Current setup: 3 x Windows 2003 R2 Enterprice domain controllers, a file server, Exchange 2003 single server and various other member servers. Clients running either Windows XP Pro SP2 or Windows 7 Pro SP1
The problem: Inability to promote a domain controller. Have to rely on Install From Media (IFM) to promote. Things fail when normal dcpromo is used and the same error appears: "Directory Object Not Found"
The probable cause: MS support found out that the "iscriticalsystemobject" attribute of the built-in admin account was set to False instead of True. Unable to change to True because it says the account is owned by SAM. This glitch most likely existed from Day 1.
Attempts: attempts to promote new DCs have obviously failed unless of course IFM is used. Attempt to conduct an in-place upgrade of a Windows 2003 DC to Windows 2008 DC and then use the IFM method to promote a Windows 2008 R2 DC have also failed. Due to different OS level versions.
Questions:
1) Are there any known fixes for this attribute problem with admin account?
2) if there are none, what is the next option? Create a new domain?
3) Should a new domain be started or a new forest?
4) Can the new domain/forest link to the old one to allow cross usage of resources as well as migration of AD objects?
5) If not will ADMT work? Will ADMT also bring over the nasty attribute issue as well?
6) Any suggestions where to go from here?