Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,516 questions
ADPrep Execution Failure
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 89%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVY%3C/text%3E%3C/svg%3E)
Vincent Young
0
Reputation points
I am trying to promote a virtual machine (10.0.0.242) to a domain controller, but I keep receiving this error:
ADPrep execution failed --> Microsoft.DirectoryServices.Deployment.ADPrepLdapException: No Such Object. Server extended error: 8333. Server extended message: 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of:
DC=contoso,DC=com
.
Adprep was unable to modify the security descriptor on object CN=Keys,DC=contoso,DC=com.
[Status/Consequence]
ADPREP was unable to merge the existing security descriptor with the new access control entry (ACE).
[User Action]
Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20240617114221 directory for more information..
Check the log files in the C:\Windows\debug\adprep\logs\20240617114221 directory for detailed information.
My current dc (10.0.0.241) is a physical server running 2016 standard. The virtual machine/server I am trying to promote is running server 2022 standard.
- Both servers can ping each other
- Both servers are on the same subnet
- Both servers have their DNS set to 10.0.0.241
- Schema is set to 88 on my current dc
- No replication errors are shown on my current dc
- I was able to promote a test physical server to a domain controller. I have cleared that server from the domain
Any help to figure out why this happening or how to fix it would be greatly appreciated. I can provide all logs, ipconfigs, replsum, etc.. to whoever wants to help.