DFSR failed to contact domain controller

Similar Messages

• DFS Replication failed to contact Domain Controller.....

  I have seen this error since the inception of this stand alone AD PDC instance of Windows server 2012 R2 Essentials. I understand that Essentials does not support other Domain Controllers ; Member servers ; or trust between Domains of any kind. I also
  understand that DSF Replication is a service that replicates files between other servers and other domain servers that Essentials dose not want to talk to.
  So my question is why am I seeing this DFSR error 1202  in my event log, if Essentials does not support communication to other servers and domain servers? Maybe a better question is why does Essentials even try to implement this
  service? Do I even need to try to resolve this issue or should I just disable it and move on? 
  Contents of Error:
  Log Name:      DFS Replication
  Source:        DFSR
  Date:          2/6/2014 1:57:57 PM
  Event ID:      1202
  Task Category: None
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      Hxxx2.xxxxxxxxxxxxx.local
  Description:
  The DFS Replication service failed to contact domain controller  to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused
  by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
  Additional Information:
  Error: 160 (One or more arguments are not correct.)
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="DFSR" />
      <EventID Qualifiers="49152">1202</EventID>
      <Level>2</Level>
      <Task>0</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2014-02-06T19:57:57.000000000Z" />
      <EventRecordID>194</EventRecordID>
      <Channel>DFS Replication</Channel>
      <Computer>Hxxx2.Hxxxxxxxxxxxxx.local</Computer>
      <Security />
    </System>
    <EventData>
      <Data>
      </Data>
      <Data>60</Data>
      <Data>160</Data>
      <Data>One or more arguments are not correct.</Data>
    </EventData>
  </Event>

  Hi, 
  Did you mean that you did not configure a DFS server in the new DC but you get the DFSR error 1202 in your event log? Then the issue is not related to the existing SBS domain. 
  Please try to turn off the Windows Firewall to check if it causes the issue. You could also refer to the articles below to troubleshoot the issue:
  Newly Promoted Win2K8 DC is not advertising as Domain Controller.
  http://blogs.technet.com/b/niraj_kumar/archive/2009/04/23/newly-promoted-win2k8-dc-is-not-advertising-as-domain-controller.aspx
  Restrictions for Unauthenticated RPC Clients: The group policy that punches your domain in the face
  https://blogs.technet.com/b/askds/archive/2011/04/08/restrictions-for-unauthenticated-rpc-clients-the-group-policy-that-punches-your-domain-in-the-face.aspx
  Regards, 
  Mandy
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• DFSR Replication Event ID 1202 The DFS Replication service failed to contact domain controller Additional Information: Error: 160 (One or more arguments are not correct.)

  Hi,
  hummmm...
  The client had 1 Server with AD and All Apps, IIS, Terminal Servers (30 device Cal), File Server, SQL2008R2 on it
  Task: Install new AD server promote it to DC,  bring in 2nd server, Replicate the File Server (DFSR) on these 2 servers, and demote it to standard server. 
  1) Old AD with name "Server" with OS-2008R2 SP1 and is a DC.
  2) Brought in a new server "PrimaryAD", Installed 2008R2, done DC Promo, and added it as Additional Domain controller
  3) Transferred roles from old server "Server" to "PrimaryAD"
  4) Brought in a new File Server replicating server "Backup-Server"
  5) Copied all the data from Server to Backup-server as DFS initial file sync with robocopy
  6) here the problem started, after the copy finished, next morning the "Server" server crashed.....
  7) thank god the data was backed up on Backup-server. but we didnt get the time to Demote the server "Server" and remove AD from it.
  8) Since AD was replicated so "PrimaryAD" was are DC, brought 2nd Server "SecondaryDC" as additional domain controller.
  9) we cleaned up the metadata and used ASIEDIT to clean the remaining stuff.
  10) the "Server" server was formatted and renamed as "Primary-Server" and OS2008R2 SP1 was installed with rest of required apps
  11) so now the PrimaryAD the DC, SecondaryAD the Additional Domain controller, Primary-Server the mail server and File server, the Backup-server, the replicated server.
  Now configured DFS Replication from Primary-Server to Backup-server and receive following Event ID 1202
  If i Configure DFS Replication as follows
  PrimaryAD <<>> SecondaryAD -= Works... no errors...
  PrimaryAD <<>> Backup-Server = Creates but Dosent works Event ID 5012, error The DFS Replication service failed to communicate with partner BACKUP-SERVER, Additional Information: Error: 9026 (The connection is invalid)
  PrimaryAD <<>> Primary-Server = Dosent creates replication job just hangs,
  on primaryad continious Eveni ID 10009, DCOM was unable to communicate with the computer "SERVER" using any of the configured protocols
  ......something on PrimaryAD is still trying to connect to old corrupt AD server "Server"
  No errors with AD replication, SYSVOL & Netlogon shares also working fine and accessible.
  DFS Diagnose report says
  DNS name: backup-server.mydomain.com
  Domain name: mydomain.COM
  Reference domain controller: --           (HERE there is NO DOMAIN CONTROLLER mentioned) 
  IP address: 192.168.1.248,192.168.1.251,::1
  Site: Default-First-Site-Name
  Forgot to mention, gave full rights with ADSIEDIT to DFSR-LocalSettings  for all server to Administrator and read permissions to "Authenticated Users"
  DFSRDIAG POLLAD throws following error
  c:\Dfsrdiag pollad /verbose
  [INFO] Computer Name: BACKUP-SERVER
  [INFO] Computer DNS: Backup-Server.mydomain.COM
  [INFO] Domain Name: mydomain
  [INFO] Domain DNS: mydomain.COM
  [INFO] Site Name: Default-First-Site-Name
  [INFO] Connected to WMI services on computer: Backup-Server.mydomain.COM
  [INFO] Invoke PollDsNow() method on Backup-Server.mydomain.COM
  [ERROR] PollDsNow method executed unsuccessfully. ReturnValue: 12 (0xc)
  [ERROR] Failed to execute PollAD command Err: -2147217407 (0x80041001)
  Can anyone point me to any direction which can lead to resolution of this ERROR and make DFS_R work..
  Thanks
  bikram

