Stupidly, I attempted to join a new 2008 R2 DC to our domain the other day. I was doing it from a different site, but heck, should be no sweat, right?
Wrong.
DNS was good, name resolution worked, and the machine could join the domain, but why the dcpromo errors?
“failed to examine the active directory forest. the error was: the operation cannot conitnue because the ldap connect/bind operation failed: error: 58”
and
“the operation cannot continue because ldap connect/bind operation failed: error: 1326”
I tried various fixes and whatnots…and then stumbled across a little tidbit here that implied that the computer administrator (pre-domain) password might need to match the forest root domain administrator password.
Having exhausted all my other possibilities, I tried this - and did not expect any success.
But, WTFO! It worked. So now the question is, why?
3 comments:
Thanks for the tip. I accomplished the same thing by just disabling the local admin account. Weird... shouldn't have worked, but that's what seemed to fix it.
I was getting the same error 58 while running DCPROMO on a W2012R2 server on an IPV4-only network. Looking at the logs, I found errors in the system log that IPV6 adapters were failing to register. I resolved this by disabling the IPV6 transitional adapters:
netsh interface 6to4 set state disabled
netsh interface teredo set state disabled
netsh interface isatap set state disabled
That done, DCPROMO ran w/out any errors.
The tip from victor was the good one for me.
Thanks for sharing your experience. :)
Post a Comment