with these question with my requirements
    I have created a new domain and 2 client/computer (A & B namely) to domain . Now A & B has tomcat server running with port 8080 , 9090 which i have installed
    domain ADMIN account .
    && now i am want to start/stop/restart services enabled for domain users  !! How do i achieve this !!
    basic question : How can i access A & B tomcat services on DOMAIN CONTROLLER server to create a GPO and that are on (A & B)
    what is the easiest way to achieve the same , (if not using GPO)???
    similarly I am looking for many features : where I want to control the permission to user on (A & B ) like : If the binaries of tomcat is available on machine say : A , if the user can install (now
    it ask for ADMIN credentials) 
    Thanks
    Mike~Ed

    Controlling services with Group Policy is done under Computer Configuration\Policies\Windows Settings\Security Settings\System Services.
    The limitation is that system services can only see the services the computer running the Group Policy management console. To access other services, you will either need to create the services on your computer (install the software the adds the service)
    or install the remote server administration toolkit (RSAT) on the computer with the service already on it.
    If my answer helped you, check out my blog:
    Deploy Happiness

  • Windows 2012 Getting files ready for installation.....zzzzz

    Hi,
    I am using a windows 8.1 management workstation to manage my hyper-v 2012 R2 core server via Hyper-V manager.
    So I went to create my first Windows 2012 R2 STD with GUI, selected the Dell bootable ISO (6GB) and the installation has started.
    I wait 50 minutes and it has only done 33% of the install and it is sitting on "Getting files ready for installation":
    Is this normal?
    If it were being install on a physcial server I think it would be quicker.
    Can anyone explain to me how long this should take?
    My hyper-v server core runs on a Dell R720 quad core Intel CPU 2.4GHZ, it has SAS drives.
    My management workstation has an I7 2.2Ghz.
    Thanks in advance.
    Regards
    Alfred

    Hi Eric,
    thanks for your reply.
    As I am writing to you I am making a copy of an exported virtual machine and my windows 8 file explorer is telling my that it is copying it between 16-22 MB per second.
    I think it is slow.
    Once again here is the config on the PERC H310 controller on the Dell Poweredge R720 server with Hyper-V core 2012 R2:
    1 RAID 0 Virtual Disk with 1 x 7200RPM 2TB SAS drive (This is where the Hypervisor is installed)
    1 RAID 5 Virtual Disk with 3 x 7200RPM 2TB SAS drives (3.7TB storage used for VMs and VHDs)
    I read that the Dell Perc H310 raid controller is sort of OK in a RAID 1 config.
    But I also have a RAID 5 config which may suffer performance.
    I am coming to the conclusion I should have obtained a Dell Perc H710 raid controller because it has battery backup as well as 512 MB of cache that the H310 does not have.
    Thanks.
    Regards
    Alfred

  • Joining Windows 2012 Server to SBS 2011 Domain

    Hi All,
    I have been trying to get a new Windows 2012 Server to join a SBS 2011 domain. The error message I am getting is:
    The following error occurred attempting to join the domain: xxxx. The specified domain does not exist or could not be contacted.
    I have a bunch of other Windows 7/XP workstations that have joined successfully. I have also tried disabling TCP/IP v6 on the 2012 server and joining the domain with the netdom command. The SBS 2011 server is listed as the primary DNS server on the 2012
    server.
    What else can I try here?
    Thanks,
    DR.

    I am having the same issue has the OP. I have my DNS settings pointing to the sbs server that hosts the domain and DNS. I am receiving the same error.
    Server 2012 R2 Standard
    SBS 2011 Essentials
    Jerry T

  • Windows 2012 server security checklist for corporate company standard/recommended check-list

    Hello All,
    Good Day.
    I am looking for Windows 2012 server security checklist (standard hardening
    settings), would you kindly assist me by providing Wintel 2012 standard/recommended check-list ASAP?
    Thanks in advance.

    Hi,
    The Microsoft Security Compliance Manager 3.0 tool is designed to provide you with an end-to-end solution to help you plan, deploy, and monitor security baselines for computers running Windows Server 2012 in your environment.
    For more detailed information, please refer to the articles below:
    Windows Server 2012 Security Baseline
    http://technet.microsoft.com/en-us/library/jj898542.aspx
    Security Hardening Tips and Recommendations
    http://social.technet.microsoft.com/wiki/contents/articles/18931.security-hardening-tips-and-recommendations.aspx
    Regards,
    Mandy
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • SCCM 2012 is not listing the domain controller servers in the "All Systems" collection

    How can I change that? Do I need to move the system from the domain controllers group to computers in AD?