  Hi,
  It seems that DCPROMO did its work without complaints, still the DFSR references remained in AD. You could refer to the article below to clean up the DFS Replication object.
  How to remove data in Active Directory after an unsuccessful domain controller demotion
  http://support.microsoft.com/kb/216498
  In additional, please refer to the following thread to troubleshoot the issue:
  DFS is not working anymore.
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/953be9ef-e9e3-4885-a5c4-47fc475ba562/dfs-is-not-working-anymore?forum=winserverfiles
  Regards,
  Mandy
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• SharePoint 2013 - Word Automation Services - Conversion fails ErrorCode 10 - Domain Controller on same (development) server as SharePoint

  I have code attached below, running inside SharePoint (in a page), used to convert .docx document to .pdf using Word Automation Services.
  SPFile inputWordFile = ##CODE THAT RETRIEVE THE SPFile ##
  using (Stream inputWordStream = inputWordFile.OpenBinaryStream())
     using (MemoryStream outputPdfStream = new MemoryStream())
  SyncConverter sc = new SyncConverter(wordAutomationServiceName);
  sc.UserToken = web.CurrentUser.UserToken;
  sc.Settings.UpdateFields = true;
  sc.Settings.OutputFormat = SaveFormat.PDF;
  ConversionItemInfo info = sc.Convert(inputWordStream, outputPdfStream);
  if (info.Succeeded)
  What happens is that the conversion fails. errorCode is 10.
  What I came to, is that this is related to the Domain Controller being installed on the same machine.
  I have examinated and excluded all several other possible issues (memory resources, etc.).
  What I had undestood as far, is that the problem is that "the
  converter is executed in the context of a very unprivileged local account, and there are no local accounts on DCs"
  Is this a KNOWN ISSUE?
  Is there a workaround for development enviroment having DC+SQL+VisualStudio+SharePoint on the same machine?

  Hi,
  It is recommended to try the code demo in this documentation below in a Console Application to see if it can work in your environment:
  http://msdn.microsoft.com/en-us/library/office/ff181518(v=office.14).aspx
  If it still can’t work, you can restart the Word Automation Services in SharePoint Central Administration in case it is a service issue.
  Feel free to reply with the test result if the issue still exists.
  Thanks
  Patrick Liang
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Patrick Liang
  TechNet Community Support

• Only contact Domain Controller when on a particular network

  As per subject, I have a laptop joined to a domain and logging on is slow when outside the network. Obviously it is trying to contact the domain contoller but fails. Can we set it to immediately use the last saved password when not within the network?

  That might be the reason.
  but as you could logon it, the cached info is worked here. the logon is slow might caused by the mapped drives. and disable the always wait ..policy should fit this, which is not recommended when mapped drive is in use.
  Run Xperf to take a check with the slow logon process.
  http://blogs.technet.com/b/yongrhee/archive/2013/10/15/tool-windows-performance-toolkit-xperf-wprui-and-wpr-updated-version-as-of-aug-2013.aspx
  Rgds

• Rebuilding Domain controller & Transport Routes after system refresh

  I have refreshed Dev from Prdn, now my domain controller only shows single system
  I have documentation but, it is confusing to me how to have QAS and Prdn join the domain controller again and show the domain as a three tier system
  When I log into QAS and Prdn I still see the old 3 tier system including the domain and the other systems.
  Please advise
  maria
  Edited by: Maria Graziano on Mar 27, 2008 3:53 PM

  You don't perform backup of domain controller.
  You only designate in STMS one of servers as "Backup Domain Controller"
  when Primary  controller fails than "Backup domain Controller" takes his role and becomes a primary.
  So action to refresh domain controller is:
  1. Designate one of servers as backup domain controller
  2. Backup transport directory if it is on refreshed server (just in case)
  3. Switch backup controller to become primary
  4. Refresh primary system
  5. Join refreshed system to domain
  6. Switch back primary function to refreshed server
  Regards,
  Wojtek

• The processing of Group Policy failed because of lack of network connectivity to a domain controller

