Having Issues Promoting a New Domain Controller over VPN?

Sometimes running dcpromo on a new server across a VPN will fail. Instead of looking for a new career, it's easier to use an "Install From Media" method to promote the new DC. In this scenario, you are promoting the new server with a file from an existing Global Catalog (GC) that contains all of the Active Directory (AD) content. Both servers should be running the same version of server OS ( e.g. both servers are 2008 R2). It might work if they are not, but ...

Try this out:

1. Join the new server to the same domain of the GC server
2. On the existing GC open up a Command Prompt using "Run as Administrator"
3. Run the NTDSUTIL command
4. Type in "activate instance ntds"
5. Type in "ifm" for "Install from Media"
6. Create a folder called "NTDSrestore" at the root of the GC's C:\ drive
7. Type in "create sysvol full c:\NTDSrestore" This will backup all the AD stuff and the SYSVOL folder (leave out the "sysvol" part of the command, if you don't have Server 2008 R2). Go stretch your legs, this will take 10+ minutes to complete
8. Type "quit" twice
9. On the new server, create a "NTDSrestore" folder at the root of C:\
10. Assuming you have a VPN between the two sites, use Robocopy to move the files from the GC to the new server.
11. robocopy /E /COPYALL c:\NTDSrestore \\newservername\c$\NTDSretore (IP address works as well).  Time this will take depends on bandwidth.
12. When the data transfer finishes, complete the "Install From Media" method for promoting the new domain controller.
13. Run DCPROMO, select the Advanced option.
14. At the "Install from Media" screen, select "Replicate data from media at the following location"
15. Find something to do while the wizard completes.
16. Celebrate!