We have an offsite location that I am trying to promote a member server to DC; we are using a SonicWall Site to Site VPN; confirmed all ports are allowed for AD DS.
I have been able to join the new VM to the domain; can ping the current DC by IP, Hostname and FQDN. NSLookup correctly finds the DC as well. I receive an Access Denied error; I have checked the DefaultDC Policy settings and confirmed permissions correctly setup. Cleaned METAdata from an old instance from the previous IT. Attempted IMF install. At a loss right now.
Main DC - 10.66.200.196
Member Server - 10.243.159.217
See the error below from DCPromo Logs.
dcpromoui D14.F70 230B 10:29:06.326 posting message to progress windowdcpromoui D14.F3C 230C 10:29:06.326 Enter State::GetOperationResultsCode FAILURE
dcpromoui D14.F3C 230D 10:29:06.326 OPERATION FAILED
dcpromoui D14.F3C 230E 10:29:06.326 Enter State::GetOperationResultsCode FAILURE
dcpromoui D14.F3C 230F 10:29:06.326 Enter State::GetUserCancelled false
dcpromoui D14.F3C 2310 10:29:06.326 Enter State::IsOperationRetryAllowed
dcpromoui D14.F3C 2311 10:29:06.326 true
dcpromoui D14.F3C 2312 10:29:06.326 Info:
dcpromoui D14.F3C 2313 10:29:06.326 performed state 28, next state 29
dcpromoui D14.F3C 2314 10:29:06.326 Enter FailedFunct
dcpromoui D14.F3C 2315 10:29:06.326 Enter State::GetOperationResultsCode FAILURE
dcpromoui D14.F3C 2316 10:29:06.326 FAILURE
dcpromoui D14.F3C 2317 10:29:06.326 performed state 29, next state 30
dcpromoui D14.F3C 2318 10:29:06.326 Enter FinishFunct
dcpromoui D14.F3C 2319 10:29:06.326 Enter State::GetFailureMessage The operation failed because:
A domain controller could not be contacted for the domain xyz.local that contained an account for this computer. Make the computer a member of a workgroup then rejoin the domain before retrying the promotion.
"Access is denied."