  We are setting up a new AD environment  with one AD/DC running DNS services,  and a secondary DNS server configured with secondary zone. The problem is that none of the machines in the the domain are getting GPO.
  When I run a gpupdate /force from a machine, I get the following output:
  "Updating Policy...
  User Policy update has completed successfully.
  Computer policy could not be updated successfully. The following errors were enc
  ountered:
  The processing of Group Policy failed because of lack of network connectivity to
   a domain controller. This may be a transient condition. A success message would
   be generated once the machine gets connected to the domain controller and Group
   Policy has succesfully processed. If you do not see a success message for sever
  al hours, then contact your administrator.
  To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
  rom the command line to access information about Group Policy results."
  While the system event log outputs the following:
  "The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy
  has succesfully processed. If you do not see a success message for several hours, then contact your administrator." 
  All the machines that were joined to the domain are able to resolve in forward and reverse lookups, ping the DC and ping each other so  I dont understand how the error can be resolved.
  Here are few things I have tried:
  1. I came across this KB which checked ok for me: http://support.microsoft.com/kb/241515
  2. Made a copy of the default GPO, applied to a OU with one machine, and made sure to remove any GPO links from above
  3. Enabled the following  two local Group policies on a test member:
  GP slow link detection
  Startup policy processing wait time
  4. Modified firewall to allow everything on both member and DC
  5. Verified DSN logs, SRV records, access to sysvol ( added authenticated users to sysvol)
  I have yet to figure out the reason for this issue. Has anyone seen anything like this before?

  1. I checked the NIC, it only has one IP. and I followed your article. I set the primary DNS to its own IP and the secondary DNS to the loopback ip
  2. This is a new DC and DNS server. I dont have old records yet. I also check the DNS event logs. No errors
  3. I made sure the member server is pointing only to the only DC/DNS server
  4. Here is the output from the dcdiag....  everything passed except, the Netlogons part. I'm not sure what means or how to fix it yet:
        Starting test: NetLogons
           * Warning BUILTIN\Administrators did not have the "Access this
           computer
           "*   from network" right.
           [hostname] An net use or LsaPolicy operation failed with error
           1, Incorrect function..
           ......................... hostname failed test NetLogons
  Complete output:
  > hostname
  Server:  hostname.domain.local
  Address:  X.X.X.95
  > ^C
  C:\Windows\system32>
  C:\Windows\system32>nslookup
  > set type=all
  >
  >
  >
  > _ldap._tcp.dc._msdcs.domainname
  _ldap._tcp.dc._msdcs.domain.local SRV service location:
            priority       = 0
            weight         = 100
            port           = 389
            svr hostname   = hostname.domain.local
  hostname.domain.local      internet address = X.X.X.95
  > ^C
  C:\Windows\system32>cd ..
  C:\Windows>cd SYSVOL
  C:\Windows\SYSVOL>cd sysvol
  C:\Windows\SYSVOL\sysvol>dir
   Volume in drive C has no label.
   Volume Serial Number is F624-CDB2
   Directory of C:\Windows\SYSVOL\sysvol
  10/29/2014  08:25 PM    <DIR>          .
  10/29/2014  08:25 PM    <DIR>          ..
  10/29/2014  08:25 PM    <JUNCTION>     domain.local [C:\Windows\SYSVOL\domain]
                 0 File(s)              0 bytes
                 3 Dir(s)  63,971,037,184 bytes free
  C:\Windows\SYSVOL\sysvol>dcdiag
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     Home Server = hostname
     * Identified AD Forest.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\hostname
        Starting test: Connectivity
           ......................... hostname passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\hostname
        Starting test: Advertising
           ......................... hostname passed test Advertising
        Starting test: FrsEvent
           ......................... hostname passed test FrsEvent
        Starting test: DFSREvent
           ......................... hostname passed test DFSREvent
        Starting test: SysVolCheck
           ......................... hostname passed test SysVolCheck
        Starting test: KccEvent
           ......................... hostname passed test KccEvent
        Starting test: KnowsOfRoleHolders
           ......................... hostname passed test
           KnowsOfRoleHolders
        Starting test: MachineAccount
           ......................... hostname passed test MachineAccount
        Starting test: NCSecDesc
           ......................... hostname passed test NCSecDesc
        Starting test: NetLogons
           * Warning BUILTIN\Administrators did not have the "Access this
           computer
           "*   from network" right.
           [hostname] An net use or LsaPolicy operation failed with error
           1, Incorrect function..
           ......................... hostname failed test NetLogons
        Starting test: ObjectsReplicated
           ......................... hostname passed test
           ObjectsReplicated
        Starting test: Replications
           ......................... hostname passed test Replications
        Starting test: RidManager
           ......................... hostname passed test RidManager
        Starting test: Services
           ......................... hostname passed test Services
        Starting test: SystemLog
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/04/2015   18:23:06
              Event String:
              Name resolution for the name ctldl.windowsupdate.com timed out after
   none of the configured DNS servers responded.
           ......................... hostname passed test SystemLog
        Starting test: VerifyReferences
           ......................... hostname passed test VerifyReferences
     Running partition tests on : ForestDnsZones
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test
           CrossRefValidation
     Running partition tests on : DomainDnsZones
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test
           CrossRefValidation
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : emcdsm
        Starting test: CheckSDRefDom
           ......................... emcdsm passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... emcdsm passed test CrossRefValidation
     Running enterprise tests on : domain.local
        Starting test: LocatorCheck
           ......................... domain.local passed test LocatorCheck
        Starting test: Intersite
           ......................... domain.local passed test Intersite
  C:\Windows\SYSVOL\sysvol>

