Adding Windows 2003 SP1 to existing Active Directory Domain – urgent

Active Directory
Microsoft Windows
SQL Server
I have a domain consisting of 1 PDC, and 1 BDC. Those 2 were 2000 servers. I am introducing a 2003 server to host Exchange, and cannot add it to the existing doman w/Active Directory. I ran the adprep tool, and it was successful. The error I get on the 2003 Server is "The operation failed because: The Active Directory Installation Wizard was unable to convert the computer account XXX to a domain controller account. "Access is Denied." Type the username and password of an account with sufficient priveliges to create an additional domain controller for the domain." Now, I am the NA, so I have sufficient priveliges, but it does not work. I even used the Administrator account, and that does not work either. So, I decided to upgrade (earlier than planned) my PDC to 2003 server thinking that would eliminate the problem. The upgrade went fine, but I'm still getting the same error. Actually, I have a NAS that has 2003 Appliance Server on it, and it has the same problem. You may email me directly at Please help!!! TIA!!!

Answer Wiki

Thanks. We'll let you know when a new response is added.


I’m curious as to why your running ADPrep on a member server? ADprep is a utility which prepares or sets the ground work for new W2K3 AD domains or forests. This utility is run from a DC and is run only once from either the infrastructure master (domain) or schema master (forest). All other servers, member servers or additional DC’s can simply be added through systems properties => computer name tab and click network ID to start the wizard. In your case your server thinks it needs to be a DC which is why your getting the error.

Try removing it completely from the domain, wait 15 minutes for replication or force replication (as a precaution, shouldn’t really have to) and re-add it as a member server without running ADprep.

Good luck!

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Astronomer
    Why do you want the exchange server to be a domain controller? Microsoft discourages using exchange on a domain controller. Are you running in native 2000 mode? Also PDC and BDC don't have the same meanings they had for NT. You have several single purpose master roles, see: Our exchange upgrade from 5.5 to 2003 went with minimal problems but we didn't try to make it a domain controller. rt
    15 pointsBadges:
  • KingConan
    You can remove the domain controller role to return it to a member server without rebuilding the machine, since you ran adprep to begin with. Kevin
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: