Forum Discussion
DCs not replicating across VPN
I am at a loss here. I have looked at every CMD option I can find, verified DNS and cannot get my DCs replicating across the VPN. I don't understand how I was able to join the domain but now the connectivity is a problem. So here is my setup:
2 DCs in Site (my building)
2 DCs in Datacenter connected by IPSec VPN
I can ping the IP, the DNS name, the short name, and the domain from all DCs regardless of location.
I have verified on each DNS server that the name servers are correct and resolved.
I have run nltest, dcdiag, syncall, repadmin, etc.
The only error that keeps showing up in most commands is 1722 network error. RPC unavailable. Topology incomplete.
One oddity that I found was that on the DCs in the datacenter Sites and Services was missing one of the local DCs. I added it manually but there are no NTDS Settings for it.
I have flushed DNS, reregistered DNS, restarted the servers.
All Windows firewalls are set to ANY ANY for domain services.
My WAN firewalls are ANY ANY between the sites
I have no idea what to look for next. Please if anyone has ideas let me know.
Also I have already build new servers multiple times and this keeps happening.
4 Replies
Local server correctly locates FSMO roles on remote DC
C:\Users\administrator.CTGUSA>netdom query fsmo
Schema master CTG-CDC01.CTGUSA.local
Domain naming master CTG-CDC01.CTGUSA.local
PDC CTG-CDC01.CTGUSA.local
RID pool manager CTG-CDC01.CTGUSA.local
Infrastructure master CTG-CDC01.CTGUSA.local
The command completed successfully.DCDIAG /c /v
C:\Users\administrator.CTGUSA>dcdiag /c /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine CTG-DC-OP, is a Directory Server.
Home Server = CTG-DC-OP
* Connecting to directory service on server CTG-DC-OP.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=CTG-HQ,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=EIPWest,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CTG-CDC01-LV,CN=Servers,CN=EIPWest,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CTG-CDC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CTG-DC-OP,CN=Servers,CN=CTG-HQ,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 4 DC(s). Testing 1 of them.
Done gathering initial info.Doing initial required tests
Testing server: CTG-HQ\CTG-DC-OP
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... CTG-DC-OP passed test ConnectivityDoing primary tests
Testing server: CTG-HQ\CTG-DC-OP
Starting test: Advertising
The DC CTG-DC-OP is advertising itself as a DC and having a DS.
The DC CTG-DC-OP is advertising as an LDAP server
The DC CTG-DC-OP is advertising as having a writeable directory
The DC CTG-DC-OP is advertising as a Key Distribution Center
The DC CTG-DC-OP is advertising as a time server
The DS CTG-DC-OP is advertising as a GC.
......................... CTG-DC-OP passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CTG-DC-OP for domain CTGUSA.local in site CTG-HQ
Checking machine account for DC CTG-DC-OP on DC CTG-DC-OP.
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local/CTGUSA.local
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local
* SPN found :LDAP/CTG-DC-OP
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local/CTGUSA
* SPN found :LDAP/83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f._msdcs.CTGUSA.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f/CTGUSA.local
* SPN found :HOST/CTG-DC-OP.CTGUSA.local/CTGUSA.local
* SPN found :HOST/CTG-DC-OP.CTGUSA.local
* SPN found :HOST/CTG-DC-OP
* SPN found :HOST/CTG-DC-OP.CTGUSA.local/CTGUSA
* SPN found :GC/CTG-DC-OP.CTGUSA.local/CTGUSA.local
[CTG-DC-OP] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... CTG-DC-OP passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CTG-DC-OP passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... CTG-DC-OP passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
A warning event occurred. EventID: 0x80001396
Time Generated: 09/10/2025 13:24:36
Event String:
The DFS Replication service is stopping communication with partner CTG-DC2-OP for replication group Domain System Volume due to an error. The service will retry the connection periodically.Additional Information:
Error: 1723 (The RPC server is too busy to complete this operation.)
Connection ID: 84E257DC-06EE-49EB-A3DC-77DF620A4735
Replication Group ID: F0BC7AF8-27A3-4CD0-890E-9B9C525BD663
An error event occurred. EventID: 0xC000138A
Time Generated: 09/10/2025 13:24:50
Event String:
The DFS Replication service encountered an error communicating with partner CTG-DC2-OP for replication group Domain System Volume.Partner DNS address: CTG-DC2-OP.CTGUSA.local
Optional data if available:
Partner WINS Address: CTG-DC2-OP
Partner IP Address:The service will retry the connection periodically.