• Error determining whether the target server is already a domain controller: Failed to open the runspace pool

  Hi there , i already have some others DC running w2k12 R2 on the env, but when i was promoting another new DC running w2k12 R2 on the middle of the AD sync , the server encounter an error and rebooted it self ; after the server came back online , it keep
  saying that a configuration is required for AD Domain Services , like the step when you are about to promote the server , but when you try to promote it , the error "Error determining whether the target server is already a domain controller: Failed
  to open the runspace pool. The server manager winrm plug-in might be corrupted or missing."

  Hi,
  Thanks for your post.
  Please waitting for the replication is finished and rerun the domain prep command  to check the result.
  Regards.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Group MSA account fail when Domain Controller in Test Domain Fails to start KdsSvc. Event ID 7023

  Yesterday, in my test domain, I created the KDS root key using the Add-KdsRootKey –EffectiveTime ((get-date).addhours(-10))
  command on a DC that is not the PDC Emulator because it was the server I was on at the time.  Today, when I tried to create gMSA accounts on the PDC emulator, I get:
  Event ID 7023 The Microsoft Key Distribution Service terminated with the following error: An Exception occurred in the service when handling the control request
  I turned on logging on to the KdsSvc and get 2 other errors:
  KdsSvc Event ID 4001: Group Key Distribution Service failed to start. Status 0x80070020
  KdsSvc Event ID 4007: Group Key Distribution Service cannot connect to the domain controller on local host.  Status 0x80070020.  Group Key Distribution Service cannot be started because of the error.  Please contact the administrator to resolve
  the issue.
  I took the opportunity to clean up AD, the Schema, and DNS, but the kds errors continues.  I am replicating successfully, DNS changes are reflected immediately, and when I run the get-KDSRootKey on the failing server, the key is returned.  The
  Get-KdsConfiguration matches the KDS config on the DC that originally ran to create the key.
  I have a pretty strict GPO pushed to my DCs but I am still able to create gMSAs on the other server.  I checked ADS&S and found the msKds-ProvRootKey so I know it is at the domain level, but there is so little documentation on the KdsSvc that I
  am not sure if it is working as planned.  I have tried unassigning several GPO configuration items but I am throwing darts at this point.  I have also uninstalled McAfee AV; IDS/IPS; Firewall.
  With that said, I have questions:
  Will gMSAs still work even though the domain pdc emulator cannot start the service?
  Is the KdsSvc supposed to start only on the server Add-KDSRootKey was originally created?
  What happens if the server the KdsSvc key was created fails and has to be removed from the domain?
  Is there any books or configuration items I can review to learn the KdsSvc better?
  Env:
  Windows Standard Server 2012 R2 x64
  Active Directory 2012 R2 Schema Updated from Windows 2008 R2
  All FSMO roles are on the PDC Emulator which is a Windows 2012 R2 DC
  DCDiag returns no errors or test failures
  Repadmin returns clean results (/showreps & /replsum)
  Windows 2008 R2 Root CA hierarchy (not DCs)
  W32tm services are running with less than 6/10's of a ms difference among the domain.

  Hi,
  For Windows Server 2012, the Windows PowerShell cmdlets default to managing the group Managed Service Accounts instead of the original standalone Managed
  Service Accounts.
  New-ADServiceAccount -name <ServiceAccountName> -DNSHostName <fqdn> -PrincipalsAllowedToRetrieveManagedPassword <group>
  -ServicePrincipalNames <SPN1,SPN2,…>
  Did you use the command abouve?
  Here is a good bolg:
  Windows Server 2012: Group Managed Service Accounts
  http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx
  Hope this helps.

• Group Policy Management Console Failes to open when one Domain Controller is powered down

  Hi All,
  This was an accidental discovery, but here's my dilemma. I have a site with 2 domain controllers(Windows 2008 R2), and if I shut down my second domain controller, when I try to open the Group Policy Management  Console on the 1st domain controller,
  it fails to open and I get the following error, "The specified domain either does not exist or could not be contacted" with 3 options to "retry", "choose another domain controller", or remove.   If I go to chose another domain
  controller and select the 1st domain controller it still fails.  Unless the 2nd DC is turned on, I have no issues opening the GP management console. Not sure, why this is happening, I've done it in the pass without issue.
  Any help would be appreciated.
  Thanks

  Well it seems that some how the PDC emulator is set to be the 2nd DC instead of the 1st DC on the 1st DC which explains why the failure after the 2nd DC went down. Why or should I say how could the PDC get switched from the primary DC without human intervention.
  Does the PDC automatically switch for any reason?