    If you intend to use client push for domain controllers the client push account must be a domain admin account. I suggest just manually installing the client on the domain controllers instead.
    John Marcum | Microsoft MVP - Enterprise Client Management
    My blog: System Center Admin | Twitter:
    @SCCM_Marcum | Linkedin:
    John Marcum

  • Is it possible to bypass Domain Controller Promotion (dcpromo) Hard Drive Check? My Server has an embedded drive instead of a SATA port. (emmc)

    I have a small computer with just an embedded drive instead of a sata port. It seemed perfect for a small domain controller, since it has 32G's which is more than enough space, and with a gigabit Ethernet, and 1.6Ghz dual core cpu, seemed more than enough
    for what I needed.
    Windows 2012, or Windows Server Technical Preview, both install fine on it, but when I run dcpromo to create the domain It fails on selecting the location for files. The error is that the path is not a hard drive. The machine only has USB ports so I can't
    add a SATA drive just to store these logs/configs, even if I wanted to.  
    The actual computer I was trying to use: http://www.ecs.com.tw/LIVA/
    Thanks for any help.

    On the Windows Server Technical Preview, 
    Install-ADDSForest -SkipPreChecks -DomainName DOMAIN.CONTOSO.COM -DomainMode Win2008 -ForestMode Win2008R2 –DatabasePath "C:\Windows\NTDS" –SYSVOLPath "C:\Windows\NTDS" –LogPath "C:\Windows\NTDS\Logs"
    gives me the error "No NTFS 5 drives exit." (note exit, not exist)
    I'll reinstalling windows 2012 and see if I get a different message there.
    This was just a standard install, so the drive is definitely NTFS.

  • Domain Controller Authentication Fail Since Upgrade

    When I boot my Mac Pro at the office, the network's domain controller prompts me for my domain login. Since upgrading to Yosemite, the domain controller rejects my credentials. However, I can go to "Connect To Server" and browser the entire network despite the domain controller not authenticating me as a user.
    To summarize, since switching to Yosemite:
    1. Can't login to the network when I submit my credentials
    2. Can browse the network without my credentials
    My theory is that the only reason #2 works is because #1 is working but Yosemite is just mistakenly telling me I wasn't authenticated.
    So what's the problem you may ask if I can browse the network anyway? The problem is that I can't mount any of the network drives to my desktop because Yosemite doesn't think I'm authenticated to do such. If I can solve this authentication problem, then I should get my mounted network drives back.
    Thanks in advance.

    Hi,
    TEST: Basic (Basc)
                      Warning: Adapter 00:0D:3A:00:0D:01 has dynamic IP address
                      (can be a misconfiguration)
    Do you have any NIC conifgured to get dynamic IP on your DC which is having issue? If yes, please disable that NIC. Also, please provide me the result of the below
    1) On your DC which is having issue, run "ipconfig /all"
    2) Repadmin /showrepl
    Thanks,
    Umesh.S.K
    Thanks, there is only 1 nic card. It is getting a dhcp address because this is an AZURE Hyper-v machine and I have set an IP reservation for it. I have no way to hardcode the IP because it gets shut off/on all the time
    C:\Users\Administrator>repadmin /showrepl
    Repadmin: running command /showrepl against full DC localhost
    Default-First-Site-Name\GP2010-A
    DSA Options: IS_GC
    Site Options: (none)
    DSA object GUID: 007c755c-f56c-4e51-a211-fd4431f63927
    DSA invocationID: 007c755c-f56c-4e51-a211-fd4431f63927

  • Enable the UAC settings for Domain Controller / Member servers and for end user systems

    Hi
    We are working on hardening the security for all Domain Controllers / Member Servers and end users systems. As part of it we would like to know the best practice for UAC settings for each of these servers. There are 8 settings related to UAC and as of now
    we configured just "User Account Control: Behavior of the elevation prompt for standard users" as disabled for the servers OU. Also not sure about other settings and how it affect the normal operations like installing Windows updates / applications
    through SCCM or manually on servers or end user systems and other stuffs.
    We are looking for experts opinion on this. Thanks in advance
    LMS

    Hi LMS,
    Would you please let us know the current situation? Just check if Martin’s suggestion was helpful for you.
    If any updates, please feel free to let us know.
    Just additional. Please refer to the
    User Account Control Grouping in the following article. It will provide some links about those different UAC settings. Please click those links and read related articles. In these articles, will provide
    Security considerations that may help you to configure those settings.
    Security Options
    http://technet.microsoft.com/en-us/library/jj852268.aspx
    Hope this helps.
    Best regards,
    Justin Gu

  • ITunes won't download to my laptop, its an MSI and has windows 7. It works for everything but iTunes fails to download, help please

    iTunes wont download to my laptop,its an MSI and has windows 7, its works for everything else. Please help

    Do you get an error message when you try to download iTunes? If so, what does it say? (Precise text, please.)

Maybe you are looking for