Additional Information:
Error: 1753 (There are no more endpoints available from the endpoint mapper.)
Connection ID: 84E257DC-06EE-49EB-A3DC-77DF620A4735
Replication Group ID: F0BC7AF8-27A3-4CD0-890E-9B9C525BD663
An error event occurred. EventID: 0xC0001390
Time Generated: 09/10/2025 13:33:25
Event String:
The DFS Replication service failed to communicate with partner CTG-CDC01-LV for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.Partner DNS Address: CTG-CDC01-LV.CTGUSA.local
Optional data if available:
Partner WINS Address: CTG-CDC01-LV
Partner IP Address:The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 700B2BE3-001A-48D9-90FB-46404495D9E2
Replication Group ID: F0BC7AF8-27A3-4CD0-890E-9B9C525BD663
An error event occurred. EventID: 0xC0001390
Time Generated: 09/10/2025 13:42:03
Event String:
The DFS Replication service failed to communicate with partner CTG-CDC01-LV for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.Partner DNS Address: CTG-CDC01-LV.CTGUSA.local
Optional data if available:
Partner WINS Address: CTG-CDC01-LV
Partner IP Address:The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 700B2BE3-001A-48D9-90FB-46404495D9E2
Replication Group ID: F0BC7AF8-27A3-4CD0-890E-9B9C525BD663
An error event occurred. EventID: 0xC0001390
Time Generated: 09/10/2025 13:57:10
Event String:
The DFS Replication service failed to communicate with partner CTG-CDC01-LV for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.Partner DNS Address: CTG-CDC01-LV.CTGUSA.local
Optional data if available:
Partner WINS Address: CTG-CDC01-LV
Partner IP Address:The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 700B2BE3-001A-48D9-90FB-46404495D9E2
Replication Group ID: F0BC7AF8-27A3-4CD0-890E-9B9C525BD663
......................... CTG-DC-OP failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CTG-DC-OP passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CTG-DC-OP passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
A warning event occurred. EventID: 0x80000785
Time Generated: 09/10/2025 14:00:01
Event String:
The attempt to establish a replication link for the following writable directory partition failed.Directory partition:
DC=CTGUSA,DC=local
Source directory service:
CN=NTDS Settings,CN=CTG-CDC01-LV,CN=Servers,CN=EIPWest,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Source directory service address:
71f61a84-ad32-44ea-8c59-8de3f9ee0ea8._msdcs.CTGUSA.local
Intersite transport (if any):
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=CTGUSA,DC=localThis directory service will be unable to replicate with the source directory service until this problem is corrected.
User Action
Verify if the source directory service is accessible or network connectivity is available.Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... CTG-DC-OP passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Role Domain Owner = CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Role PDC Owner = CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Role Rid Owner = CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CTG-CDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local
......................... CTG-DC-OP passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC CTG-DC-OP on DC CTG-DC-OP.
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local/CTGUSA.local
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local
* SPN found :LDAP/CTG-DC-OP
* SPN found :LDAP/CTG-DC-OP.CTGUSA.local/CTGUSA
* SPN found :LDAP/83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f._msdcs.CTGUSA.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f/CTGUSA.local
* SPN found :HOST/CTG-DC-OP.CTGUSA.local/CTGUSA.local
* SPN found :HOST/CTG-DC-OP.CTGUSA.local
* SPN found :HOST/CTG-DC-OP
* SPN found :HOST/CTG-DC-OP.CTGUSA.local/CTGUSA
* SPN found :GC/CTG-DC-OP.CTGUSA.local/CTGUSA.local
......................... CTG-DC-OP passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CTG-DC-OP.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=CTGUSA,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=CTGUSA,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=CTGUSA,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=CTGUSA,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=CTGUSA,DC=local
(Domain,Version 3)
......................... CTG-DC-OP passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CTG-DC-OP\netlogon
Verified share \\CTG-DC-OP\sysvol
......................... CTG-DC-OP passed test NetLogons
Starting test: ObjectsReplicated
CTG-DC-OP is in domain DC=CTGUSA,DC=local
Checking for CN=CTG-DC-OP,OU=Domain Controllers,DC=CTGUSA,DC=local in domain DC=CTGUSA,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CTG-DC-OP,CN=Servers,CN=CTG-HQ,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local in domain CN=Configuration,DC=CTGUSA,DC=local on 1 servers
Object is up-to-date on all servers.