• Hyper-V host fails with "RPC Server unavailable" error when I try to promote Windows Server in virtual machine to a domain controller

  Host: Windows Server 2012 R2 with Hyper-V and RRAS (for Internet over NAT)
  VM: Windows Server 2012 R2 with installed Active Directory Domain Services
  When I open AD DS configuration window (“promote this server to a domain controller”) many services and programs on my host (include Hyper-V, RRAS & Server Manager) fails with RPC Server unavailable error.

  Hello Aleksandr,
  There wasn't any configuration information, ipconfig /all, network setup, etc. So it's difficult to tell.
  More importantly, are you trying to promote the host server? If yes, that is not advised, for one, because it's a Hyper-V server, (not suggested at all), and two, RRAS is installed. RRAS is problematic with any domain controller because it turns it into
  a multihomed domain controller.
  Active Directory communication fails on multihomed domain controllers
  http://support.microsoft.com/kb/272294/
  Multihomed DCs (with more than one unteamed NIC or multiple IPs) with DNS, RRAS, iSCSI, Clustering interfaces, management interfaces, backup interfaces, and/or PPPoE adapters - A multihomed DC is not a recommended configuration, however there are ways to
  configure a DC with registry mods:
  http://blogs.msmvps.com/acefekay/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters/
  7 Reasons not to Make Hyper-V a Domain Controller
  http://www.altaro.com/hyper-v/reasons-not-to-make-hyper-v-a-domain-controller/
  Domain Controller as Hyper-V host
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/4ff14bec-a815-473b-8d2a-33e91e17197b/domain-controller-as-hyperv-host?forum=winserverhyperv
  Networking?
  I don't know how your networking is setup, whether there are multiple NICs on the host server, if they are teamed, if you have the host interface set to allow the operating system to share administration, or if there are separate interfaces for each. Can
  the host OS ping/communicate with the DC virtual machine?
  If there are more than one NIC, you have the choice to team the NICs and share the Teamed NICs for the Hyper-V OS and the VMs, or keep them separate where one is devoted for the Hyper-V OS, and one for the VMs.
  Hyper-V Server VLAN Network Configuration
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/0aa71d2a-ebf9-4a3e-bbf5-94db55339fa2/hyperv-server-vlan-network-configuration?forum=winserverhyperv 
  Recommendation:
  Why not just create another VM DC?
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• Active Directory domain controller could not be contacted

  Hello
  Help please.
  I am trying to add a new server (2008) to domain 'bridgelimited.local' - only one DC (2003) doing everything at the moment. The plan is to add the new server, then move everything over from the old machine, then retire/upgrade the old machine and use as a backup.
  I am currently trying to dcpromo on the new machine but I get the following error:
  The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain bridgelimited.local:
  The error was: "DNS name does not exist."
  (error code 0x0000232B RCODE_NAME_ERROR)
  The query was for the SRV record for _ldap._tcp.dc._msdcs.bridgelimited.local
  Common causes of this error include the following:
  - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
  212.50.160.100
  196.168.16.2
  - One or more of the following zones do not include delegation to its child zone:
  bridgelimited.local
  local
  . (the root zone)
  For information about correcting this problem, click Help.
  192.168.16.2 is IP address for the DC.
  Any help would be grately appreciated.
  Kind Regards
  Richard

