Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. "Server is not operational" error message if you run New-AdDcCloneConfigFile in Windows Server 2012

"Server is not operational" error message if you run New-AdDcCloneConfigFile in Windows Server 2012

View products that this article applies to.

Symptoms

Assume that you are using the Virtualized Domain Controller (VDC) cloning feature introduced in Windows Server 2012. If you run the New-AdDcCloneConfigFile Windows PowerShell cmdlet to clone a domain controller (DC), you receive the following error message:
Starting PDC test: Verifying that the domain controller hosting the PDC FSMO role is running Windows Server 2012 or later...
Passed: The domain controller hosting the PDC FSMO role (DC2-FULL.root.fabrikam.com) was located and running Windows Server 2012 or later.

Verifying authorization: Checking if this domain controller is a member of the 'Cloneable Domain Controllers' group...
Located the local domain controller: (DC2-FULL.root.fabrikam.com).

New-ADDCCloneConfigFile : The server is not operational
At line:1 char:1
+ New-ADDCCloneConfigFile
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ReadError: (Get-AdPrincipal...server:String) [New-ADDCCloneConfigFile], CmdletInvocationException
FullyQualifiedErrorId : 0,MIcrosoft.ActiveDirectory.Management.Commands.Newaddccloneconfigfile

Warning: The local domain controller is not a member of any groups

↑ Back to the top

Cause

This problem occurs because the server cannot contact a Global Catalog server.

↑ Back to the top

Resolution

To resolve this problem, make sure that the following conditions are true:
  • A Global Catalog server is available.
  • The server on which this problem occurs can reach the Global Catalog server through TCP ports 3268 and 3269.

↑ Back to the top

More information

If you expect that a Global Catalog server will not be available when you run the New-AdDcCloneConfigFile cmdlet, add the -offline argument to the cmdlet. After you add this argument, the cmdlet no longer checks environmental settings, such as server availability.

During the cloning operation, a clone contacts the PDC emulator (PDCe) by using the RPC network protocol, and then validates the "Allow a DC to create a clone of itself" permission. This permission is usually granted through membership in the Cloneable Domain Controllers group. Therefore, make sure that the PDCe has replicated this group membership inbound. The PDCe does not have to be a Global Catalog server to perform the cloning operation. The Global Catalog server behavior in the cmdlet is used only in the server's internal tests, not in the cloning architecture itself.

↑ Back to the top

Keywords: KB2745013

↑ Back to the top

Article Info
Article ID : 2745013
Revision : 7
Created on : 9/19/2012
Published on : 9/19/2012
Exists online : False
Views : 292