......................... CTG-DC-OP passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
......................... CTG-DC-OP passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=CTGUSA,DC=local
Latency information for 13 entries in the vector were ignored.
13 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=CTGUSA,DC=local
Latency information for 13 entries in the vector were ignored.
13 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=CTGUSA,DC=local
Latency information for 13 entries in the vector were ignored.
13 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=CTGUSA,DC=local
Latency information for 13 entries in the vector were ignored.
13 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=CTGUSA,DC=local
Latency information for 13 entries in the vector were ignored.
13 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... CTG-DC-OP passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 19109 to 1073741823
* CTG-CDC01.CTGUSA.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 18609 to 19108
* rIDPreviousAllocationPool is 18609 to 19108
* rIDNextRID: 18611
......................... CTG-DC-OP passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CTG-DC-OP passed test Services
Starting test: SystemLog
* The System Event log test
An error event occurred. EventID: 0x0000272C
Time Generated: 09/10/2025 13:54:40
Event String:
DCOM was unable to communicate with the computer CTG-DC04.CTGUSA.local using any of the configured protocols; requested by PID ab8 (C:\Windows\system32\taskhostw.exe), while activating CLSID {D99E6E74-FC88-11D0-B498-00A0C90312F3}.
An error event occurred. EventID: 0x0000272C
Time Generated: 09/10/2025 14:05:33
Event String:
DCOM was unable to communicate with the computer 8.8.4.4 using any of the configured protocols; requested by PID 1640 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
An error event occurred. EventID: 0x0000272C
Time Generated: 09/10/2025 14:05:58
Event String:
DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID 1640 (C:\Windows\system32\dcdiag.exe), while activating CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.
......................... CTG-DC-OP failed test SystemLog
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=CTGUSA,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CTG-DC-OP passed test Topology
Starting test: VerifyEnterpriseReferences
......................... CTG-DC-OP passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=CTG-DC-OP,OU=Domain Controllers,DC=CTGUSA,DC=local and backlink on CN=CTG-DC-OP,CN=Servers,CN=CTG-HQ,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local are correct.
The system object reference (serverReferenceBL) CN=CTG-DC-OP,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=CTGUSA,DC=local and backlink on
CN=NTDS Settings,CN=CTG-DC-OP,CN=Servers,CN=CTG-HQ,CN=Sites,CN=Configuration,DC=CTGUSA,DC=local are correct.
The system object reference (msDFSR-ComputerReferenceBL) CN=CTG-DC-OP,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=CTGUSA,DC=local and backlink on CN=CTG-DC-OP,OU=Domain Controllers,DC=CTGUSA,DC=local
are correct.
......................... CTG-DC-OP passed test VerifyReferences
Starting test: VerifyReplicas
......................... CTG-DC-OP passed test VerifyReplicasStarting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... CTG-DC-OP passed test DNSRunning partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidationRunning partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidationRunning partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidationRunning partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidationRunning partition tests on : CTGUSA
Starting test: CheckSDRefDom
......................... CTGUSA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... CTGUSA passed test CrossRefValidationRunning enterprise tests on : CTGUSA.local
Starting test: DNS
Test results for domain controllers:DC: CTG-DC-OP.CTGUSA.local
Domain: CTGUSA.local
TEST: Authentication (Auth)
Authentication test: Successfully completedTEST: Basic (Basc)
The OS Microsoft Windows Server 2022 Standard (Service Pack level: 0.0) is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] Microsoft Hyper-V Network Adapter:
MAC address is 00:15:5D:0F:1E:02
IP Address is static
IP address: 192.168.15.4, fe80::4dcb:f905:c3a9:b1a7
DNS servers:
10.200.1.10 (CTG-CDC01) [Valid]
192.168.15.4 (CTG-DC-OP) [Valid]
127.0.0.1 (CTG-DC-OP) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not foundTEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
8.8.4.4 (<name unavailable>) [Valid]
8.8.8.8 (<name unavailable>) [Valid]TEST: Delegations (Del)
Delegation information for the zone: CTGUSA.local.
Delegated domain name: _msdcs.CTGUSA.local.