  Managed to get the DCDIAG
  Here goes (I know my harddisk is failing - that's why I am desperate to get everything shifted to the new server).
  Domain Controller Diagnosis
  Performing initial setup:
     * Verifying that the local machine bridgeserver, is a DC.
     * Connecting to directory service on server bridgeserver.
     * Collecting site info.
     * Identifying all servers.
     * Identifying all NC cross-refs.
     * Found 1 DC(s). Testing 1 of them.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\BRIDGESERVER
        Starting test: Connectivity
           * Active Directory LDAP Services Check
           * Active Directory RPC Services Check
           ......................... BRIDGESERVER passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\BRIDGESERVER
        Starting test: Replications
           * Replications Check
           * Replication Latency Check
              DC=ForestDnsZones,DC=BridgeLimited,DC=local
                 Latency information for 2 entries in the vector were ignored.
                    2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
              DC=DomainDnsZones,DC=BridgeLimited,DC=local
                 Latency information for 2 entries in the vector were ignored.
                    2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
              CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local
                 Latency information for 2 entries in the vector were ignored.
                    2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
              CN=Configuration,DC=BridgeLimited,DC=local
                 Latency information for 2 entries in the vector were ignored.
                    2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
              DC=BridgeLimited,DC=local
                 Latency information for 2 entries in the vector were ignored.
                    2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
           * Replication Site Latency Check
           ......................... BRIDGESERVER passed test Replications
        Starting test: Topology
           * Configuration Topology Integrity Check
           * Analyzing the connection topology for DC=ForestDnsZones,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the connection topology for DC=DomainDnsZones,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the connection topology for CN=Configuration,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the connection topology for DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           ......................... BRIDGESERVER passed test Topology
        Starting test: CutoffServers
           * Configuration Topology Aliveness Check
           * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the alive system replication topology for CN=Configuration,DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           * Analyzing the alive system replication topology for DC=BridgeLimited,DC=local.
           * Performing upstream (of target) analysis.
           * Performing downstream (of target) analysis.
           ......................... BRIDGESERVER passed test CutoffServers
        Starting test: NCSecDesc
           * Security Permissions Check for
             DC=ForestDnsZones,DC=BridgeLimited,DC=local
              (NDNC,Version 2)
           * Security Permissions Check for
             DC=DomainDnsZones,DC=BridgeLimited,DC=local
              (NDNC,Version 2)
           * Security Permissions Check for
             CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local
              (Schema,Version 2)
           * Security Permissions Check for
             CN=Configuration,DC=BridgeLimited,DC=local
              (Configuration,Version 2)
           * Security Permissions Check for
             DC=BridgeLimited,DC=local
              (Domain,Version 2)
           ......................... BRIDGESERVER passed test NCSecDesc
        Starting test: NetLogons
           * Network Logons Privileges Check
           ......................... BRIDGESERVER passed test NetLogons
        Starting test: Advertising
           The DC BRIDGESERVER is advertising itself as a DC and having a DS.
           The DC BRIDGESERVER is advertising as an LDAP server
           The DC BRIDGESERVER is advertising as having a writeable directory
           The DC BRIDGESERVER is advertising as a Key Distribution Center
           The DC BRIDGESERVER is advertising as a time server
           The DS BRIDGESERVER is advertising as a GC.
           ......................... BRIDGESERVER passed test Advertising
        Starting test: KnowsOfRoleHolders
           Role Schema Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           Role Domain Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           Role PDC Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           Role Rid Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           Role Infrastructure Update Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           ......................... BRIDGESERVER passed test KnowsOfRoleHolders
        Starting test: RidManager
           * Available RID Pool for the Domain is 2609 to 1073741823
           * bridgeserver.BridgeLimited.local is the RID Master
           * DsBind with RID Master was successful
           * rIDAllocationPool is 2109 to 2608
           * rIDPreviousAllocationPool is 2109 to 2608
           * rIDNextRID: 2121
           ......................... BRIDGESERVER passed test RidManager
        Starting test: MachineAccount
           * SPN found :LDAP/bridgeserver.BridgeLimited.local/BridgeLimited.local
           * SPN found :LDAP/bridgeserver.BridgeLimited.local
           * SPN found :LDAP/BRIDGESERVER
           * SPN found :LDAP/bridgeserver.BridgeLimited.local/BRIDGELIMITED
           * SPN found :LDAP/96d36b0b-a148-4c2f-b3d3-8c2ac83fcaf9._msdcs.BridgeLimited.local
           * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/96d36b0b-a148-4c2f-b3d3-8c2ac83fcaf9/BridgeLimited.local
           * SPN found :HOST/bridgeserver.BridgeLimited.local/BridgeLimited.local
           * SPN found :HOST/bridgeserver.BridgeLimited.local
           * SPN found :HOST/BRIDGESERVER
           * SPN found :HOST/bridgeserver.BridgeLimited.local/BRIDGELIMITED
           * SPN found :GC/bridgeserver.BridgeLimited.local/BridgeLimited.local
           ......................... BRIDGESERVER passed test MachineAccount
        Starting test: Services
           * Checking Service: Dnscache
           * Checking Service: NtFrs
           * Checking Service: IsmServ
              IsmServ Service is stopped on [BRIDGESERVER]
           * Checking Service: kdc
           * Checking Service: SamSs
           * Checking Service: LanmanServer
           * Checking Service: LanmanWorkstation
           * Checking Service: RpcSs
           * Checking Service: w32time
           * Checking Service: NETLOGON
           ......................... BRIDGESERVER failed test Services
        Starting test: OutboundSecureChannels
           * The Outbound Secure Channels test
           ** Did not run Outbound Secure Channels test
           because /testdomain: was not entered
           ......................... BRIDGESERVER passed test OutboundSecureChannels
        Starting test: ObjectsReplicated
           BRIDGESERVER is in domain DC=BridgeLimited,DC=local
           Checking for CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local in domain DC=BridgeLimited,DC=local on 1 servers
              Object is up-to-date on all servers.
           Checking for CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local in domain CN=Configuration,DC=BridgeLimited,DC=local on 1 servers
              Object is up-to-date on all servers.
           ......................... BRIDGESERVER passed test ObjectsReplicated
        Starting test: frssysvol
           * The File Replication Service SYSVOL ready test
           File Replication Service's SYSVOL is ready
           ......................... BRIDGESERVER passed test frssysvol
        Starting test: frsevent
           * The File Replication Service Event log test
           ......................... BRIDGESERVER passed test frsevent
        Starting test: kccevent
           * The KCC Event log test
           Found no KCC errors in Directory Service Event log in the last 15 minutes.
           ......................... BRIDGESERVER passed test kccevent
        Starting test: systemlog
           * The System Event log test
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:47:27
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:47:41
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:47:55
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:48:09
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:48:23
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:48:38
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:48:52
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:49:06
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:49:20
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:49:54
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:50:08
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:50:22
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:51:33
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:51:53
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:52:07
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:52:21
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:52:35
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:52:49
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:53:03
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:53:17
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:53:31
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   16:53:45
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:12:23
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:12:37
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:12:51
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:13:05
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:13:19
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:13:33
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:13:47
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:14:01
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:14:15
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:15:24
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:15:38
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:15:53
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:16:07
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:16:21
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:16:35
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:16:49
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:17:03
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           An Error Event occured.  EventID: 0xC0040075
              Time Generated: 09/10/2009   17:17:17
              Event String: The driver for device \Device\Scsi\hpt3xx1
  detected a port timeout due to prolonged
  inactivity. All associated busses were reset in
  an effort to clear the condition.
           ......................... BRIDGESERVER failed test systemlog
        Starting test: VerifyReplicas
           ......................... BRIDGESERVER passed test VerifyReplicas
        Starting test: VerifyReferences
           The system object reference (serverReference)
           CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local and
           backlink on
           CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           are correct.
           The system object reference (frsComputerReferenceBL)
           CN=BRIDGESERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=BridgeLimited,DC=local
           and backlink on
           CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local are
           correct.
           The system object reference (serverReferenceBL)
           CN=BRIDGESERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=BridgeLimited,DC=local
           and backlink on
           CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
           are correct.
           ......................... BRIDGESERVER passed test VerifyReferences
        Starting test: VerifyEnterpriseReferences
           ......................... BRIDGESERVER passed test VerifyEnterpriseReferences
     Running partition tests on : ForestDnsZones
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test CrossRefValidation
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
     Running partition tests on : DomainDnsZones
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test CrossRefValidation
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
     Running partition tests on : Schema
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
     Running partition tests on : Configuration
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
     Running partition tests on : BridgeLimited
        Starting test: CrossRefValidation
           ......................... BridgeLimited passed test CrossRefValidation
        Starting test: CheckSDRefDom
           ......................... BridgeLimited passed test CheckSDRefDom
     Running enterprise tests on : BridgeLimited.local
        Starting test: Intersite
           Skipping site Default-First-Site-Name, this site is outside the scope
           provided by the command line arguments provided.
           ......................... BridgeLimited.local passed test Intersite
        Starting test: FsmoCheck
           GC Name: \\bridgeserver.BridgeLimited.local
           Locator Flags: 0xe00003fd
           PDC Name: \\bridgeserver.BridgeLimited.local
           Locator Flags: 0xe00003fd
           Time Server Name: \\bridgeserver.BridgeLimited.local
           Locator Flags: 0xe00003fd
           Preferred Time Server Name: \\bridgeserver.BridgeLimited.local
           Locator Flags: 0xe00003fd
           KDC Name: \\bridgeserver.BridgeLimited.local
           Locator Flags: 0xe00003fd
           ......................... BridgeLimited.local passed test FsmoCheck
  The only thing I can see (other then the HDD) is the
  IsmServ Service is stopped on [BRIDGESERVER]
  Hope you can help. Pretty please.
  Kind Regards
  Richard

