I'm not sure what I am doing wrong here. In my test lab I have two physical boxes, each runs a 2012 R2 domain controller VM. One is DC1 and the other is DC2. I have moved FSMO rolls to the following: schema master and domain naming master are
on DC1. PDC, RID and Infrastructure master are on DC2. They have static ipv4 addresses configured as such.
DC1
IP:10.0.0.30
SNM:255.255.255.0
GW:10.0.0.1
DNS: P-127.0.0.1
Alt-10.0.0.31
DC2
IP: 10.0.0.31
SNM:255.255.255.0
GW:10.0.0.1
DNS: P-10.0.0.30
Alt-127.0.0.1
All machines have an IPv6 address via the DHCPv6 server on my pfsense box which has a tunneled IPv6 address through hurricane electric. They all can pass the IPv6 test pages. On all my computers I noticed that looking at the network connection
details the IPv6 DFGW has the address of fe80::xxxxxxxxxxxxx. Im not sure if this has any significance at all so i'm just including it. As well as the IPv6 DNS servers are set to ::1
The DNS servers on DC1 and DC2 are each configured with forwarders. Both DNS servers forwarders are set to 10.0.0.1, 2001:20:470::2, which is the hurricane electric IPv6 DNS server, and two google DNS servers 8.8.8.8 and 8.8.4.4. Running an nslookup
for google.com on the domain controllers yields the following results
server: unknown
address: ::1
non-authoritative answer:
name: google.com
addresses: 2607:f8b0:4009:801::1003
74.125.225.72
74.X
74.X
and so on..
Running nslookup for google.com on any other client computer yields the following results:
DNS request timed out
Timeout was 2 seconds
Server: unknown
address: 2001:470:20::2
DNS Requst timed out
timeout was 2 seconds
DNS Requst timed out
timeout was 2 seconds
DNS Requst timed out
timeout was 2 seconds
DNS Requst timed out
timeout was 2 seconds
***request to unknown timed-out***
Now each computer passes IPv6 tests and has no issues on the internet so i'm not sure why that's what i get when doing an nslookup on the clients when the domain controllers appear to lookup fine.
Now that you know my configuration getting to my issue/s at hand. I seem to be having replication issues. When I open GPMC and click on my domain and then on the status tab click detect now it comes back under the status details 1 domain controller
with replication in progress. It has listed next to it SysVol Inaccessible.
What am I doing wrong? Why is it inaccessible causing replication issues which I first noticed with GPOs not applying? I only have a few test GPOs.
One other thing I noticed is when you click change and select a new baseline DC the IP for DC1 is a DHCP IPv6 address while DC2 has fe80::xxxxxxxx for its IP address. They both have the same number of GPOs. It would appear that they are replicating
or at least I think since I created a blank GPO on DC2 and it immediately showed up on DC1 and vise versa. When I do a gpupdate on a client i get the computer policy could not be updated successfully. The user policy was successful.
Running gpreport on the client results in under the computer policy 2 errors detected, a fast link detected and the following GPOs have special alerts which lists a few and next to them says AD / SysVol Version Mismatch. Clicking on the 2 errors I
get event ID 1096 and 7016.
The results under the user policy are no errors detected, a fast link detected, and one GPO has special alerts which is the same AD / SysVol Version Mismatch
Thanks!