Error: DNS server: ctg-lv-dc01.ctgusa.local. IP:<Unavailable> [Missing glue A record]
[Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone CTGUSA.local
Warning: Failed to delete the test record dcdiag-test-record in zone CTGUSA.local
[Error details: 9505 (Type: Win32 - Description: Unsecured DNS packet.)]TEST: Records registration (RReg)
Network Adapter [00000001] Microsoft Hyper-V Network Adapter:
Matching CNAME record found at DNS server 10.200.1.10:
83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f._msdcs.CTGUSA.localMatching A record found at DNS server 10.200.1.10:
CTG-DC-OP.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.ed8c2143-be48-48b2-a9be-bd320a099a44.domains._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kerberos._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kerberos._tcp.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kerberos._udp.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kpasswd._tcp.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kerberos._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_kerberos._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.gc._msdcs.CTGUSA.localMatching A record found at DNS server 10.200.1.10:
gc._msdcs.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_gc._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 10.200.1.10:
_ldap._tcp.CTG-HQ._sites.gc._msdcs.CTGUSA.localMatching CNAME record found at DNS server 192.168.15.4:
83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f._msdcs.CTGUSA.localMatching A record found at DNS server 192.168.15.4:
CTG-DC-OP.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.ed8c2143-be48-48b2-a9be-bd320a099a44.domains._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._udp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kpasswd._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.gc._msdcs.CTGUSA.localMatching A record found at DNS server 192.168.15.4:
gc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_gc._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.gc._msdcs.CTGUSA.localMatching CNAME record found at DNS server 192.168.15.4:
83e0bfbf-1fa3-4015-851b-3b4b6fe3f69f._msdcs.CTGUSA.localMatching A record found at DNS server 192.168.15.4:
CTG-DC-OP.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.ed8c2143-be48-48b2-a9be-bd320a099a44.domains._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._udp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kpasswd._tcp.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.dc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_kerberos._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.gc._msdcs.CTGUSA.localMatching A record found at DNS server 192.168.15.4:
gc._msdcs.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_gc._tcp.CTG-HQ._sites.CTGUSA.localMatching SRV record found at DNS server 192.168.15.4:
_ldap._tcp.CTG-HQ._sites.gc._msdcs.CTGUSA.local
Summary of test results for DNS servers used by the above domain controllers:DNS server: 10.200.1.10 (CTG-CDC01)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registeredDNS server: 192.168.15.4 (CTG-DC-OP)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registeredDNS server: 8.8.4.4 (<name unavailable>)
All tests passed on this DNS serverDNS server: 8.8.8.8 (<name unavailable>)
All tests passed on this DNS serverSummary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: CTGUSA.local
CTG-DC-OP PASS PASS PASS FAIL WARN PASS n/a......................... CTGUSA.local failed test DNS
Starting test: LocatorCheck
GC Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
PDC Name: \\CTG-CDC01.CTGUSA.local
Locator Flags: 0xe003f17d
Time Server Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
Preferred Time Server Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
KDC Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
......................... CTGUSA.local passed test LocatorCheck
Starting test: FsmoCheck
GC Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
PDC Name: \\CTG-CDC01.CTGUSA.local
Locator Flags: 0xe003f17d
Time Server Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
Preferred Time Server Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
KDC Name: \\CTG-DC-OP.CTGUSA.local
Locator Flags: 0xe003f1fc
......................... CTGUSA.local passed test FsmoCheck
Starting test: Intersite
Skipping site CTG-HQ, this site is outside the scope provided by the command line arguments provided.
Skipping site EIPWest, this site is outside the scope provided by the command line arguments provided.
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided.
......................... CTGUSA.local passed test IntersiteI just tried to demote and remove all DC and DNS functions of the server. Reinstalled and during promo got this error:
The operation failed because:
Failed to identify the requested replica partner (CTG-CDC01.CTGUSA.local) as a valid domain controller with a machine account for (CTG-DC2-OP$). This is likely due to either the machine account not being replicated to this domain controller because of replication latency or the domain controller not advertising the Active Directory Domain Services. Please consider retrying the operation with \\CTG-DC-OP.CTGUSA.local as the replica partner.
"The server is unwilling to process the request."I can ping the server by IP and DNS name as well as the domain. But oddly I have one IP set as the primary DNS server for this server, but it's using a different server to ping the domain. Is this based on location?
I have also cleared the caches on all DNS servers