• An attempt to resolve the DNS name of a domain controller in the domain being joined has failed.

  "An attempt to resolve the DNS name of a domain controller in the domain being joined has failed." 
  This is the error message I get whenever I try to connect to my servers domain which I just set up earlier today. I have read through a bunch of other threads on the same error message
  but each of them has had different solutions and none of them have helped me. 
  The one thing that I suspect is related to my problem is that I can't ping my domain on the W7 computer I'm trying to connect. I can ping the server, but not the domain. the domain
  i'm using is set up like "domain.local" . 
  Other things that might be relevant. 
  I'v already set up user accounts and a computer under the Server 2012 active domain administrator settings. 
  I'v port forwarded ports 80 and 443 on the server. 
  The server has a static IPv4 IP adress. I haven't done anything with IPv6 
  The W7 computer has a dynamic IP adress, but I don't think it changes. I believe my router is set up to keep it constant, not 100% sure though. 
  Thanks for any help with this, I'm pretty much out of ideas on this. 

  Hi ZachPrinz,
  Firstly, would you please let us know the outputs of ipconfig /all both of the clients and the DC.
  Also, if you run nslookup FQDN of your DC from your clients, what will you receive?
  Meanwhile, regarding the issue, we can refer to
  the similar thread and see how it works.
  More information:
  Troubleshooting Domain Join Error Messages (en-US)
  Hope this helps.
  Jeremy Wu
  TechNet Community Support

• Windows 2012 Domain Controller: Failed to open the runspace pool. The Server Manager WinRM plug-in might be corrupted or missing

  Hi all,
  We have been battling a problem for the last couple of days when we try to add the first windows server 2012 DC to an already existing Domain.
  The Server installation goes smoothly and we can add the computer to the domain and its all green.
  After we promote the server to a domain controller the WinRM service starts acting up (not responding anymore).
  The server manager console shows Remote Management as disabled, and when we try to enable it via the console or Powershell it freezes up.
  The AD DS part of the console is saying that there are post-promotion tasks that need to be completed but once we click on the task it takes us to the promotion wizard again, that basically complains that: Failed to open the runspace pool. The Server Manager
  WinRM plug-in might be corrupted or missing.
  In the Remote Management Event log we see the following entry: "The client got a timeout from the network layer (ERROR_WINHTTP_TIMEOUT)" Event ID 138
  We are unable to do anything with the server (demote, add roles, remotely manage...). We tryed the following already:
  1. Recreate from scratch
  2. Checking the GPOs to see if there is anything setup about RM -> came up with nothing
  We just ran out of ideas so HELP PLEASE !
  BR
  Tomaz Praprotnik

