Trying to wrap powershell around DCPROMO for remote WS2k8R2 promotion

This topic contains 2 replies, has 1 voice, and was last updated by  Diego Vasquez 1 year, 12 months ago.

  • Author
    Posts
  • #31099

    Diego Vasquez
    Participant

    Hi,
    I am trying the code fragment below to try to wrap Powershell around DCPRomo to promote a new domain controller in an existing domain, I am able to build the unattend file, pass it to the remote server, then use the invoke-command to start DCPromo succesfully.
    But DCPromo itself is failing with the error (second quote below)

    $AdminCred=Get-Credential -Message 'Please provide user credentials with privileges for AD Promotion'
    $AdminUsername = $admincred.username
    $AdminPassword = $AdminCred.GetNetworkCredential().password
    Invoke-Command -Session $s -ScriptBlock {param($AdminUsername,$AdminPassword) dcpromo.exe /unattend:$MyUnattend /UserName:"$AdminUsername" /Password:"$AdminPassword"}

    Below the specific error:

    dcpromoui 974.314 020C 09:50:42.692 Enter CLdapOperationConnect::Execute target=$(domainDnsName), options=0x10
    dcpromoui 974.314 020D 09:50:42.708 DsGetDcNameW() returned TESTAD2K8.contoso.com
    dcpromoui 974.314 020E 09:50:42.723 Calling ldap_bind_sW(ld, NULL, pCreds, 1158)
    dcpromoui 974.314 020F 09:50:42.739 LDAP connect(TESTAD2K8.contoso.com) succeeded
    dcpromoui 974.314 0210 09:50:42.739 _lastLdapError_ < - "0" dcpromoui 974.314 0211 09:50:42.739 Enter CLdapOperationRead::Execute dcpromoui 974.314 0212 09:50:42.739 ldap_search("", 0, "objectClass=*", "defaultNamingContext;configurationNamingContext;schemaNamingContext;rootDomainNamingContext;dsServiceName;domainControllerFunctionality;domainFunctionality;forestFunctionality;tokenGroups;dnsHostName") dcpromoui 974.314 0213 09:50:42.755 _lastLdapError_ <- "1" dcpromoui 974.314 0214 09:50:42.770 ldap_search() failed, err=1 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1 dcpromoui 974.314 0215 09:50:42.770 ***** EXCEPTION: 8007006e ldap_search() failed, err=1 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1 dcpromoui 974.314 0216 09:50:42.770 Enter CLdapOperationDisconnect::Execute dcpromoui 974.314 0217 09:50:42.770 ExecuteScript() failed: ldap_search() failed, err=1 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1 dcpromoui 974.314 0218 09:50:42.770 ExamineForest failed. The error is ldap_search() failed, err=1 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1 dcpromoui 974.314 0219 09:50:42.770 performed state 11, next state 37 dcpromoui 974.314 021A 09:50:42.770 Enter State::GetHadNonCriticalFailures dcpromoui 974.314 021B 09:50:42.770 bHadNonCriticalFailures = false dcpromoui 974.314 021C 09:50:42.770 Enter State::UnbindFromReplicationPartnetDC dcpromoui 974.314 021D 09:50:42.770 Exit code is 78 dcpromoui 974.314 021E 09:50:42.770 Failed to examine the Active Directory forest. dcpromoui 974.314 021F 09:50:42.770 closing log dcpromoui 974.314 0031 09:50:42.786 Exit code is 78 dcpromoui 974.314 0032 09:50:42.786 closing log

  • #31100

    Diego Vasquez
    Participant

    I forgot to mention, the exact command when executed locally works just fine.

  • #31105

    Diego Vasquez
    Participant

    Nevermind, figured what the error was and it is the damned parameter variable passing of the Invoke-Command. It now looks like:

    Invoke-Command -Session $s -ScriptBlock {param($AdminUsername,$AdminPassword) dcpromo.exe /unattend:$MyUnattend /UserName:"$AdminUsername" /Password:"$AdminPassword"} -ArgumentList $AdminUsername, $AdminPassword

You must be logged in to reply to this topic.