I need help with a problem similar to the post "ForestDNSZones or DomainDNSZones FSMO says “The role owner attribute could not be read”" by Chris Davis in this forum.
I have a Windows 2003 domain with a single domain controller and I need to add a second domain controller with Windows 2008. The process does not work because the tool adprep32.exe / domainprep shows an error: "Win32 Error Encountered Adprep. Error code: 0x57 Error message: The parameter is incorrect .. "
Checking in domain I see some problems. When I check "Operation Master" in the application "Active Directory Users and Computers", in the Infrastructure tab where it should show the name of the server that has that role instead of saying the name says ERROR. When I try to transfer it to the current domain controller says that the account does not have sufficient privileges although it is the default domain administrator account.
DCDiag command displays an error in the test KnowsOfRoleHolders "Warning: Could not resolve the PDC name for role. Infrastructure Update Owner. The name was Not Found Error. "
Using the command "seize infrastructure owner" at the ntdsutil tool gives the error: "Attempting safe transfer of infrastructure FSMO before seizure. ldap_modify_sW Error 0x32 (50 (Insufficient Rights). Ldap extended error message is 00002098: SecErr: DSID-03151D7D, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 Error returned is 0x2098 (Insufficient access rights to perform the operation.)) "
In the same window says that the domain controller has all the roles but says "Infrastructure role owner can not be found"
I would appreciate your help with this problem.