  Hi Cicely,
  Yes the error from the Windows Remote Management event log contains (I took out the User and FQDN of the Computer):
  Log Name:      Microsoft-Windows-WinRM/Operational
  Source:        Microsoft-Windows-WinRM
  Date:          3/29/2013 1:38:53 PM
  Event ID:      138
  Task Category: Response handling
  Level:         Error
  Keywords:      Client
  User:         
  Computer:     
  Description:
  The client got a timeout from the network layer (ERROR_WINHTTP_TIMEOUT)
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-WinRM" Guid="{A7975C8F-AC13-49F1-87DA-5A984A4AB417}" />
      <EventID>138</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>10</Task>
      <Opcode>0</Opcode>
      <Keywords>0x4000000000000002</Keywords>
      <TimeCreated SystemTime="2013-03-29T12:38:53.786357100Z" />
      <EventRecordID>6876</EventRecordID>
      <Correlation ActivityID="{18FCFBD2-2B38-0003-D261-FD18382BCE01}" />
      <Execution ProcessID="1084" ThreadID="2924" />
      <Channel>Microsoft-Windows-WinRM/Operational</Channel>
      <Computer></Computer>
      <Security UserID="" />
    </System>
    <EventData>
    </EventData>
  </Event>
  There is also another entry that sometimes comes up:
  Log Name:      Microsoft-Windows-WinRM/Operational
  Source:        Microsoft-Windows-WinRM
  Date:          3/29/2013 1:36:34 PM
  Event ID:      142
  Task Category: Response handling
  Level:         Error
  Keywords:      Client
  User:         
  Computer:     
  Description:
  WSMan operation Invoke failed, error code 2150859046
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-WinRM" Guid="{A7975C8F-AC13-49F1-87DA-5A984A4AB417}" />
      <EventID>142</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>10</Task>
      <Opcode>2</Opcode>
      <Keywords>0x4000000000000002</Keywords>
      <TimeCreated SystemTime="2013-03-29T12:36:34.076973400Z" />
      <EventRecordID>6869</EventRecordID>
      <Correlation ActivityID="{18FCFBD2-2B38-0001-F328-FD18382BCE01}" />
      <Execution ProcessID="4888" ThreadID="4392" />
      <Channel>Microsoft-Windows-WinRM/Operational</Channel>
      <Computer></Computer>
      <Security UserID="" />
    </System>
    <EventData>
      <Data Name="operationName">Invoke</Data>
      <Data Name="errorCode">2150859046</Data>
    </EventData>
  </Event>
  Best regards
  Tomaz Praprotnik

• The box indicating that this domain controller is the last controller for the domain is unchecked. However, no other Active Directory domain controllers for that domain can be contacted

  I have 2 domain controllers running 2003 server, server1 and server2. I ran dcpromo on server1 and removed AD and removed him from the domain and disconnected from network. I then added a 2012 server
  with the same name and IP address server1 with no problem. Replication from sites and services work fine on both controllers.
  The new 2012 server1 is GC. I transferred all FSMO roles to server1. Again no problem and replicating using sites and services. AD on server1 is populated correctly.
  Now what I had intended on doing was a dcpromo to remove server2 from the domain so I can then add another 2012 server. That is when I get the: "The box indicating that this domain controller is the last controller for the domain
   is unchecked. However, no other Active Directory domain controllers for that domain can be contacted.
  I have DNS installed on both servers and both look good with replicating there. Strange thing is when on the 2012 server within DNS if I right click and connect to another DNS server I can add server2 just fine but from server2 adding server1 it tells me it
  is not available.
  Help please!

  Hi,
  As there is server 2012 DC (SERVER1) DC is operational in a domain then "This domain controller is the last controller for the domain" should be remain unchecked when you demote SERVER2 DC. 
  If you are getting error "Active Directory domain controllers for that domain can be contacted" while demoting SERVER2 DC then check the DNS pointing on both as per below article, disable windows firewall on all DC, less possiblities but worth to check if both
  are different site then check the ports are open on firewall. 
  http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/
  http://technet.microsoft.com/en-us/library/cc766337(v=ws.10).aspx
  http://social.technet.microsoft.com/wiki/contents/articles/584.active-directory-replication-over-firewalls.aspx
  run “ipconfig /flushdns & ipconfig /registerdns“, restart DNS server and NETLOGON service on each DC and try to demote server2 DC.
  If issue reoccurs, post dcdiag /q result.
  NOTE: If initial replication was completed between both DC (new 2012 and old DC) then you may remove the server2 DC from Active Directory forcefully (DCPROMO /FORCEREMOVAL) and perform metadata cleanup.
  Active Directory Metadata Cleanup
  http://abhijitw.wordpress.com/2012/03/03/active-directory-metadata-cleanup/
  Best regards,
  Abhijit Waikar.
  MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
  Blog: http://abhijitw.wordpress.com
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.